1 2 SENDMAIL CONFIGURATION FILES 3 4 This document describes the sendmail configuration files. It 5 explains how to create a sendmail.cf file for use with sendmail. 6 It also describes how to set options for sendmail which are explained 7 in the Sendmail Installation and Operation guide, which can be found 8 on-line at http://www.sendmail.org/%7Eca/email/doc8.12/op.html . 9 Recall this URL throughout this document when references to 10 doc/op/op.* are made. 11 12 Table of Content: 13 14 INTRODUCTION AND EXAMPLE 15 A BRIEF INTRODUCTION TO M4 16 FILE LOCATIONS 17 OSTYPE 18 DOMAINS 19 MAILERS 20 FEATURES 21 HACKS 22 SITE CONFIGURATION 23 USING UUCP MAILERS 24 TWEAKING RULESETS 25 MASQUERADING AND RELAYING 26 USING LDAP FOR ALIASES, MAPS, AND CLASSES 27 LDAP ROUTING 28 ANTI-SPAM CONFIGURATION CONTROL 29 CONNECTION CONTROL 30 STARTTLS 31 ADDING NEW MAILERS OR RULESETS 32 ADDING NEW MAIL FILTERS 33 QUEUE GROUP DEFINITIONS 34 NON-SMTP BASED CONFIGURATIONS 35 WHO AM I? 36 ACCEPTING MAIL FOR MULTIPLE NAMES 37 USING MAILERTABLES 38 USING USERDB TO MAP FULL NAMES 39 MISCELLANEOUS SPECIAL FEATURES 40 SECURITY NOTES 41 TWEAKING CONFIGURATION OPTIONS 42 MESSAGE SUBMISSION PROGRAM 43 FORMAT OF FILES AND MAPS 44 DIRECTORY LAYOUT 45 ADMINISTRATIVE DETAILS 46 47 48 +--------------------------+ 49 | INTRODUCTION AND EXAMPLE | 50 +--------------------------+ 51 52 Configuration files are contained in the subdirectory "cf", with a 53 suffix ".mc". They must be run through "m4" to produce a ".cf" file. 54 You must pre-load "cf.m4": 55 56 m4 ${CFDIR}/m4/cf.m4 config.mc > config.cf 57 58 Alternatively, you can simply: 59 60 cd ${CFDIR}/cf 61 /usr/ccs/bin/make config.cf 62 63 where ${CFDIR} is the root of the cf directory and config.mc is the 64 name of your configuration file. If you are running a version of M4 65 that understands the __file__ builtin (versions of GNU m4 >= 0.75 do 66 this, but the versions distributed with 4.4BSD and derivatives do not) 67 or the -I flag (ditto), then ${CFDIR} can be in an arbitrary directory. 68 For "traditional" versions, ${CFDIR} ***MUST*** be "..", or you MUST 69 use -D_CF_DIR_=/path/to/cf/dir/ -- note the trailing slash! For example: 70 71 m4 -D_CF_DIR_=${CFDIR}/ ${CFDIR}/m4/cf.m4 config.mc > config.cf 72 73 Let's examine a typical .mc file: 74 75 divert(-1) 76 # 77 # Copyright (c) 1998-2005 Sendmail, Inc. and its suppliers. 78 # All rights reserved. 79 # Copyright (c) 1983 Eric P. Allman. All rights reserved. 80 # Copyright (c) 1988, 1993 81 # The Regents of the University of California. All rights reserved. 82 # 83 # By using this file, you agree to the terms and conditions set 84 # forth in the LICENSE file which can be found at the top level of 85 # the sendmail distribution. 86 # 87 88 # 89 # This is a Berkeley-specific configuration file for HP-UX 9.x. 90 # It applies only to the Computer Science Division at Berkeley, 91 # and should not be used elsewhere. It is provided on the sendmail 92 # distribution as a sample only. To create your own configuration 93 # file, create an appropriate domain file in ../domain, change the 94 # `DOMAIN' macro below to reference that file, and copy the result 95 # to a name of your own choosing. 96 # 97 divert(0) 98 99 The divert(-1) will delete the crud in the resulting output file. 100 The copyright notice can be replaced by whatever your lawyers require; 101 our lawyers require the one that is included in these files. A copyleft 102 is a copyright by another name. The divert(0) restores regular output. 103 104 VERSIONID(`<SCCS or RCS version id>') 105 106 VERSIONID is a macro that stuffs the version information into the 107 resulting file. You could use SCCS, RCS, CVS, something else, or 108 omit it completely. This is not the same as the version id included 109 in SMTP greeting messages -- this is defined in m4/version.m4. 110 111 OSTYPE(`hpux9')dnl 112 113 You must specify an OSTYPE to properly configure things such as the 114 pathname of the help and status files, the flags needed for the local 115 mailer, and other important things. If you omit it, you will get an 116 error when you try to build the configuration. Look at the ostype 117 directory for the list of known operating system types. 118 119 DOMAIN(`CS.Berkeley.EDU')dnl 120 121 This example is specific to the Computer Science Division at Berkeley. 122 You can use "DOMAIN(`generic')" to get a sufficiently bland definition 123 that may well work for you, or you can create a customized domain 124 definition appropriate for your environment. 125 126 MAILER(`local') 127 MAILER(`smtp') 128 129 These describe the mailers used at the default CS site. The local 130 mailer is always included automatically. Beware: MAILER declarations 131 should only be followed by LOCAL_* sections. The general rules are 132 that the order should be: 133 134 VERSIONID 135 OSTYPE 136 DOMAIN 137 FEATURE 138 local macro definitions 139 MAILER 140 LOCAL_CONFIG 141 LOCAL_RULE_* 142 LOCAL_RULESETS 143 144 There are a few exceptions to this rule. Local macro definitions which 145 influence a FEATURE() should be done before that feature. For example, 146 a define(`PROCMAIL_MAILER_PATH', ...) should be done before 147 FEATURE(`local_procmail'). 148 149 150 +----------------------------+ 151 | A BRIEF INTRODUCTION TO M4 | 152 +----------------------------+ 153 154 Sendmail uses the M4 macro processor to ``compile'' the configuration 155 files. The most important thing to know is that M4 is stream-based, 156 that is, it doesn't understand about lines. For this reason, in some 157 places you may see the word ``dnl'', which stands for ``delete 158 through newline''; essentially, it deletes all characters starting 159 at the ``dnl'' up to and including the next newline character. In 160 most cases sendmail uses this only to avoid lots of unnecessary 161 blank lines in the output. 162 163 Other important directives are define(A, B) which defines the macro 164 ``A'' to have value ``B''. Macros are expanded as they are read, so 165 one normally quotes both values to prevent expansion. For example, 166 167 define(`SMART_HOST', `smart.foo.com') 168 169 One word of warning: M4 macros are expanded even in lines that appear 170 to be comments. For example, if you have 171 172 # See FEATURE(`foo') above 173 174 it will not do what you expect, because the FEATURE(`foo') will be 175 expanded. This also applies to 176 177 # And then define the $X macro to be the return address 178 179 because ``define'' is an M4 keyword. If you want to use them, surround 180 them with directed quotes, `like this'. 181 182 Since m4 uses single quotes (opening "`" and closing "'") to quote 183 arguments, those quotes can't be used in arguments. For example, 184 it is not possible to define a rejection message containing a single 185 quote. Usually there are simple workarounds by changing those 186 messages; in the worst case it might be ok to change the value 187 directly in the generated .cf file, which however is not advised. 188 189 +----------------+ 190 | FILE LOCATIONS | 191 +----------------+ 192 193 sendmail 8.9 has introduced a new configuration directory for sendmail 194 related files, /etc/mail. The new files available for sendmail 8.9 -- 195 the class {R} /etc/mail/relay-domains and the access database 196 /etc/mail/access -- take advantage of this new directory. Beginning with 197 8.10, all files will use this directory by default (some options may be 198 set by OSTYPE() files). This new directory should help to restore 199 uniformity to sendmail's file locations. 200 201 Below is a table of some of the common changes: 202 203 Old filename New filename 204 ------------ ------------ 205 /etc/bitdomain /etc/mail/bitdomain 206 /etc/domaintable /etc/mail/domaintable 207 /etc/genericstable /etc/mail/genericstable 208 /etc/uudomain /etc/mail/uudomain 209 /etc/virtusertable /etc/mail/virtusertable 210 /etc/userdb /etc/mail/userdb 211 212 /etc/aliases /etc/mail/aliases 213 /etc/sendmail/aliases /etc/mail/aliases 214 /etc/ucbmail/aliases /etc/mail/aliases 215 /usr/adm/sendmail/aliases /etc/mail/aliases 216 /usr/lib/aliases /etc/mail/aliases 217 /usr/lib/mail/aliases /etc/mail/aliases 218 /usr/ucblib/aliases /etc/mail/aliases 219 220 /etc/sendmail.cw /etc/mail/local-host-names 221 /etc/mail/sendmail.cw /etc/mail/local-host-names 222 /etc/sendmail/sendmail.cw /etc/mail/local-host-names 223 224 /etc/sendmail.ct /etc/mail/trusted-users 225 226 /etc/sendmail.oE /etc/mail/error-header 227 228 /etc/sendmail.hf /etc/mail/helpfile 229 /etc/mail/sendmail.hf /etc/mail/helpfile 230 /usr/ucblib/sendmail.hf /etc/mail/helpfile 231 /etc/ucbmail/sendmail.hf /etc/mail/helpfile 232 /usr/lib/sendmail.hf /etc/mail/helpfile 233 /usr/share/lib/sendmail.hf /etc/mail/helpfile 234 /usr/share/misc/sendmail.hf /etc/mail/helpfile 235 /share/misc/sendmail.hf /etc/mail/helpfile 236 237 /etc/service.switch /etc/mail/service.switch 238 239 /etc/sendmail.st /etc/mail/statistics 240 /etc/mail/sendmail.st /etc/mail/statistics 241 /etc/mailer/sendmail.st /etc/mail/statistics 242 /etc/sendmail/sendmail.st /etc/mail/statistics 243 /usr/lib/sendmail.st /etc/mail/statistics 244 /usr/ucblib/sendmail.st /etc/mail/statistics 245 246 Note that all of these paths actually use a new m4 macro MAIL_SETTINGS_DIR 247 to create the pathnames. The default value of this variable is 248 `/etc/mail/'. If you set this macro to a different value, you MUST include 249 a trailing slash. 250 251 Notice: all filenames used in a .mc (or .cf) file should be absolute 252 (starting at the root, i.e., with '/'). Relative filenames most 253 likely cause surprises during operations (unless otherwise noted). 254 255 256 +--------+ 257 | OSTYPE | 258 +--------+ 259 260 You MUST define an operating system environment, or the configuration 261 file build will puke. There are several environments available; look 262 at the "ostype" directory for the current list. This macro changes 263 things like the location of the alias file and queue directory. Some 264 of these files are identical to one another. 265 266 It is IMPERATIVE that the OSTYPE occur before any MAILER definitions. 267 In general, the OSTYPE macro should go immediately after any version 268 information, and MAILER definitions should always go last. 269 270 Operating system definitions are usually easy to write. They may define 271 the following variables (everything defaults, so an ostype file may be 272 empty). Unfortunately, the list of configuration-supported systems is 273 not as broad as the list of source-supported systems, since many of 274 the source contributors do not include corresponding ostype files. 275 276 ALIAS_FILE [/etc/mail/aliases] The location of the text version 277 of the alias file(s). It can be a comma-separated 278 list of names (but be sure you quote values with 279 commas in them -- for example, use 280 define(`ALIAS_FILE', `a,b') 281 to get "a" and "b" both listed as alias files; 282 otherwise the define() primitive only sees "a"). 283 HELP_FILE [/etc/mail/helpfile] The name of the file 284 containing information printed in response to 285 the SMTP HELP command. 286 QUEUE_DIR [/var/spool/mqueue] The directory containing 287 queue files. To use multiple queues, supply 288 a value ending with an asterisk. For 289 example, /var/spool/mqueue/qd* will use all of the 290 directories or symbolic links to directories 291 beginning with 'qd' in /var/spool/mqueue as queue 292 directories. The names 'qf', 'df', and 'xf' are 293 reserved as specific subdirectories for the 294 corresponding queue file types as explained in 295 doc/op/op.me. See also QUEUE GROUP DEFINITIONS. 296 MSP_QUEUE_DIR [/var/spool/clientmqueue] The directory containing 297 queue files for the MSP (Mail Submission Program). 298 STATUS_FILE [/etc/mail/statistics] The file containing status 299 information. 300 LOCAL_MAILER_PATH [/bin/mail] The program used to deliver local mail. 301 LOCAL_MAILER_FLAGS [Prmn9] The flags used by the local mailer. The 302 flags lsDFMAw5:/|@q are always included. 303 LOCAL_MAILER_ARGS [mail -d $u] The arguments passed to deliver local 304 mail. 305 LOCAL_MAILER_MAX [undefined] If defined, the maximum size of local 306 mail that you are willing to accept. 307 LOCAL_MAILER_MAXMSGS [undefined] If defined, the maximum number of 308 messages to deliver in a single connection. Only 309 useful for LMTP local mailers. 310 LOCAL_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data 311 that ARRIVE from an address that resolves to the 312 local mailer and which are converted to MIME will be 313 labeled with this character set. 314 LOCAL_MAILER_EOL [undefined] If defined, the string to use as the 315 end of line for the local mailer. 316 LOCAL_MAILER_DSN_DIAGNOSTIC_CODE 317 [X-Unix] The DSN Diagnostic-Code value for the 318 local mailer. This should be changed with care. 319 LOCAL_SHELL_PATH [/bin/sh] The shell used to deliver piped email. 320 LOCAL_SHELL_FLAGS [eu9] The flags used by the shell mailer. The 321 flags lsDFM are always included. 322 LOCAL_SHELL_ARGS [sh -c $u] The arguments passed to deliver "prog" 323 mail. 324 LOCAL_SHELL_DIR [$z:/] The directory search path in which the 325 shell should run. 326 LOCAL_MAILER_QGRP [undefined] The queue group for the local mailer. 327 SMTP_MAILER_FLAGS [undefined] Flags added to SMTP mailer. Default 328 flags are `mDFMuX' for all SMTP-based mailers; the 329 "esmtp" mailer adds `a'; "smtp8" adds `8'; and 330 "dsmtp" adds `%'. 331 RELAY_MAILER_FLAGS [undefined] Flags added to the relay mailer. Default 332 flags are `mDFMuX' for all SMTP-based mailers; the 333 relay mailer adds `a8'. If this is not defined, 334 then SMTP_MAILER_FLAGS is used. 335 SMTP_MAILER_MAX [undefined] The maximum size of messages that will 336 be transported using the smtp, smtp8, esmtp, or dsmtp 337 mailers. 338 SMTP_MAILER_MAXMSGS [undefined] If defined, the maximum number of 339 messages to deliver in a single connection for the 340 smtp, smtp8, esmtp, or dsmtp mailers. 341 SMTP_MAILER_MAXRCPTS [undefined] If defined, the maximum number of 342 recipients to deliver in a single connection for the 343 smtp, smtp8, esmtp, or dsmtp mailers. 344 SMTP_MAILER_ARGS [TCP $h] The arguments passed to the smtp mailer. 345 About the only reason you would want to change this 346 would be to change the default port. 347 ESMTP_MAILER_ARGS [TCP $h] The arguments passed to the esmtp mailer. 348 SMTP8_MAILER_ARGS [TCP $h] The arguments passed to the smtp8 mailer. 349 DSMTP_MAILER_ARGS [TCP $h] The arguments passed to the dsmtp mailer. 350 RELAY_MAILER_ARGS [TCP $h] The arguments passed to the relay mailer. 351 SMTP_MAILER_QGRP [undefined] The queue group for the smtp mailer. 352 ESMTP_MAILER_QGRP [undefined] The queue group for the esmtp mailer. 353 SMTP8_MAILER_QGRP [undefined] The queue group for the smtp8 mailer. 354 DSMTP_MAILER_QGRP [undefined] The queue group for the dsmtp mailer. 355 RELAY_MAILER_QGRP [undefined] The queue group for the relay mailer. 356 RELAY_MAILER_MAXMSGS [undefined] If defined, the maximum number of 357 messages to deliver in a single connection for the 358 relay mailer. 359 SMTP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data 360 that ARRIVE from an address that resolves to one of 361 the SMTP mailers and which are converted to MIME will 362 be labeled with this character set. 363 UUCP_MAILER_PATH [/usr/bin/uux] The program used to send UUCP mail. 364 UUCP_MAILER_FLAGS [undefined] Flags added to UUCP mailer. Default 365 flags are `DFMhuU' (and `m' for uucp-new mailer, 366 minus `U' for uucp-dom mailer). 367 UUCP_MAILER_ARGS [uux - -r -z -a$g -gC $h!rmail ($u)] The arguments 368 passed to the UUCP mailer. 369 UUCP_MAILER_MAX [100000] The maximum size message accepted for 370 transmission by the UUCP mailers. 371 UUCP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data 372 that ARRIVE from an address that resolves to one of 373 the UUCP mailers and which are converted to MIME will 374 be labeled with this character set. 375 UUCP_MAILER_QGRP [undefined] The queue group for the UUCP mailers. 376 PROCMAIL_MAILER_PATH [/usr/local/bin/procmail] The path to the procmail 377 program. This is also used by 378 FEATURE(`local_procmail'). 379 PROCMAIL_MAILER_FLAGS [SPhnu9] Flags added to Procmail mailer. Flags 380 DFM are always set. This is NOT used by 381 FEATURE(`local_procmail'); tweak LOCAL_MAILER_FLAGS 382 instead. 383 PROCMAIL_MAILER_ARGS [procmail -Y -m $h $f $u] The arguments passed to 384 the Procmail mailer. This is NOT used by 385 FEATURE(`local_procmail'); tweak LOCAL_MAILER_ARGS 386 instead. 387 PROCMAIL_MAILER_MAX [undefined] If set, the maximum size message that 388 will be accepted by the procmail mailer. 389 PROCMAIL_MAILER_QGRP [undefined] The queue group for the procmail mailer. 390 confEBINDIR [/usr/libexec] The directory for executables. 391 Currently used for FEATURE(`local_lmtp') and 392 FEATURE(`smrsh'). 393 LOCAL_PROG_QGRP [undefined] The queue group for the prog mailer. 394 395 Note: to tweak Name_MAILER_FLAGS use the macro MODIFY_MAILER_FLAGS: 396 MODIFY_MAILER_FLAGS(`Name', `change') where Name is the first part 397 of the macro Name_MAILER_FLAGS (note: that means Name is entirely in 398 upper case) and change can be: flags that should be used directly 399 (thus overriding the default value), or if it starts with `+' (`-') 400 then those flags are added to (removed from) the default value. 401 Example: 402 403 MODIFY_MAILER_FLAGS(`LOCAL', `+e') 404 405 will add the flag `e' to LOCAL_MAILER_FLAGS. Notice: there are 406 several smtp mailers all of which are manipulated individually. 407 See the section MAILERS for the available mailer names. 408 WARNING: The FEATUREs local_lmtp and local_procmail set LOCAL_MAILER_FLAGS 409 unconditionally, i.e., without respecting any definitions in an 410 OSTYPE setting. 411 412 413 +---------+ 414 | DOMAINS | 415 +---------+ 416 417 You will probably want to collect domain-dependent defines into one 418 file, referenced by the DOMAIN macro. For example, the Berkeley 419 domain file includes definitions for several internal distinguished 420 hosts: 421 422 UUCP_RELAY The host that will accept UUCP-addressed email. 423 If not defined, all UUCP sites must be directly 424 connected. 425 BITNET_RELAY The host that will accept BITNET-addressed email. 426 If not defined, the .BITNET pseudo-domain won't work. 427 DECNET_RELAY The host that will accept DECNET-addressed email. 428 If not defined, the .DECNET pseudo-domain and addresses 429 of the form node::user will not work. 430 FAX_RELAY The host that will accept mail to the .FAX pseudo-domain. 431 The "fax" mailer overrides this value. 432 LOCAL_RELAY The site that will handle unqualified names -- that 433 is, names without an @domain extension. 434 Normally MAIL_HUB is preferred for this function. 435 LOCAL_RELAY is mostly useful in conjunction with 436 FEATURE(`stickyhost') -- see the discussion of 437 stickyhost below. If not set, they are assumed to 438 belong on this machine. This allows you to have a 439 central site to store a company- or department-wide 440 alias database. This only works at small sites, 441 and only with some user agents. 442 LUSER_RELAY The site that will handle lusers -- that is, apparently 443 local names that aren't local accounts or aliases. To 444 specify a local user instead of a site, set this to 445 ``local:username''. 446 447 Any of these can be either ``mailer:hostname'' (in which case the 448 mailer is the internal mailer name, such as ``uucp-new'' and the hostname 449 is the name of the host as appropriate for that mailer) or just a 450 ``hostname'', in which case a default mailer type (usually ``relay'', 451 a variant on SMTP) is used. WARNING: if you have a wildcard MX 452 record matching your domain, you probably want to define these to 453 have a trailing dot so that you won't get the mail diverted back 454 to yourself. 455 456 The domain file can also be used to define a domain name, if needed 457 (using "DD<domain>") and set certain site-wide features. If all hosts 458 at your site masquerade behind one email name, you could also use 459 MASQUERADE_AS here. 460 461 You do not have to define a domain -- in particular, if you are a 462 single machine sitting off somewhere, it is probably more work than 463 it's worth. This is just a mechanism for combining "domain dependent 464 knowledge" into one place. 465 466 467 +---------+ 468 | MAILERS | 469 +---------+ 470 471 There are fewer mailers supported in this version than the previous 472 version, owing mostly to a simpler world. As a general rule, put the 473 MAILER definitions last in your .mc file. 474 475 local The local and prog mailers. You will almost always 476 need these; the only exception is if you relay ALL 477 your mail to another site. This mailer is included 478 automatically. 479 480 smtp The Simple Mail Transport Protocol mailer. This does 481 not hide hosts behind a gateway or another other 482 such hack; it assumes a world where everyone is 483 running the name server. This file actually defines 484 five mailers: "smtp" for regular (old-style) SMTP to 485 other servers, "esmtp" for extended SMTP to other 486 servers, "smtp8" to do SMTP to other servers without 487 converting 8-bit data to MIME (essentially, this is 488 your statement that you know the other end is 8-bit 489 clean even if it doesn't say so), "dsmtp" to do on 490 demand delivery, and "relay" for transmission to the 491 RELAY_HOST, LUSER_RELAY, or MAIL_HUB. 492 493 uucp The UNIX-to-UNIX Copy Program mailer. Actually, this 494 defines two mailers, "uucp-old" (a.k.a. "uucp") and 495 "uucp-new" (a.k.a. "suucp"). The latter is for when you 496 know that the UUCP mailer at the other end can handle 497 multiple recipients in one transfer. If the smtp mailer 498 is included in your configuration, two other mailers 499 ("uucp-dom" and "uucp-uudom") are also defined [warning: you 500 MUST specify MAILER(`smtp') before MAILER(`uucp')]. When you 501 include the uucp mailer, sendmail looks for all names in 502 class {U} and sends them to the uucp-old mailer; all 503 names in class {Y} are sent to uucp-new; and all 504 names in class {Z} are sent to uucp-uudom. Note that 505 this is a function of what version of rmail runs on 506 the receiving end, and hence may be out of your control. 507 See the section below describing UUCP mailers in more 508 detail. 509 510 procmail An interface to procmail (does not come with sendmail). 511 This is designed to be used in mailertables. For example, 512 a common question is "how do I forward all mail for a given 513 domain to a single person?". If you have this mailer 514 defined, you could set up a mailertable reading: 515 516 host.com procmail:/etc/procmailrcs/host.com 517 518 with the file /etc/procmailrcs/host.com reading: 519 520 :0 # forward mail for host.com 521 ! -oi -f $1 person@other.host 522 523 This would arrange for (anything)@host.com to be sent 524 to person@other.host. In a procmail script, $1 is the 525 name of the sender and $2 is the name of the recipient. 526 If you use this with FEATURE(`local_procmail'), the FEATURE 527 should be listed first. 528 529 Of course there are other ways to solve this particular 530 problem, e.g., a catch-all entry in a virtusertable. 531 532 The local mailer accepts addresses of the form "user+detail", where 533 the "+detail" is not used for mailbox matching but is available 534 to certain local mail programs (in particular, see 535 FEATURE(`local_procmail')). For example, "eric", "eric+sendmail", and 536 "eric+sww" all indicate the same user, but additional arguments <null>, 537 "sendmail", and "sww" may be provided for use in sorting mail. 538 539 540 +----------+ 541 | FEATURES | 542 +----------+ 543 544 Special features can be requested using the "FEATURE" macro. For 545 example, the .mc line: 546 547 FEATURE(`use_cw_file') 548 549 tells sendmail that you want to have it read an /etc/mail/local-host-names 550 file to get values for class {w}. A FEATURE may contain up to 9 551 optional parameters -- for example: 552 553 FEATURE(`mailertable', `dbm /usr/lib/mailertable') 554 555 The default database map type for the table features can be set with 556 557 define(`DATABASE_MAP_TYPE', `dbm') 558 559 which would set it to use ndbm databases. The default is the Berkeley DB 560 hash database format. Note that you must still declare a database map type 561 if you specify an argument to a FEATURE. DATABASE_MAP_TYPE is only used 562 if no argument is given for the FEATURE. It must be specified before any 563 feature that uses a map. 564 565 Also, features which can take a map definition as an argument can also take 566 the special keyword `LDAP'. If that keyword is used, the map will use the 567 LDAP definition described in the ``USING LDAP FOR ALIASES, MAPS, AND 568 CLASSES'' section below. 569 570 Available features are: 571 572 use_cw_file Read the file /etc/mail/local-host-names file to get 573 alternate names for this host. This might be used if you 574 were on a host that MXed for a dynamic set of other hosts. 575 If the set is static, just including the line "Cw<name1> 576 <name2> ..." (where the names are fully qualified domain 577 names) is probably superior. The actual filename can be 578 overridden by redefining confCW_FILE. 579 580 use_ct_file Read the file /etc/mail/trusted-users file to get the 581 names of users that will be ``trusted'', that is, able to 582 set their envelope from address using -f without generating 583 a warning message. The actual filename can be overridden 584 by redefining confCT_FILE. 585 586 redirect Reject all mail addressed to "address.REDIRECT" with 587 a ``551 User has moved; please try <address>'' message. 588 If this is set, you can alias people who have left 589 to their new address with ".REDIRECT" appended. 590 591 nouucp Don't route UUCP addresses. This feature takes one 592 parameter: 593 `reject': reject addresses which have "!" in the local 594 part unless it originates from a system 595 that is allowed to relay. 596 `nospecial': don't do anything special with "!". 597 Warnings: 1. See the notice in the anti-spam section. 598 2. don't remove "!" from OperatorChars if `reject' is 599 given as parameter. 600 601 nocanonify Don't pass addresses to $[ ... $] for canonification 602 by default, i.e., host/domain names are considered canonical, 603 except for unqualified names, which must not be used in this 604 mode (violation of the standard). It can be changed by 605 setting the DaemonPortOptions modifiers (M=). That is, 606 FEATURE(`nocanonify') will be overridden by setting the 607 'c' flag. Conversely, if FEATURE(`nocanonify') is not used, 608 it can be emulated by setting the 'C' flag 609 (DaemonPortOptions=Modifiers=C). This would generally only 610 be used by sites that only act as mail gateways or which have 611 user agents that do full canonification themselves. You may 612 also want to use 613 "define(`confBIND_OPTS', `-DNSRCH -DEFNAMES')" to turn off 614 the usual resolver options that do a similar thing. 615 616 An exception list for FEATURE(`nocanonify') can be 617 specified with CANONIFY_DOMAIN or CANONIFY_DOMAIN_FILE, 618 i.e., a list of domains which are nevertheless passed to 619 $[ ... $] for canonification. This is useful to turn on 620 canonification for local domains, e.g., use 621 CANONIFY_DOMAIN(`my.domain my') to canonify addresses 622 which end in "my.domain" or "my". 623 Another way to require canonification in the local 624 domain is CANONIFY_DOMAIN(`$=m'). 625 626 A trailing dot is added to addresses with more than 627 one component in it such that other features which 628 expect a trailing dot (e.g., virtusertable) will 629 still work. 630 631 If `canonify_hosts' is specified as parameter, i.e., 632 FEATURE(`nocanonify', `canonify_hosts'), then 633 addresses which have only a hostname, e.g., 634 <user@host>, will be canonified (and hopefully fully 635 qualified), too. 636 637 stickyhost This feature is sometimes used with LOCAL_RELAY, 638 although it can be used for a different effect with 639 MAIL_HUB. 640 641 When used without MAIL_HUB, email sent to 642 "user@local.host" are marked as "sticky" -- that 643 is, the local addresses aren't matched against UDB, 644 don't go through ruleset 5, and are not forwarded to 645 the LOCAL_RELAY (if defined). 646 647 With MAIL_HUB, mail addressed to "user@local.host" 648 is forwarded to the mail hub, with the envelope 649 address still remaining "user@local.host". 650 Without stickyhost, the envelope would be changed 651 to "user@mail_hub", in order to protect against 652 mailing loops. 653 654 mailertable Include a "mailer table" which can be used to override 655 routing for particular domains (which are not in class {w}, 656 i.e. local host names). The argument of the FEATURE may be 657 the key definition. If none is specified, the definition 658 used is: 659 660 hash /etc/mail/mailertable 661 662 Keys in this database are fully qualified domain names 663 or partial domains preceded by a dot -- for example, 664 "vangogh.CS.Berkeley.EDU" or ".CS.Berkeley.EDU". As a 665 special case of the latter, "." matches any domain not 666 covered by other keys. Values must be of the form: 667 mailer:domain 668 where "mailer" is the internal mailer name, and "domain" 669 is where to send the message. These maps are not 670 reflected into the message header. As a special case, 671 the forms: 672 local:user 673 will forward to the indicated user using the local mailer, 674 local: 675 will forward to the original user in the e-mail address 676 using the local mailer, and 677 error:code message 678 error:D.S.N:code message 679 will give an error message with the indicated SMTP reply 680 code and message, where D.S.N is an RFC 1893 compliant 681 error code. 682 683 domaintable Include a "domain table" which can be used to provide 684 domain name mapping. Use of this should really be 685 limited to your own domains. It may be useful if you 686 change names (e.g., your company changes names from 687 oldname.com to newname.com). The argument of the 688 FEATURE may be the key definition. If none is specified, 689 the definition used is: 690 691 hash /etc/mail/domaintable 692 693 The key in this table is the domain name; the value is 694 the new (fully qualified) domain. Anything in the 695 domaintable is reflected into headers; that is, this 696 is done in ruleset 3. 697 698 bitdomain Look up bitnet hosts in a table to try to turn them into 699 internet addresses. The table can be built using the 700 bitdomain program contributed by John Gardiner Myers. 701 The argument of the FEATURE may be the key definition; if 702 none is specified, the definition used is: 703 704 hash /etc/mail/bitdomain 705 706 Keys are the bitnet hostname; values are the corresponding 707 internet hostname. 708 709 uucpdomain Similar feature for UUCP hosts. The default map definition 710 is: 711 712 hash /etc/mail/uudomain 713 714 At the moment there is no automagic tool to build this 715 database. 716 717 always_add_domain 718 Include the local host domain even on locally delivered 719 mail. Normally it is not added on unqualified names. 720 However, if you use a shared message store but do not use 721 the same user name space everywhere, you may need the host 722 name on local names. An optional argument specifies 723 another domain to be added than the local. 724 725 allmasquerade If masquerading is enabled (using MASQUERADE_AS), this 726 feature will cause recipient addresses to also masquerade 727 as being from the masquerade host. Normally they get 728 the local hostname. Although this may be right for 729 ordinary users, it can break local aliases. For example, 730 if you send to "localalias", the originating sendmail will 731 find that alias and send to all members, but send the 732 message with "To: localalias@masqueradehost". Since that 733 alias likely does not exist, replies will fail. Use this 734 feature ONLY if you can guarantee that the ENTIRE 735 namespace on your masquerade host supersets all the 736 local entries. 737 738 limited_masquerade 739 Normally, any hosts listed in class {w} are masqueraded. If 740 this feature is given, only the hosts listed in class {M} (see 741 below: MASQUERADE_DOMAIN) are masqueraded. This is useful 742 if you have several domains with disjoint namespaces hosted 743 on the same machine. 744 745 masquerade_entire_domain 746 If masquerading is enabled (using MASQUERADE_AS) and 747 MASQUERADE_DOMAIN (see below) is set, this feature will 748 cause addresses to be rewritten such that the masquerading 749 domains are actually entire domains to be hidden. All 750 hosts within the masquerading domains will be rewritten 751 to the masquerade name (used in MASQUERADE_AS). For example, 752 if you have: 753 754 MASQUERADE_AS(`masq.com') 755 MASQUERADE_DOMAIN(`foo.org') 756 MASQUERADE_DOMAIN(`bar.com') 757 758 then *foo.org and *bar.com are converted to masq.com. Without 759 this feature, only foo.org and bar.com are masqueraded. 760 761 NOTE: only domains within your jurisdiction and 762 current hierarchy should be masqueraded using this. 763 764 local_no_masquerade 765 This feature prevents the local mailer from masquerading even 766 if MASQUERADE_AS is used. MASQUERADE_AS will only have effect 767 on addresses of mail going outside the local domain. 768 769 masquerade_envelope 770 If masquerading is enabled (using MASQUERADE_AS) or the 771 genericstable is in use, this feature will cause envelope 772 addresses to also masquerade as being from the masquerade 773 host. Normally only the header addresses are masqueraded. 774 775 genericstable This feature will cause unqualified addresses (i.e., without 776 a domain) and addresses with a domain listed in class {G} 777 to be looked up in a map and turned into another ("generic") 778 form, which can change both the domain name and the user name. 779 Notice: if you use an MSP (as it is default starting with 780 8.12), the MTA will only receive qualified addresses from the 781 MSP (as required by the RFCs). Hence you need to add your 782 domain to class {G}. This feature is similar to the userdb 783 functionality. The same types of addresses as for 784 masquerading are looked up, i.e., only header sender 785 addresses unless the allmasquerade and/or masquerade_envelope 786 features are given. Qualified addresses must have the domain 787 part in class {G}; entries can be added to this class by the 788 macros GENERICS_DOMAIN or GENERICS_DOMAIN_FILE (analogously 789 to MASQUERADE_DOMAIN and MASQUERADE_DOMAIN_FILE, see below). 790 791 The argument of FEATURE(`genericstable') may be the map 792 definition; the default map definition is: 793 794 hash /etc/mail/genericstable 795 796 The key for this table is either the full address, the domain 797 (with a leading @; the localpart is passed as first argument) 798 or the unqualified username (tried in the order mentioned); 799 the value is the new user address. If the new user address 800 does not include a domain, it will be qualified in the standard 801 manner, i.e., using $j or the masquerade name. Note that the 802 address being looked up must be fully qualified. For local 803 mail, it is necessary to use FEATURE(`always_add_domain') 804 for the addresses to be qualified. 805 The "+detail" of an address is passed as %1, so entries like 806 807 old+*@foo.org new+%1@example.com 808 gen+*@foo.org %1@example.com 809 810 and other forms are possible. 811 812 generics_entire_domain 813 If the genericstable is enabled and GENERICS_DOMAIN or 814 GENERICS_DOMAIN_FILE is used, this feature will cause 815 addresses to be searched in the map if their domain 816 parts are subdomains of elements in class {G}. 817 818 virtusertable A domain-specific form of aliasing, allowing multiple 819 virtual domains to be hosted on one machine. For example, 820 if the virtuser table contains: 821 822 info@foo.com foo-info 823 info@bar.com bar-info 824 joe@bar.com error:nouser 550 No such user here 825 jax@bar.com error:5.7.0:550 Address invalid 826 @baz.org jane@example.net 827 828 then mail addressed to info@foo.com will be sent to the 829 address foo-info, mail addressed to info@bar.com will be 830 delivered to bar-info, and mail addressed to anyone at baz.org 831 will be sent to jane@example.net, mail to joe@bar.com will 832 be rejected with the specified error message, and mail to 833 jax@bar.com will also have a RFC 1893 compliant error code 834 5.7.0. 835 836 The username from the original address is passed 837 as %1 allowing: 838 839 @foo.org %1@example.com 840 841 meaning someone@foo.org will be sent to someone@example.com. 842 Additionally, if the local part consists of "user+detail" 843 then "detail" is passed as %2 and "+detail" is passed as %3 844 when a match against user+* is attempted, so entries like 845 846 old+*@foo.org new+%2@example.com 847 gen+*@foo.org %2@example.com 848 +*@foo.org %1%3@example.com 849 X++@foo.org Z%3@example.com 850 @bar.org %1%3 851 852 and other forms are possible. Note: to preserve "+detail" 853 for a default case (@domain) %1%3 must be used as RHS. 854 There are two wildcards after "+": "+" matches only a non-empty 855 detail, "*" matches also empty details, e.g., user+@foo.org 856 matches +*@foo.org but not ++@foo.org. This can be used 857 to ensure that the parameters %2 and %3 are not empty. 858 859 All the host names on the left hand side (foo.com, bar.com, 860 and baz.org) must be in class {w} or class {VirtHost}. The 861 latter can be defined by the macros VIRTUSER_DOMAIN or 862 VIRTUSER_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 863 MASQUERADE_DOMAIN_FILE, see below). If VIRTUSER_DOMAIN or 864 VIRTUSER_DOMAIN_FILE is used, then the entries of class 865 {VirtHost} are added to class {R}, i.e., relaying is allowed 866 to (and from) those domains. The default map definition is: 867 868 hash /etc/mail/virtusertable 869 870 A new definition can be specified as the second argument of 871 the FEATURE macro, such as 872 873 FEATURE(`virtusertable', `dbm /etc/mail/virtusers') 874 875 virtuser_entire_domain 876 If the virtusertable is enabled and VIRTUSER_DOMAIN or 877 VIRTUSER_DOMAIN_FILE is used, this feature will cause 878 addresses to be searched in the map if their domain 879 parts are subdomains of elements in class {VirtHost}. 880 881 ldap_routing Implement LDAP-based e-mail recipient routing according to 882 the Internet Draft draft-lachman-laser-ldap-mail-routing-01. 883 This provides a method to re-route addresses with a 884 domain portion in class {LDAPRoute} to either a 885 different mail host or a different address. Hosts can 886 be added to this class using LDAPROUTE_DOMAIN and 887 LDAPROUTE_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 888 MASQUERADE_DOMAIN_FILE, see below). 889 890 See the LDAP ROUTING section below for more information. 891 892 nodns If you aren't running DNS at your site (for example, 893 you are UUCP-only connected). It's hard to consider 894 this a "feature", but hey, it had to go somewhere. 895 Actually, as of 8.7 this is a no-op -- remove "dns" from 896 the hosts service switch entry instead. 897 898 nullclient This is a special case -- it creates a configuration file 899 containing nothing but support for forwarding all mail to a 900 central hub via a local SMTP-based network. The argument 901 is the name of that hub. 902 903 The only other feature that should be used in conjunction 904 with this one is FEATURE(`nocanonify'). No mailers 905 should be defined. No aliasing or forwarding is done. 906 907 local_lmtp Use an LMTP capable local mailer. The argument to this 908 feature is the pathname of an LMTP capable mailer. By 909 default, mail.local is used. This is expected to be the 910 mail.local which came with the 8.9 distribution which is 911 LMTP capable. The path to mail.local is set by the 912 confEBINDIR m4 variable -- making the default 913 LOCAL_MAILER_PATH /usr/libexec/mail.local. 914 If a different LMTP capable mailer is used, its pathname 915 can be specified as second parameter and the arguments 916 passed to it (A=) as third parameter, e.g., 917 918 FEATURE(`local_lmtp', `/usr/local/bin/lmtp', `lmtp') 919 920 WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally, 921 i.e., without respecting any definitions in an OSTYPE setting. 922 923 local_procmail Use procmail or another delivery agent as the local mailer. 924 The argument to this feature is the pathname of the 925 delivery agent, which defaults to PROCMAIL_MAILER_PATH. 926 Note that this does NOT use PROCMAIL_MAILER_FLAGS or 927 PROCMAIL_MAILER_ARGS for the local mailer; tweak 928 LOCAL_MAILER_FLAGS and LOCAL_MAILER_ARGS instead, or 929 specify the appropriate parameters. When procmail is used, 930 the local mailer can make use of the 931 "user+indicator@local.host" syntax; normally the +indicator 932 is just tossed, but by default it is passed as the -a 933 argument to procmail. 934 935 This feature can take up to three arguments: 936 937 1. Path to the mailer program 938 [default: /usr/local/bin/procmail] 939 2. Argument vector including name of the program 940 [default: procmail -Y -a $h -d $u] 941 3. Flags for the mailer [default: SPfhn9] 942 943 Empty arguments cause the defaults to be taken. 944 Note that if you are on a system with a broken 945 setreuid() call, you may need to add -f $f to the procmail 946 argument vector to pass the proper sender to procmail. 947 948 For example, this allows it to use the maildrop 949 (http://www.flounder.net/~mrsam/maildrop/) mailer instead 950 by specifying: 951 952 FEATURE(`local_procmail', `/usr/local/bin/maildrop', 953 `maildrop -d $u') 954 955 or scanmails using: 956 957 FEATURE(`local_procmail', `/usr/local/bin/scanmails') 958 959 WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally, 960 i.e., without respecting any definitions in an OSTYPE setting. 961 962 bestmx_is_local Accept mail as though locally addressed for any host that 963 lists us as the best possible MX record. This generates 964 additional DNS traffic, but should be OK for low to 965 medium traffic hosts. The argument may be a set of 966 domains, which will limit the feature to only apply to 967 these domains -- this will reduce unnecessary DNS 968 traffic. THIS FEATURE IS FUNDAMENTALLY INCOMPATIBLE WITH 969 WILDCARD MX RECORDS!!! If you have a wildcard MX record 970 that matches your domain, you cannot use this feature. 971 972 smrsh Use the SendMail Restricted SHell (smrsh) provided 973 with the distribution instead of /bin/sh for mailing 974 to programs. This improves the ability of the local 975 system administrator to control what gets run via 976 e-mail. If an argument is provided it is used as the 977 pathname to smrsh; otherwise, the path defined by 978 confEBINDIR is used for the smrsh binary -- by default, 979 /usr/libexec/smrsh is assumed. 980 981 promiscuous_relay 982 By default, the sendmail configuration files do not permit 983 mail relaying (that is, accepting mail from outside your 984 local host (class {w}) and sending it to another host than 985 your local host). This option sets your site to allow 986 mail relaying from any site to any site. In almost all 987 cases, it is better to control relaying more carefully 988 with the access map, class {R}, or authentication. Domains 989 can be added to class {R} by the macros RELAY_DOMAIN or 990 RELAY_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and 991 MASQUERADE_DOMAIN_FILE, see below). 992 993 relay_entire_domain 994 This option allows any host in your domain as defined by 995 class {m} to use your server for relaying. Notice: make 996 sure that your domain is not just a top level domain, 997 e.g., com. This can happen if you give your host a name 998 like example.com instead of host.example.com. 999 1000 relay_hosts_only 1001 By default, names that are listed as RELAY in the access 1002 db and class {R} are treated as domain names, not host names. 1003 For example, if you specify ``foo.com'', then mail to or 1004 from foo.com, abc.foo.com, or a.very.deep.domain.foo.com 1005 will all be accepted for relaying. This feature changes 1006 the behaviour to lookup individual host names only. 1007 1008 relay_based_on_MX 1009 Turns on the ability to allow relaying based on the MX 1010 records of the host portion of an incoming recipient; that 1011 is, if an MX record for host foo.com points to your site, 1012 you will accept and relay mail addressed to foo.com. See 1013 description below for more information before using this 1014 feature. Also, see the KNOWNBUGS entry regarding bestmx 1015 map lookups. 1016 1017 FEATURE(`relay_based_on_MX') does not necessarily allow 1018 routing of these messages which you expect to be allowed, 1019 if route address syntax (or %-hack syntax) is used. If 1020 this is a problem, add entries to the access-table or use 1021 FEATURE(`loose_relay_check'). 1022 1023 relay_mail_from 1024 Allows relaying if the mail sender is listed as RELAY in 1025 the access map. If an optional argument `domain' (this 1026 is the literal word `domain', not a placeholder) is given, 1027 relaying can be allowed just based on the domain portion 1028 of the sender address. This feature should only be used if 1029 absolutely necessary as the sender address can be easily 1030 forged. Use of this feature requires the "From:" tag to 1031 be used for the key in the access map; see the discussion 1032 of tags and FEATURE(`relay_mail_from') in the section on 1033 anti-spam configuration control. 1034 1035 relay_local_from 1036 Allows relaying if the domain portion of the mail sender 1037 is a local host. This should only be used if absolutely 1038 necessary as it opens a window for spammers. Specifically, 1039 they can send mail to your mail server that claims to be 1040 from your domain (either directly or via a routed address), 1041 and you will go ahead and relay it out to arbitrary hosts 1042 on the Internet. 1043 1044 accept_unqualified_senders 1045 Normally, MAIL FROM: commands in the SMTP session will be 1046 refused if the connection is a network connection and the 1047 sender address does not include a domain name. If your 1048 setup sends local mail unqualified (i.e., MAIL FROM:<joe>), 1049 you will need to use this feature to accept unqualified 1050 sender addresses. Setting the DaemonPortOptions modifier 1051 'u' overrides the default behavior, i.e., unqualified 1052 addresses are accepted even without this FEATURE. 1053 If this FEATURE is not used, the DaemonPortOptions modifier 1054 'f' can be used to enforce fully qualified addresses. 1055 1056 accept_unresolvable_domains 1057 Normally, MAIL FROM: commands in the SMTP session will be 1058 refused if the host part of the argument to MAIL FROM: 1059 cannot be located in the host name service (e.g., an A or 1060 MX record in DNS). If you are inside a firewall that has 1061 only a limited view of the Internet host name space, this 1062 could cause problems. In this case you probably want to 1063 use this feature to accept all domains on input, even if 1064 they are unresolvable. 1065 1066 access_db Turns on the access database feature. The access db gives 1067 you the ability to allow or refuse to accept mail from 1068 specified domains for administrative reasons. Moreover, 1069 it can control the behavior of sendmail in various situations. 1070 By default, the access database specification is: 1071 1072 hash -T<TMPF> /etc/mail/access 1073 1074 See the anti-spam configuration control section for further 1075 important information about this feature. Notice: 1076 "-T<TMPF>" is meant literal, do not replace it by anything. 1077 1078 blacklist_recipients 1079 Turns on the ability to block incoming mail for certain 1080 recipient usernames, hostnames, or addresses. For 1081 example, you can block incoming mail to user nobody, 1082 host foo.mydomain.com, or guest@bar.mydomain.com. 1083 These specifications are put in the access db as 1084 described in the anti-spam configuration control section 1085 later in this document. 1086 1087 delay_checks The rulesets check_mail and check_relay will not be called 1088 when a client connects or issues a MAIL command, respectively. 1089 Instead, those rulesets will be called by the check_rcpt 1090 ruleset; they will be skipped under certain circumstances. 1091 See "Delay all checks" in the anti-spam configuration control 1092 section. Note: this feature is incompatible to the versions 1093 in 8.10 and 8.11. 1094 1095 use_client_ptr If this feature is enabled then check_relay will override 1096 its first argument with $&{client_ptr}. This is useful for 1097 rejections based on the unverified hostname of client, 1098 which turns on the same behavior as in earlier sendmail 1099 versions when delay_checks was not in use. See doc/op/op.* 1100 about check_relay, {client_name}, and {client_ptr}. 1101 1102 dnsbl Turns on rejection of hosts found in an DNS based rejection 1103 list. The first is used as the domain in which blocked 1104 hosts are listed. A second argument can be used to change 1105 the default error message. Without that second argument, 1106 the error message will be 1107 Rejected: IP-ADDRESS listed at SERVER 1108 where IP-ADDRESS and SERVER are replaced by the appropriate 1109 information. By default, temporary lookup failures are 1110 ignored. This behavior can be changed by specifying a 1111 third argument, which must be either `t' or a full error 1112 message. See the anti-spam configuration control section for 1113 an example. The dnsbl feature can be included several times 1114 to query different DNS based rejection lists. See also 1115 enhdnsbl for an enhanced version. 1116 1117 Set the DNSBL_MAP mc option to change the default map 1118 definition from `host'. Set the DNSBL_MAP_OPT mc option 1119 to add additional options to the map specification used. 1120 1121 Some DNS based rejection lists cause failures if asked 1122 for AAAA records. If your sendmail version is compiled 1123 with IPv6 support (NETINET6) and you experience this 1124 problem, add 1125 1126 define(`DNSBL_MAP', `dns -R A') 1127 1128 before the first use of this feature. Alternatively you 1129 can use enhdnsbl instead (see below). Moreover, this 1130 statement can be used to reduce the number of DNS retries, 1131 e.g., 1132 1133 define(`DNSBL_MAP', `dns -R A -r2') 1134 1135 See below (EDNSBL_TO) for an explanation. 1136 1137 enhdnsbl Enhanced version of dnsbl (see above). Further arguments 1138 (up to 5) can be used to specify specific return values 1139 from lookups. Temporary lookup failures are ignored unless 1140 a third argument is given, which must be either `t' or a full 1141 error message. By default, any successful lookup will 1142 generate an error. Otherwise the result of the lookup is 1143 compared with the supplied argument(s), and only if a match 1144 occurs an error is generated. For example, 1145 1146 FEATURE(`enhdnsbl', `dnsbl.example.com', `', `t', `127.0.0.2.') 1147 1148 will reject the e-mail if the lookup returns the value 1149 ``127.0.0.2.'', or generate a 451 response if the lookup 1150 temporarily failed. The arguments can contain metasymbols 1151 as they are allowed in the LHS of rules. As the example 1152 shows, the default values are also used if an empty argument, 1153 i.e., `', is specified. This feature requires that sendmail 1154 has been compiled with the flag DNSMAP (see sendmail/README). 1155 1156 Set the EDNSBL_TO mc option to change the DNS retry count 1157 from the default value of 5, this can be very useful when 1158 a DNS server is not responding, which in turn may cause 1159 clients to time out (an entry stating 1160 1161 did not issue MAIL/EXPN/VRFY/ETRN 1162 1163 will be logged). 1164 1165 ratecontrol Enable simple ruleset to do connection rate control 1166 checking. This requires entries in access_db of the form 1167 1168 ClientRate:IP.ADD.RE.SS LIMIT 1169 1170 The RHS specifies the maximum number of connections 1171 (an integer number) over the time interval defined 1172 by ConnectionRateWindowSize, where 0 means unlimited. 1173 1174 Take the following example: 1175 1176 ClientRate:10.1.2.3 4 1177 ClientRate:127.0.0.1 0 1178 ClientRate: 10 1179 1180 10.1.2.3 can only make up to 4 connections, the 1181 general limit it 10, and 127.0.0.1 can make an unlimited 1182 number of connections per ConnectionRateWindowSize. 1183 1184 See also CONNECTION CONTROL. 1185 1186 conncontrol Enable a simple check of the number of incoming SMTP 1187 connections. This requires entries in access_db of the 1188 form 1189 1190 ClientConn:IP.ADD.RE.SS LIMIT 1191 1192 The RHS specifies the maximum number of open connections 1193 (an integer number). 1194 1195 Take the following example: 1196 1197 ClientConn:10.1.2.3 4 1198 ClientConn:127.0.0.1 0 1199 ClientConn: 10 1200 1201 10.1.2.3 can only have up to 4 open connections, the 1202 general limit it 10, and 127.0.0.1 does not have any 1203 explicit limit. 1204 1205 See also CONNECTION CONTROL. 1206 1207 mtamark Experimental support for "Marking Mail Transfer Agents in 1208 Reverse DNS with TXT RRs" (MTAMark), see 1209 draft-stumpf-dns-mtamark-01. Optional arguments are: 1210 1211 1. Error message, default: 1212 1213 550 Rejected: $&{client_addr} not listed as MTA 1214 1215 2. Temporary lookup failures are ignored unless a second 1216 argument is given, which must be either `t' or a full 1217 error message. 1218 1219 3. Lookup prefix, default: _perm._smtp._srv. This should 1220 not be changed unless the draft changes it. 1221 1222 Example: 1223 1224 FEATURE(`mtamark', `', `t') 1225 1226 lookupdotdomain Look up also .domain in the access map. This allows to 1227 match only subdomains. It does not work well with 1228 FEATURE(`relay_hosts_only'), because most lookups for 1229 subdomains are suppressed by the latter feature. 1230 1231 loose_relay_check 1232 Normally, if % addressing is used for a recipient, e.g. 1233 user%site@othersite, and othersite is in class {R}, the 1234 check_rcpt ruleset will strip @othersite and recheck 1235 user@site for relaying. This feature changes that 1236 behavior. It should not be needed for most installations. 1237 1238 preserve_luser_host 1239 Preserve the name of the recipient host if LUSER_RELAY is 1240 used. Without this option, the domain part of the 1241 recipient address will be replaced by the host specified as 1242 LUSER_RELAY. This feature only works if the hostname is 1243 passed to the mailer (see mailer triple in op.me). Note 1244 that in the default configuration the local mailer does not 1245 receive the hostname, i.e., the mailer triple has an empty 1246 hostname. 1247 1248 preserve_local_plus_detail 1249 Preserve the +detail portion of the address when passing 1250 address to local delivery agent. Disables alias and 1251 .forward +detail stripping (e.g., given user+detail, only 1252 that address will be looked up in the alias file; user+* and 1253 user will not be looked up). Only use if the local 1254 delivery agent in use supports +detail addressing. 1255 1256 compat_check Enable ruleset check_compat to look up pairs of addresses 1257 with the Compat: tag -- Compat:sender<@>recipient -- in the 1258 access map. Valid values for the RHS include 1259 DISCARD silently discard recipient 1260 TEMP: return a temporary error 1261 ERROR: return a permanent error 1262 In the last two cases, a 4xy/5xy SMTP reply code should 1263 follow the colon. 1264 1265 no_default_msa Don't generate the default MSA daemon, i.e., 1266 DAEMON_OPTIONS(`Port=587,Name=MSA,M=E') 1267 To define a MSA daemon with other parameters, use this 1268 FEATURE and introduce new settings via DAEMON_OPTIONS(). 1269 1270 msp Defines config file for Message Submission Program. 1271 See cf/submit.mc for how 1272 to use it. An optional argument can be used to override 1273 the default of `[localhost]' to use as host to send all 1274 e-mails to. Note that MX records will be used if the 1275 specified hostname is not in square brackets (e.g., 1276 [hostname]). If `MSA' is specified as second argument then 1277 port 587 is used to contact the server. Example: 1278 1279 FEATURE(`msp', `', `MSA') 1280 1281 Some more hints about possible changes can be found below 1282 in the section MESSAGE SUBMISSION PROGRAM. 1283 1284 Note: Due to many problems, submit.mc uses 1285 1286 FEATURE(`msp', `[127.0.0.1]') 1287 1288 by default. If you have a machine with IPv6 only, 1289 change it to 1290 1291 FEATURE(`msp', `[IPv6:::1]') 1292 1293 If you want to continue using '[localhost]', (the behavior 1294 up to 8.12.6), use 1295 1296 FEATURE(`msp') 1297 1298 queuegroup A simple example how to select a queue group based 1299 on the full e-mail address or the domain of the 1300 recipient. Selection is done via entries in the 1301 access map using the tag QGRP:, for example: 1302 1303 QGRP:example.com main 1304 QGRP:friend@some.org others 1305 QGRP:my.domain local 1306 1307 where "main", "others", and "local" are names of 1308 queue groups. If an argument is specified, it is used 1309 as default queue group. 1310 1311 Note: please read the warning in doc/op/op.me about 1312 queue groups and possible queue manipulations. 1313 1314 greet_pause Adds the greet_pause ruleset which enables open proxy 1315 and SMTP slamming protection. The feature can take an 1316 argument specifying the milliseconds to wait: 1317 1318 FEATURE(`greet_pause', `5000') dnl 5 seconds 1319 1320 If FEATURE(`access_db') is enabled, an access database 1321 lookup with the GreetPause tag is done using client 1322 hostname, domain, IP address, or subnet to determine the 1323 pause time: 1324 1325 GreetPause:my.domain 0 1326 GreetPause:example.com 5000 1327 GreetPause:10.1.2 2000 1328 GreetPause:127.0.0.1 0 1329 1330 When using FEATURE(`access_db'), the optional 1331 FEATURE(`greet_pause') argument becomes the default if 1332 nothing is found in the access database. A ruleset called 1333 Local_greet_pause can be used for local modifications, e.g., 1334 1335 LOCAL_RULESETS 1336 SLocal_greet_pause 1337 R$* $: $&{daemon_flags} 1338 R$* a $* $# 0 1339 1340 +--------------------+ 1341 | USING UUCP MAILERS | 1342 +--------------------+ 1343 1344 It's hard to get UUCP mailers right because of the extremely ad hoc 1345 nature of UUCP addressing. These config files are really designed 1346 for domain-based addressing, even for UUCP sites. 1347 1348 There are four UUCP mailers available. The choice of which one to 1349 use is partly a matter of local preferences and what is running at 1350 the other end of your UUCP connection. Unlike good protocols that 1351 define what will go over the wire, UUCP uses the policy that you 1352 should do what is right for the other end; if they change, you have 1353 to change. This makes it hard to do the right thing, and discourages 1354 people from updating their software. In general, if you can avoid 1355 UUCP, please do. 1356 1357 The major choice is whether to go for a domainized scheme or a 1358 non-domainized scheme. This depends entirely on what the other 1359 end will recognize. If at all possible, you should encourage the 1360 other end to go to a domain-based system -- non-domainized addresses 1361 don't work entirely properly. 1362 1363 The four mailers are: 1364 1365 uucp-old (obsolete name: "uucp") 1366 This is the oldest, the worst (but the closest to UUCP) way of 1367 sending messages across UUCP connections. It does bangify 1368 everything and prepends $U (your UUCP name) to the sender's 1369 address (which can already be a bang path itself). It can 1370 only send to one address at a time, so it spends a lot of 1371 time copying duplicates of messages. Avoid this if at all 1372 possible. 1373 1374 uucp-new (obsolete name: "suucp") 1375 The same as above, except that it assumes that in one rmail 1376 command you can specify several recipients. It still has a 1377 lot of other problems. 1378 1379 uucp-dom 1380 This UUCP mailer keeps everything as domain addresses. 1381 Basically, it uses the SMTP mailer rewriting rules. This mailer 1382 is only included if MAILER(`smtp') is specified before 1383 MAILER(`uucp'). 1384 1385 Unfortunately, a lot of UUCP mailer transport agents require 1386 bangified addresses in the envelope, although you can use 1387 domain-based addresses in the message header. (The envelope 1388 shows up as the From_ line on UNIX mail.) So.... 1389 1390 uucp-uudom 1391 This is a cross between uucp-new (for the envelope addresses) 1392 and uucp-dom (for the header addresses). It bangifies the 1393 envelope sender (From_ line in messages) without adding the 1394 local hostname, unless there is no host name on the address 1395 at all (e.g., "wolf") or the host component is a UUCP host name 1396 instead of a domain name ("somehost!wolf" instead of 1397 "some.dom.ain!wolf"). This is also included only if MAILER(`smtp') 1398 is also specified earlier. 1399 1400 Examples: 1401 1402 On host grasp.insa-lyon.fr (UUCP host name "grasp"), the following 1403 summarizes the sender rewriting for various mailers. 1404 1405 Mailer sender rewriting in the envelope 1406 ------ ------ ------------------------- 1407 uucp-{old,new} wolf grasp!wolf 1408 uucp-dom wolf wolf@grasp.insa-lyon.fr 1409 uucp-uudom wolf grasp.insa-lyon.fr!wolf 1410 1411 uucp-{old,new} wolf@fr.net grasp!fr.net!wolf 1412 uucp-dom wolf@fr.net wolf@fr.net 1413 uucp-uudom wolf@fr.net fr.net!wolf 1414 1415 uucp-{old,new} somehost!wolf grasp!somehost!wolf 1416 uucp-dom somehost!wolf somehost!wolf@grasp.insa-lyon.fr 1417 uucp-uudom somehost!wolf grasp.insa-lyon.fr!somehost!wolf 1418 1419 If you are using one of the domainized UUCP mailers, you really want 1420 to convert all UUCP addresses to domain format -- otherwise, it will 1421 do it for you (and probably not the way you expected). For example, 1422 if you have the address foo!bar!baz (and you are not sending to foo), 1423 the heuristics will add the @uucp.relay.name or @local.host.name to 1424 this address. However, if you map foo to foo.host.name first, it 1425 will not add the local hostname. You can do this using the uucpdomain 1426 feature. 1427 1428 1429 +-------------------+ 1430 | TWEAKING RULESETS | 1431 +-------------------+ 1432 1433 For more complex configurations, you can define special rules. 1434 The macro LOCAL_RULE_3 introduces rules that are used in canonicalizing 1435 the names. Any modifications made here are reflected in the header. 1436 1437 A common use is to convert old UUCP addresses to SMTP addresses using 1438 the UUCPSMTP macro. For example: 1439 1440 LOCAL_RULE_3 1441 UUCPSMTP(`decvax', `decvax.dec.com') 1442 UUCPSMTP(`research', `research.att.com') 1443 1444 will cause addresses of the form "decvax!user" and "research!user" 1445 to be converted to "user@decvax.dec.com" and "user@research.att.com" 1446 respectively. 1447 1448 This could also be used to look up hosts in a database map: 1449 1450 LOCAL_RULE_3 1451 R$* < @ $+ > $* $: $1 < @ $(hostmap $2 $) > $3 1452 1453 This map would be defined in the LOCAL_CONFIG portion, as shown below. 1454 1455 Similarly, LOCAL_RULE_0 can be used to introduce new parsing rules. 1456 For example, new rules are needed to parse hostnames that you accept 1457 via MX records. For example, you might have: 1458 1459 LOCAL_RULE_0 1460 R$+ <@ host.dom.ain.> $#uucp $@ cnmat $: $1 < @ host.dom.ain.> 1461 1462 You would use this if you had installed an MX record for cnmat.Berkeley.EDU 1463 pointing at this host; this rule catches the message and forwards it on 1464 using UUCP. 1465 1466 You can also tweak rulesets 1 and 2 using LOCAL_RULE_1 and LOCAL_RULE_2. 1467 These rulesets are normally empty. 1468 1469 A similar macro is LOCAL_CONFIG. This introduces lines added after the 1470 boilerplate option setting but before rulesets. Do not declare rulesets in 1471 the LOCAL_CONFIG section. It can be used to declare local database maps or 1472 whatever. For example: 1473 1474 LOCAL_CONFIG 1475 Khostmap hash /etc/mail/hostmap 1476 Kyplocal nis -m hosts.byname 1477 1478 1479 +---------------------------+ 1480 | MASQUERADING AND RELAYING | 1481 +---------------------------+ 1482 1483 You can have your host masquerade as another using 1484 1485 MASQUERADE_AS(`host.domain') 1486 1487 This causes mail being sent to be labeled as coming from the 1488 indicated host.domain, rather than $j. One normally masquerades as 1489 one of one's own subdomains (for example, it's unlikely that 1490 Berkeley would choose to masquerade as an MIT site). This 1491 behaviour is modified by a plethora of FEATUREs; in particular, see 1492 masquerade_envelope, allmasquerade, limited_masquerade, and 1493 masquerade_entire_domain. 1494 1495 The masquerade name is not normally canonified, so it is important 1496 that it be your One True Name, that is, fully qualified and not a 1497 CNAME. However, if you use a CNAME, the receiving side may canonify 1498 it for you, so don't think you can cheat CNAME mapping this way. 1499 1500 Normally the only addresses that are masqueraded are those that come 1501 from this host (that is, are either unqualified or in class {w}, the list 1502 of local domain names). You can augment this list, which is realized 1503 by class {M} using 1504 1505 MASQUERADE_DOMAIN(`otherhost.domain') 1506 1507 The effect of this is that although mail to user@otherhost.domain 1508 will not be delivered locally, any mail including any user@otherhost.domain 1509 will, when relayed, be rewritten to have the MASQUERADE_AS address. 1510 This can be a space-separated list of names. 1511 1512 If these names are in a file, you can use 1513 1514 MASQUERADE_DOMAIN_FILE(`filename') 1515 1516 to read the list of names from the indicated file (i.e., to add 1517 elements to class {M}). 1518 1519 To exempt hosts or subdomains from being masqueraded, you can use 1520 1521 MASQUERADE_EXCEPTION(`host.domain') 1522 1523 This can come handy if you want to masquerade a whole domain 1524 except for one (or a few) host(s). If these names are in a file, 1525 you can use 1526 1527 MASQUERADE_EXCEPTION_FILE(`filename') 1528 1529 Normally only header addresses are masqueraded. If you want to 1530 masquerade the envelope as well, use 1531 1532 FEATURE(`masquerade_envelope') 1533 1534 There are always users that need to be "exposed" -- that is, their 1535 internal site name should be displayed instead of the masquerade name. 1536 Root is an example (which has been "exposed" by default prior to 8.10). 1537 You can add users to this list using 1538 1539 EXPOSED_USER(`usernames') 1540 1541 This adds users to class {E}; you could also use 1542 1543 EXPOSED_USER_FILE(`filename') 1544 1545 You can also arrange to relay all unqualified names (that is, names 1546 without @host) to a relay host. For example, if you have a central 1547 email server, you might relay to that host so that users don't have 1548 to have .forward files or aliases. You can do this using 1549 1550 define(`LOCAL_RELAY', `mailer:hostname') 1551 1552 The ``mailer:'' can be omitted, in which case the mailer defaults to 1553 "relay". There are some user names that you don't want relayed, perhaps 1554 because of local aliases. A common example is root, which may be 1555 locally aliased. You can add entries to this list using 1556 1557 LOCAL_USER(`usernames') 1558 1559 This adds users to class {L}; you could also use 1560 1561 LOCAL_USER_FILE(`filename') 1562 1563 If you want all incoming mail sent to a centralized hub, as for a 1564 shared /var/spool/mail scheme, use 1565 1566 define(`MAIL_HUB', `mailer:hostname') 1567 1568 Again, ``mailer:'' defaults to "relay". If you define both LOCAL_RELAY 1569 and MAIL_HUB _AND_ you have FEATURE(`stickyhost'), unqualified names will 1570 be sent to the LOCAL_RELAY and other local names will be sent to MAIL_HUB. 1571 Note: there is a (long standing) bug which keeps this combination from 1572 working for addresses of the form user+detail. 1573 Names in class {L} will be delivered locally, so you MUST have aliases or 1574 .forward files for them. 1575 1576 For example, if you are on machine mastodon.CS.Berkeley.EDU and you have 1577 FEATURE(`stickyhost'), the following combinations of settings will have the 1578 indicated effects: 1579 1580 email sent to.... eric eric@mastodon.CS.Berkeley.EDU 1581 1582 LOCAL_RELAY set to mail.CS.Berkeley.EDU (delivered locally) 1583 mail.CS.Berkeley.EDU (no local aliasing) (aliasing done) 1584 1585 MAIL_HUB set to mammoth.CS.Berkeley.EDU mammoth.CS.Berkeley.EDU 1586 mammoth.CS.Berkeley.EDU (aliasing done) (aliasing done) 1587 1588 Both LOCAL_RELAY and mail.CS.Berkeley.EDU mammoth.CS.Berkeley.EDU 1589 MAIL_HUB set as above (no local aliasing) (aliasing done) 1590 1591 If you do not have FEATURE(`stickyhost') set, then LOCAL_RELAY and 1592 MAIL_HUB act identically, with MAIL_HUB taking precedence. 1593 1594 If you want all outgoing mail to go to a central relay site, define 1595 SMART_HOST as well. Briefly: 1596 1597 LOCAL_RELAY applies to unqualified names (e.g., "eric"). 1598 MAIL_HUB applies to names qualified with the name of the 1599 local host (e.g., "eric@mastodon.CS.Berkeley.EDU"). 1600 SMART_HOST applies to names qualified with other hosts or 1601 bracketed addresses (e.g., "eric@mastodon.CS.Berkeley.EDU" 1602 or "eric@[127.0.0.1]"). 1603 1604 However, beware that other relays (e.g., UUCP_RELAY, BITNET_RELAY, 1605 DECNET_RELAY, and FAX_RELAY) take precedence over SMART_HOST, so if you 1606 really want absolutely everything to go to a single central site you will 1607 need to unset all the other relays -- or better yet, find or build a 1608 minimal config file that does this. 1609 1610 For duplicate suppression to work properly, the host name is best 1611 specified with a terminal dot: 1612 1613 define(`MAIL_HUB', `host.domain.') 1614 note the trailing dot ---^ 1615 1616 1617 +-------------------------------------------+ 1618 | USING LDAP FOR ALIASES, MAPS, AND CLASSES | 1619 +-------------------------------------------+ 1620 1621 LDAP can be used for aliases, maps, and classes by either specifying your 1622 own LDAP map specification or using the built-in default LDAP map 1623 specification. The built-in default specifications all provide lookups 1624 which match against either the machine's fully qualified hostname (${j}) or 1625 a "cluster". The cluster allows you to share LDAP entries among a large 1626 number of machines without having to enter each of the machine names into 1627 each LDAP entry. To set the LDAP cluster name to use for a particular 1628 machine or set of machines, set the confLDAP_CLUSTER m4 variable to a 1629 unique name. For example: 1630 1631 define(`confLDAP_CLUSTER', `Servers') 1632 1633 Here, the word `Servers' will be the cluster name. As an example, assume 1634 that smtp.sendmail.org, etrn.sendmail.org, and mx.sendmail.org all belong 1635 to the Servers cluster. 1636 1637 Some of the LDAP LDIF examples below show use of the Servers cluster. 1638 Every entry must have either a sendmailMTAHost or sendmailMTACluster 1639 attribute or it will be ignored. Be careful as mixing clusters and 1640 individual host records can have surprising results (see the CAUTION 1641 sections below). 1642 1643 See the file cf/sendmail.schema for the actual LDAP schemas. Note that 1644 this schema (and therefore the lookups and examples below) is experimental 1645 at this point as it has had little public review. Therefore, it may change 1646 in future versions. Feedback via sendmail-YYYY@support.sendmail.org is 1647 encouraged (replace YYYY with the current year, e.g., 2005). 1648 1649 ------- 1650 Aliases 1651 ------- 1652 1653 The ALIAS_FILE (O AliasFile) option can be set to use LDAP for alias 1654 lookups. To use the default schema, simply use: 1655 1656 define(`ALIAS_FILE', `ldap:') 1657 1658 By doing so, you will use the default schema which expands to a map 1659 declared as follows: 1660 1661 ldap -k (&(objectClass=sendmailMTAAliasObject) 1662 (sendmailMTAAliasGrouping=aliases) 1663 (|(sendmailMTACluster=${sendmailMTACluster}) 1664 (sendmailMTAHost=$j)) 1665 (sendmailMTAKey=%0)) 1666 -v sendmailMTAAliasValue,sendmailMTAAliasSearch:FILTER:sendmailMTAAliasObject,sendmailMTAAliasURL:URL:sendmailMTAAliasObject 1667 1668 1669 NOTE: The macros shown above ${sendmailMTACluster} and $j are not actually 1670 used when the binary expands the `ldap:' token as the AliasFile option is 1671 not actually macro-expanded when read from the sendmail.cf file. 1672 1673 Example LDAP LDIF entries might be: 1674 1675 dn: sendmailMTAKey=sendmail-list, dc=sendmail, dc=org 1676 objectClass: sendmailMTA 1677 objectClass: sendmailMTAAlias 1678 objectClass: sendmailMTAAliasObject 1679 sendmailMTAAliasGrouping: aliases 1680 sendmailMTAHost: etrn.sendmail.org 1681 sendmailMTAKey: sendmail-list 1682 sendmailMTAAliasValue: ca@example.org 1683 sendmailMTAAliasValue: eric 1684 sendmailMTAAliasValue: gshapiro@example.com 1685 1686 dn: sendmailMTAKey=owner-sendmail-list, dc=sendmail, dc=org 1687 objectClass: sendmailMTA 1688 objectClass: sendmailMTAAlias 1689 objectClass: sendmailMTAAliasObject 1690 sendmailMTAAliasGrouping: aliases 1691 sendmailMTAHost: etrn.sendmail.org 1692 sendmailMTAKey: owner-sendmail-list 1693 sendmailMTAAliasValue: eric 1694 1695 dn: sendmailMTAKey=postmaster, dc=sendmail, dc=org 1696 objectClass: sendmailMTA 1697 objectClass: sendmailMTAAlias 1698 objectClass: sendmailMTAAliasObject 1699 sendmailMTAAliasGrouping: aliases 1700 sendmailMTACluster: Servers 1701 sendmailMTAKey: postmaster 1702 sendmailMTAAliasValue: eric 1703 1704 Here, the aliases sendmail-list and owner-sendmail-list will be available 1705 only on etrn.sendmail.org but the postmaster alias will be available on 1706 every machine in the Servers cluster (including etrn.sendmail.org). 1707 1708 CAUTION: aliases are additive so that entries like these: 1709 1710 dn: sendmailMTAKey=bob, dc=sendmail, dc=org 1711 objectClass: sendmailMTA 1712 objectClass: sendmailMTAAlias 1713 objectClass: sendmailMTAAliasObject 1714 sendmailMTAAliasGrouping: aliases 1715 sendmailMTACluster: Servers 1716 sendmailMTAKey: bob 1717 sendmailMTAAliasValue: eric 1718 1719 dn: sendmailMTAKey=bobetrn, dc=sendmail, dc=org 1720 objectClass: sendmailMTA 1721 objectClass: sendmailMTAAlias 1722 objectClass: sendmailMTAAliasObject 1723 sendmailMTAAliasGrouping: aliases 1724 sendmailMTAHost: etrn.sendmail.org 1725 sendmailMTAKey: bob 1726 sendmailMTAAliasValue: gshapiro 1727 1728 would mean that on all of the hosts in the cluster, mail to bob would go to 1729 eric EXCEPT on etrn.sendmail.org in which case it would go to BOTH eric and 1730 gshapiro. 1731 1732 If you prefer not to use the default LDAP schema for your aliases, you can 1733 specify the map parameters when setting ALIAS_FILE. For example: 1734 1735 define(`ALIAS_FILE', `ldap:-k (&(objectClass=mailGroup)(mail=%0)) -v mgrpRFC822MailMember') 1736 1737 ---- 1738 Maps 1739 ---- 1740 1741 FEATURE()'s which take an optional map definition argument (e.g., access, 1742 mailertable, virtusertable, etc.) can instead take the special keyword 1743 `LDAP', e.g.: 1744 1745 FEATURE(`access_db', `LDAP') 1746 FEATURE(`virtusertable', `LDAP') 1747 1748 When this keyword is given, that map will use LDAP lookups consisting of 1749 the objectClass sendmailMTAClassObject, the attribute sendmailMTAMapName 1750 with the map name, a search attribute of sendmailMTAKey, and the value 1751 attribute sendmailMTAMapValue. 1752 1753 The values for sendmailMTAMapName are: 1754 1755 FEATURE() sendmailMTAMapName 1756 --------- ------------------ 1757 access_db access 1758 authinfo authinfo 1759 bitdomain bitdomain 1760 domaintable domain 1761 genericstable generics 1762 mailertable mailer 1763 uucpdomain uucpdomain 1764 virtusertable virtuser 1765 1766 For example, FEATURE(`mailertable', `LDAP') would use the map definition: 1767 1768 Kmailertable ldap -k (&(objectClass=sendmailMTAMapObject) 1769 (sendmailMTAMapName=mailer) 1770 (|(sendmailMTACluster=${sendmailMTACluster}) 1771 (sendmailMTAHost=$j)) 1772 (sendmailMTAKey=%0)) 1773 -1 -v sendmailMTAMapValue,sendmailMTAMapSearch:FILTER:sendmailMTAMapObject,sendmailMTAMapURL:URL:sendmailMTAMapObject 1774 1775 An example LDAP LDIF entry using this map might be: 1776 1777 dn: sendmailMTAMapName=mailer, dc=sendmail, dc=org 1778 objectClass: sendmailMTA 1779 objectClass: sendmailMTAMap 1780 sendmailMTACluster: Servers 1781 sendmailMTAMapName: mailer 1782 1783 dn: sendmailMTAKey=example.com, sendmailMTAMapName=mailer, dc=sendmail, dc=org 1784 objectClass: sendmailMTA 1785 objectClass: sendmailMTAMap 1786 objectClass: sendmailMTAMapObject 1787 sendmailMTAMapName: mailer 1788 sendmailMTACluster: Servers 1789 sendmailMTAKey: example.com 1790 sendmailMTAMapValue: relay:[smtp.example.com] 1791 1792 CAUTION: If your LDAP database contains the record above and *ALSO* a host 1793 specific record such as: 1794 1795 dn: sendmailMTAKey=example.com@etrn, sendmailMTAMapName=mailer, dc=sendmail, dc=org 1796 objectClass: sendmailMTA 1797 objectClass: sendmailMTAMap 1798 objectClass: sendmailMTAMapObject 1799 sendmailMTAMapName: mailer 1800 sendmailMTAHost: etrn.sendmail.org 1801 sendmailMTAKey: example.com 1802 sendmailMTAMapValue: relay:[mx.example.com] 1803 1804 then these entries will give unexpected results. When the lookup is done 1805 on etrn.sendmail.org, the effect is that there is *NO* match at all as maps 1806 require a single match. Since the host etrn.sendmail.org is also in the 1807 Servers cluster, LDAP would return two answers for the example.com map key 1808 in which case sendmail would treat this as no match at all. 1809 1810 If you prefer not to use the default LDAP schema for your maps, you can 1811 specify the map parameters when using the FEATURE(). For example: 1812 1813 FEATURE(`access_db', `ldap:-1 -k (&(objectClass=mapDatabase)(key=%0)) -v value') 1814 1815 ------- 1816 Classes 1817 ------- 1818 1819 Normally, classes can be filled via files or programs. As of 8.12, they 1820 can also be filled via map lookups using a new syntax: 1821 1822 F{ClassName}mapkey@mapclass:mapspec 1823 1824 mapkey is optional and if not provided the map key will be empty. This can 1825 be used with LDAP to read classes from LDAP. Note that the lookup is only 1826 done when sendmail is initially started. Use the special value `@LDAP' to 1827 use the default LDAP schema. For example: 1828 1829 RELAY_DOMAIN_FILE(`@LDAP') 1830 1831 would put all of the attribute sendmailMTAClassValue values of LDAP records 1832 with objectClass sendmailMTAClass and an attribute sendmailMTAClassName of 1833 'R' into class $={R}. In other words, it is equivalent to the LDAP map 1834 specification: 1835 1836 F{R}@ldap:-k (&(objectClass=sendmailMTAClass) 1837 (sendmailMTAClassName=R) 1838 (|(sendmailMTACluster=${sendmailMTACluster}) 1839 (sendmailMTAHost=$j))) 1840 -v sendmailMTAClassValue,sendmailMTAClassSearch:FILTER:sendmailMTAClass,sendmailMTAClassURL:URL:sendmailMTAClass 1841 1842 NOTE: The macros shown above ${sendmailMTACluster} and $j are not actually 1843 used when the binary expands the `@LDAP' token as class declarations are 1844 not actually macro-expanded when read from the sendmail.cf file. 1845 1846 This can be used with class related commands such as RELAY_DOMAIN_FILE(), 1847 MASQUERADE_DOMAIN_FILE(), etc: 1848 1849 Command sendmailMTAClassName 1850 ------- -------------------- 1851 CANONIFY_DOMAIN_FILE() Canonify 1852 EXPOSED_USER_FILE() E 1853 GENERICS_DOMAIN_FILE() G 1854 LDAPROUTE_DOMAIN_FILE() LDAPRoute 1855 LDAPROUTE_EQUIVALENT_FILE() LDAPRouteEquiv 1856 LOCAL_USER_FILE() L 1857 MASQUERADE_DOMAIN_FILE() M 1858 MASQUERADE_EXCEPTION_FILE() N 1859 RELAY_DOMAIN_FILE() R 1860 VIRTUSER_DOMAIN_FILE() VirtHost 1861 1862 You can also add your own as any 'F'ile class of the form: 1863 1864 F{ClassName}@LDAP 1865 ^^^^^^^^^ 1866 will use "ClassName" for the sendmailMTAClassName. 1867 1868 An example LDAP LDIF entry would look like: 1869 1870 dn: sendmailMTAClassName=R, dc=sendmail, dc=org 1871 objectClass: sendmailMTA 1872 objectClass: sendmailMTAClass 1873 sendmailMTACluster: Servers 1874 sendmailMTAClassName: R 1875 sendmailMTAClassValue: sendmail.org 1876 sendmailMTAClassValue: example.com 1877 sendmailMTAClassValue: 10.56.23 1878 1879 CAUTION: If your LDAP database contains the record above and *ALSO* a host 1880 specific record such as: 1881 1882 dn: sendmailMTAClassName=R@etrn.sendmail.org, dc=sendmail, dc=org 1883 objectClass: sendmailMTA 1884 objectClass: sendmailMTAClass 1885 sendmailMTAHost: etrn.sendmail.org 1886 sendmailMTAClassName: R 1887 sendmailMTAClassValue: example.com 1888 1889 the result will be similar to the aliases caution above. When the lookup 1890 is done on etrn.sendmail.org, $={R} would contain all of the entries (from 1891 both the cluster match and the host match). In other words, the effective 1892 is additive. 1893 1894 If you prefer not to use the default LDAP schema for your classes, you can 1895 specify the map parameters when using the class command. For example: 1896 1897 VIRTUSER_DOMAIN_FILE(`@ldap:-k (&(objectClass=virtHosts)(host=*)) -v host') 1898 1899 Remember, macros can not be used in a class declaration as the binary does 1900 not expand them. 1901 1902 1903 +--------------+ 1904 | LDAP ROUTING | 1905 +--------------+ 1906 1907 FEATURE(`ldap_routing') can be used to implement the IETF Internet Draft 1908 LDAP Schema for Intranet Mail Routing 1909 (draft-lachman-laser-ldap-mail-routing-01). This feature enables 1910 LDAP-based rerouting of a particular address to either a different host 1911 or a different address. The LDAP lookup is first attempted on the full 1912 address (e.g., user@example.com) and then on the domain portion 1913 (e.g., @example.com). Be sure to setup your domain for LDAP routing using 1914 LDAPROUTE_DOMAIN(), e.g.: 1915 1916 LDAPROUTE_DOMAIN(`example.com') 1917 1918 Additionally, you can specify equivalent domains for LDAP routing using 1919 LDAPROUTE_EQUIVALENT() and LDAPROUTE_EQUIVALENT_FILE(). 'Equivalent' 1920 hostnames are mapped to $M (the masqueraded hostname for the server) before 1921 the LDAP query. For example, if the mail is addressed to 1922 user@host1.example.com, normally the LDAP lookup would only be done for 1923 'user@host1.example.com' and '@host1.example.com'. However, if 1924 LDAPROUTE_EQUIVALENT(`host1.example.com') is used, the lookups would also be 1925 done on 'user@example.com' and '@example.com' after attempting the 1926 host1.example.com lookups. 1927 1928 By default, the feature will use the schemas as specified in the draft 1929 and will not reject addresses not found by the LDAP lookup. However, 1930 this behavior can be changed by giving additional arguments to the FEATURE() 1931 command: 1932 1933 FEATURE(`ldap_routing', <mailHost>, <mailRoutingAddress>, <bounce>, 1934 <detail>, <nodomain>, <tempfail>) 1935 1936 where <mailHost> is a map definition describing how to lookup an alternative 1937 mail host for a particular address; <mailRoutingAddress> is a map definition 1938 describing how to lookup an alternative address for a particular address; 1939 the <bounce> argument, if present and not the word "passthru", dictates 1940 that mail should be bounced if neither a mailHost nor mailRoutingAddress 1941 is found, if set to "sendertoo", the sender will be rejected if not 1942 found in LDAP; and <detail> indicates what actions to take if the address 1943 contains +detail information -- `strip' tries the lookup with the +detail 1944 and if no matches are found, strips the +detail and tries the lookup again; 1945 `preserve', does the same as `strip' but if a mailRoutingAddress match is 1946 found, the +detail information is copied to the new address; the <nodomain> 1947 argument, if present, will prevent the @domain lookup if the full 1948 address is not found in LDAP; the <tempfail> argument, if set to 1949 "tempfail", instructs the rules to give an SMTP 4XX temporary 1950 error if the LDAP server gives the MTA a temporary failure, or if set to 1951 "queue" (the default), the MTA will locally queue the mail. 1952 1953 The default <mailHost> map definition is: 1954 1955 ldap -1 -T<TMPF> -v mailHost -k (&(objectClass=inetLocalMailRecipient) 1956 (mailLocalAddress=%0)) 1957 1958 The default <mailRoutingAddress> map definition is: 1959 1960 ldap -1 -T<TMPF> -v mailRoutingAddress 1961 -k (&(objectClass=inetLocalMailRecipient) 1962 (mailLocalAddress=%0)) 1963 1964 Note that neither includes the LDAP server hostname (-h server) or base DN 1965 (-b o=org,c=COUNTRY), both necessary for LDAP queries. It is presumed that 1966 your .mc file contains a setting for the confLDAP_DEFAULT_SPEC option with 1967 these settings. If this is not the case, the map definitions should be 1968 changed as described above. The "-T<TMPF>" is required in any user 1969 specified map definition to catch temporary errors. 1970 1971 The following possibilities exist as a result of an LDAP lookup on an 1972 address: 1973 1974 mailHost is mailRoutingAddress is Results in 1975 ----------- --------------------- ---------- 1976 set to a set mail delivered to 1977 "local" host mailRoutingAddress 1978 1979 set to a not set delivered to 1980 "local" host original address 1981 1982 set to a set mailRoutingAddress 1983 remote host relayed to mailHost 1984 1985 set to a not set original address 1986 remote host relayed to mailHost 1987 1988 not set set mail delivered to 1989 mailRoutingAddress 1990 1991 not set not set delivered to 1992 original address *OR* 1993 bounced as unknown user 1994 1995 The term "local" host above means the host specified is in class {w}. If 1996 the result would mean sending the mail to a different host, that host is 1997 looked up in the mailertable before delivery. 1998 1999 Note that the last case depends on whether the third argument is given 2000 to the FEATURE() command. The default is to deliver the message to the 2001 original address. 2002 2003 The LDAP entries should be set up with an objectClass of 2004 inetLocalMailRecipient and the address be listed in a mailLocalAddress 2005 attribute. If present, there must be only one mailHost attribute and it 2006 must contain a fully qualified host name as its value. Similarly, if 2007 present, there must be only one mailRoutingAddress attribute and it must 2008 contain an RFC 822 compliant address. Some example LDAP records (in LDIF 2009 format): 2010 2011 dn: uid=tom, o=example.com, c=US 2012 objectClass: inetLocalMailRecipient 2013 mailLocalAddress: tom@example.com 2014 mailRoutingAddress: thomas@mailhost.example.com 2015 2016 This would deliver mail for tom@example.com to thomas@mailhost.example.com. 2017 2018 dn: uid=dick, o=example.com, c=US 2019 objectClass: inetLocalMailRecipient 2020 mailLocalAddress: dick@example.com 2021 mailHost: eng.example.com 2022 2023 This would relay mail for dick@example.com to the same address but redirect 2024 the mail to MX records listed for the host eng.example.com (unless the 2025 mailertable overrides). 2026 2027 dn: uid=harry, o=example.com, c=US 2028 objectClass: inetLocalMailRecipient 2029 mailLocalAddress: harry@example.com 2030 mailHost: mktmail.example.com 2031 mailRoutingAddress: harry@mkt.example.com 2032 2033 This would relay mail for harry@example.com to the MX records listed for 2034 the host mktmail.example.com using the new address harry@mkt.example.com 2035 when talking to that host. 2036 2037 dn: uid=virtual.example.com, o=example.com, c=US 2038 objectClass: inetLocalMailRecipient 2039 mailLocalAddress: @virtual.example.com 2040 mailHost: server.example.com 2041 mailRoutingAddress: virtual@example.com 2042 2043 This would send all mail destined for any username @virtual.example.com to 2044 the machine server.example.com's MX servers and deliver to the address 2045 virtual@example.com on that relay machine. 2046 2047 2048 +---------------------------------+ 2049 | ANTI-SPAM CONFIGURATION CONTROL | 2050 +---------------------------------+ 2051 2052 The primary anti-spam features available in sendmail are: 2053 2054 * Relaying is denied by default. 2055 * Better checking on sender information. 2056 * Access database. 2057 * Header checks. 2058 2059 Relaying (transmission of messages from a site outside your host (class 2060 {w}) to another site except yours) is denied by default. Note that this 2061 changed in sendmail 8.9; previous versions allowed relaying by default. 2062 If you really want to revert to the old behaviour, you will need to use 2063 FEATURE(`promiscuous_relay'). You can allow certain domains to relay 2064 through your server by adding their domain name or IP address to class 2065 {R} using RELAY_DOMAIN() and RELAY_DOMAIN_FILE() or via the access database 2066 (described below). Note that IPv6 addresses must be prefaced with "IPv6:". 2067 The file consists (like any other file based class) of entries listed on 2068 separate lines, e.g., 2069 2070 sendmail.org 2071 128.32 2072 IPv6:2002:c0a8:02c7 2073 IPv6:2002:c0a8:51d2::23f4 2074 host.mydomain.com 2075 [UNIX:localhost] 2076 2077 Notice: the last entry allows relaying for connections via a UNIX 2078 socket to the MTA/MSP. This might be necessary if your configuration 2079 doesn't allow relaying by other means in that case, e.g., by having 2080 localhost.$m in class {R} (make sure $m is not just a top level 2081 domain). 2082 2083 If you use 2084 2085 FEATURE(`relay_entire_domain') 2086 2087 then any host in any of your local domains (that is, class {m}) 2088 will be relayed (that is, you will accept mail either to or from any 2089 host in your domain). 2090 2091 You can also allow relaying based on the MX records of the host 2092 portion of an incoming recipient address by using 2093 2094 FEATURE(`relay_based_on_MX') 2095 2096 For example, if your server receives a recipient of user@domain.com 2097 and domain.com lists your server in its MX records, the mail will be 2098 accepted for relay to domain.com. This feature may cause problems 2099 if MX lookups for the recipient domain are slow or time out. In that 2100 case, mail will be temporarily rejected. It is usually better to 2101 maintain a list of hosts/domains for which the server acts as relay. 2102 Note also that this feature will stop spammers from using your host 2103 to relay spam but it will not stop outsiders from using your server 2104 as a relay for their site (that is, they set up an MX record pointing 2105 to your mail server, and you will relay mail addressed to them 2106 without any prior arrangement). Along the same lines, 2107 2108 FEATURE(`relay_local_from') 2109 2110 will allow relaying if the sender specifies a return path (i.e. 2111 MAIL FROM:<user@domain>) domain which is a local domain. This is a 2112 dangerous feature as it will allow spammers to spam using your mail 2113 server by simply specifying a return address of user@your.domain.com. 2114 It should not be used unless absolutely necessary. 2115 A slightly better solution is 2116 2117 FEATURE(`relay_mail_from') 2118 2119 which allows relaying if the mail sender is listed as RELAY in the 2120 access map. If an optional argument `domain' (this is the literal 2121 word `domain', not a placeholder) is given, the domain portion of 2122 the mail sender is also checked to allowing relaying. This option 2123 only works together with the tag From: for the LHS of the access 2124 map entries. This feature allows spammers to abuse your mail server 2125 by specifying a return address that you enabled in your access file. 2126 This may be harder to figure out for spammers, but it should not 2127 be used unless necessary. Instead use STARTTLS to 2128 allow relaying for roaming users. 2129 2130 2131 If source routing is used in the recipient address (e.g., 2132 RCPT TO:<user%site.com@othersite.com>), sendmail will check 2133 user@site.com for relaying if othersite.com is an allowed relay host 2134 in either class {R}, class {m} if FEATURE(`relay_entire_domain') is used, 2135 or the access database if FEATURE(`access_db') is used. To prevent 2136 the address from being stripped down, use: 2137 2138 FEATURE(`loose_relay_check') 2139 2140 If you think you need to use this feature, you probably do not. This 2141 should only be used for sites which have no control over the addresses 2142 that they provide a gateway for. Use this FEATURE with caution as it 2143 can allow spammers to relay through your server if not setup properly. 2144 2145 NOTICE: It is possible to relay mail through a system which the anti-relay 2146 rules do not prevent: the case of a system that does use FEATURE(`nouucp', 2147 `nospecial') (system A) and relays local messages to a mail hub (e.g., via 2148 LOCAL_RELAY or LUSER_RELAY) (system B). If system B doesn't use 2149 FEATURE(`nouucp') at all, addresses of the form 2150 <example.net!user@local.host> would be relayed to <user@example.net>. 2151 System A doesn't recognize `!' as an address separator and therefore 2152 forwards it to the mail hub which in turns relays it because it came from 2153 a trusted local host. So if a mailserver allows UUCP (bang-format) 2154 addresses, all systems from which it allows relaying should do the same 2155 or reject those addresses. 2156 2157 As of 8.9, sendmail will refuse mail if the MAIL FROM: parameter has 2158 an unresolvable domain (i.e., one that DNS, your local name service, 2159 or special case rules in ruleset 3 cannot locate). This also applies 2160 to addresses that use domain literals, e.g., <user@[1.2.3.4]>, if the 2161 IP address can't be mapped to a host name. If you want to continue 2162 to accept such domains, e.g., because you are inside a firewall that 2163 has only a limited view of the Internet host name space (note that you 2164 will not be able to return mail to them unless you have some "smart 2165 host" forwarder), use 2166 2167 FEATURE(`accept_unresolvable_domains') 2168 2169 Alternatively, you can allow specific addresses by adding them to 2170 the access map, e.g., 2171 2172 From:unresolvable.domain OK 2173 From:[1.2.3.4] OK 2174 From:[1.2.4] OK 2175 2176 Notice: domains which are temporarily unresolvable are (temporarily) 2177 rejected with a 451 reply code. If those domains should be accepted 2178 (which is discouraged) then you can use 2179 2180 LOCAL_CONFIG 2181 C{ResOk}TEMP 2182 2183 sendmail will also refuse mail if the MAIL FROM: parameter is not 2184 fully qualified (i.e., contains a domain as well as a user). If you 2185 want to continue to accept such senders, use 2186 2187 FEATURE(`accept_unqualified_senders') 2188 2189 Setting the DaemonPortOptions modifier 'u' overrides the default behavior, 2190 i.e., unqualified addresses are accepted even without this FEATURE. If 2191 this FEATURE is not used, the DaemonPortOptions modifier 'f' can be used 2192 to enforce fully qualified domain names. 2193 2194 An ``access'' database can be created to accept or reject mail from 2195 selected domains. For example, you may choose to reject all mail 2196 originating from known spammers. To enable such a database, use 2197 2198 FEATURE(`access_db') 2199 2200 Notice: the access database is applied to the envelope addresses 2201 and the connection information, not to the header. 2202 2203 The FEATURE macro can accept as second parameter the key file 2204 definition for the database; for example 2205 2206 FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access_map') 2207 2208 Notice: If a second argument is specified it must contain the option 2209 `-T<TMPF>' as shown above. The optional third and fourth parameters 2210 may be `skip' or `lookupdotdomain'. The former enables SKIP as 2211 value part (see below), the latter is another way to enable the 2212 feature of the same name (see above). 2213 2214 Remember, since /etc/mail/access is a database, after creating the text 2215 file as described below, you must use makemap to create the database 2216 map. For example: 2217 2218 makemap hash /etc/mail/access < /etc/mail/access 2219 2220 The table itself uses e-mail addresses, domain names, and network 2221 numbers as keys. Note that IPv6 addresses must be prefaced with "IPv6:". 2222 For example, 2223 2224 From:spammer@aol.com REJECT 2225 From:cyberspammer.com REJECT 2226 Connect:cyberspammer.com REJECT 2227 Connect:TLD REJECT 2228 Connect:192.168.212 REJECT 2229 Connect:IPv6:2002:c0a8:02c7 RELAY 2230 Connect:IPv6:2002:c0a8:51d2::23f4 REJECT 2231 2232 would refuse mail from spammer@aol.com, any user from cyberspammer.com 2233 (or any host within the cyberspammer.com domain), any host in the entire 2234 top level domain TLD, 192.168.212.* network, and the IPv6 address 2235 2002:c0a8:51d2::23f4. It would allow relay for the IPv6 network 2236 2002:c0a8:02c7::/48. 2237 2238 Entries in the access map should be tagged according to their type. 2239 Three tags are available: 2240 2241 Connect: connection information (${client_addr}, ${client_name}) 2242 From: envelope sender 2243 To: envelope recipient 2244 2245 Notice: untagged entries are deprecated. 2246 2247 If the required item is looked up in a map, it will be tried first 2248 with the corresponding tag in front, then (as fallback to enable 2249 backward compatibility) without any tag, unless the specific feature 2250 requires a tag. For example, 2251 2252 From:spammer@some.dom REJECT 2253 To:friend.domain RELAY 2254 Connect:friend.domain OK 2255 Connect:from.domain RELAY 2256 From:good@another.dom OK 2257 From:another.dom REJECT 2258 2259 This would deny mails from spammer@some.dom but you could still 2260 send mail to that address even if FEATURE(`blacklist_recipients') 2261 is enabled. Your system will allow relaying to friend.domain, but 2262 not from it (unless enabled by other means). Connections from that 2263 domain will be allowed even if it ends up in one of the DNS based 2264 rejection lists. Relaying is enabled from from.domain but not to 2265 it (since relaying is based on the connection information for 2266 outgoing relaying, the tag Connect: must be used; for incoming 2267 relaying, which is based on the recipient address, To: must be 2268 used). The last two entries allow mails from good@another.dom but 2269 reject mail from all other addresses with another.dom as domain 2270 part. 2271 2272 2273 The value part of the map can contain: 2274 2275 OK Accept mail even if other rules in the running 2276 ruleset would reject it, for example, if the domain 2277 name is unresolvable. "Accept" does not mean 2278 "relay", but at most acceptance for local 2279 recipients. That is, OK allows less than RELAY. 2280 RELAY Accept mail addressed to the indicated domain or 2281 received from the indicated domain for relaying 2282 through your SMTP server. RELAY also serves as 2283 an implicit OK for the other checks. 2284 REJECT Reject the sender or recipient with a general 2285 purpose message. 2286 DISCARD Discard the message completely using the 2287 $#discard mailer. If it is used in check_compat, 2288 it affects only the designated recipient, not 2289 the whole message as it does in all other cases. 2290 This should only be used if really necessary. 2291 SKIP This can only be used for host/domain names 2292 and IP addresses/nets. It will abort the current 2293 search for this entry without accepting or rejecting 2294 it but causing the default action. 2295 ### any text where ### is an RFC 821 compliant error code and 2296 "any text" is a message to return for the command. 2297 The entire string should be quoted to avoid 2298 surprises: 2299 2300 "### any text" 2301 2302 Otherwise sendmail formats the text as email 2303 addresses, e.g., it may remove spaces. 2304 This type is deprecated, use one of the two 2305 ERROR: entries below instead. 2306 ERROR:### any text 2307 as above, but useful to mark error messages as such. 2308 If quotes need to be used to avoid modifications 2309 (see above), they should be placed like this: 2310 2311 ERROR:"### any text" 2312 2313 ERROR:D.S.N:### any text 2314 where D.S.N is an RFC 1893 compliant error code 2315 and the rest as above. If quotes need to be used 2316 to avoid modifications, they should be placed 2317 like this: 2318 2319 ERROR:D.S.N:"### any text" 2320 2321 QUARANTINE:any text 2322 Quarantine the message using the given text as the 2323 quarantining reason. 2324 2325 For example: 2326 2327 From:cyberspammer.com ERROR:"550 We don't accept mail from spammers" 2328 From:okay.cyberspammer.com OK 2329 Connect:sendmail.org RELAY 2330 To:sendmail.org RELAY 2331 Connect:128.32 RELAY 2332 Connect:128.32.2 SKIP 2333 Connect:IPv6:1:2:3:4:5:6:7 RELAY 2334 Connect:suspicious.example.com QUARANTINE:Mail from suspicious host 2335 Connect:[127.0.0.3] OK 2336 Connect:[IPv6:1:2:3:4:5:6:7:8] OK 2337 2338 would accept mail from okay.cyberspammer.com, but would reject mail 2339 from all other hosts at cyberspammer.com with the indicated message. 2340 It would allow relaying mail from and to any hosts in the sendmail.org 2341 domain, and allow relaying from the IPv6 1:2:3:4:5:6:7:* network 2342 and from the 128.32.*.* network except for the 128.32.2.* network, 2343 which shows how SKIP is useful to exempt subnets/subdomains. The 2344 last two entries are for checks against ${client_name} if the IP 2345 address doesn't resolve to a hostname (or is considered as "may be 2346 forged"). That is, using square brackets means these are host 2347 names, not network numbers. 2348 2349 Warning: if you change the RFC 821 compliant error code from the default 2350 value of 550, then you should probably also change the RFC 1893 compliant 2351 error code to match it. For example, if you use 2352 2353 To:user@example.com ERROR:450 mailbox full 2354 2355 the error returned would be "450 5.0.0 mailbox full" which is wrong. 2356 Use "ERROR:4.2.2:450 mailbox full" instead. 2357 2358 Note, UUCP users may need to add hostname.UUCP to the access database 2359 or class {R}. 2360 2361 If you also use: 2362 2363 FEATURE(`relay_hosts_only') 2364 2365 then the above example will allow relaying for sendmail.org, but not 2366 hosts within the sendmail.org domain. Note that this will also require 2367 hosts listed in class {R} to be fully qualified host names. 2368 2369 You can also use the access database to block sender addresses based on 2370 the username portion of the address. For example: 2371 2372 From:FREE.STEALTH.MAILER@ ERROR:550 Spam not accepted 2373 2374 Note that you must include the @ after the username to signify that 2375 this database entry is for checking only the username portion of the 2376 sender address. 2377 2378 If you use: 2379 2380 FEATURE(`blacklist_recipients') 2381 2382 then you can add entries to the map for local users, hosts in your 2383 domains, or addresses in your domain which should not receive mail: 2384 2385 To:badlocaluser@ ERROR:550 Mailbox disabled for badlocaluser 2386 To:host.my.TLD ERROR:550 That host does not accept mail 2387 To:user@other.my.TLD ERROR:550 Mailbox disabled for this recipient 2388 2389 This would prevent a recipient of badlocaluser in any of the local 2390 domains (class {w}), any user at host.my.TLD, and the single address 2391 user@other.my.TLD from receiving mail. Please note: a local username 2392 must be now tagged with an @ (this is consistent with the check of 2393 the sender address, and hence it is possible to distinguish between 2394 hostnames and usernames). Enabling this feature will keep you from 2395 sending mails to all addresses that have an error message or REJECT 2396 as value part in the access map. Taking the example from above: 2397 2398 spammer@aol.com REJECT 2399 cyberspammer.com REJECT 2400 2401 Mail can't be sent to spammer@aol.com or anyone at cyberspammer.com. 2402 That's why tagged entries should be used. 2403 2404 There are several DNS based blacklists which can be found by 2405 querying a search engine. These are databases of spammers 2406 maintained in DNS. To use such a database, specify 2407 2408 FEATURE(`dnsbl', `dnsbl.example.com') 2409 2410 This will cause sendmail to reject mail from any site listed in the 2411 DNS based blacklist. You must select an DNSB based blacklist domain 2412 to check by specifying an argument to the FEATURE. The default 2413 error message is 2414 2415 Rejected: IP-ADDRESS listed at SERVER 2416 2417 where IP-ADDRESS and SERVER are replaced by the appropriate 2418 information. A second argument can be used to specify a different 2419 text. By default, temporary lookup failures are ignored and hence 2420 cause the connection not to be rejected by the DNS based rejection 2421 list. This behavior can be changed by specifying a third argument, 2422 which must be either `t' or a full error message. For example: 2423 2424 FEATURE(`dnsbl', `dnsbl.example.com', `', 2425 `"451 Temporary lookup failure for " $&{client_addr} " in dnsbl.example.com"') 2426 2427 If `t' is used, the error message is: 2428 2429 451 Temporary lookup failure of IP-ADDRESS at SERVER 2430 2431 where IP-ADDRESS and SERVER are replaced by the appropriate 2432 information. 2433 2434 This FEATURE can be included several times to query different 2435 DNS based rejection lists. 2436 2437 Notice: to avoid checking your own local domains against those 2438 blacklists, use the access_db feature and add: 2439 2440 Connect:10.1 OK 2441 Connect:127.0.0.1 RELAY 2442 2443 to the access map, where 10.1 is your local network. You may 2444 want to use "RELAY" instead of "OK" to allow also relaying 2445 instead of just disabling the DNS lookups in the blacklists. 2446 2447 2448 The features described above make use of the check_relay, check_mail, 2449 and check_rcpt rulesets. Note that check_relay checks the SMTP 2450 client hostname and IP address when the connection is made to your 2451 server. It does not check if a mail message is being relayed to 2452 another server. That check is done in check_rcpt. If you wish to 2453 include your own checks, you can put your checks in the rulesets 2454 Local_check_relay, Local_check_mail, and Local_check_rcpt. For 2455 example if you wanted to block senders with all numeric usernames 2456 (i.e. 2312343@bigisp.com), you would use Local_check_mail and the 2457 regex map: 2458 2459 LOCAL_CONFIG 2460 Kallnumbers regex -a@MATCH ^[0-9]+$ 2461 2462 LOCAL_RULESETS 2463 SLocal_check_mail 2464 # check address against various regex checks 2465 R$* $: $>Parse0 $>3 $1 2466 R$+ < @ bigisp.com. > $* $: $(allnumbers $1 $) 2467 R@MATCH $#error $: 553 Header Error 2468 2469 These rules are called with the original arguments of the corresponding 2470 check_* ruleset. If the local ruleset returns $#OK, no further checking 2471 is done by the features described above and the mail is accepted. If 2472 the local ruleset resolves to a mailer (such as $#error or $#discard), 2473 the appropriate action is taken. Other results starting with $# are 2474 interpreted by sendmail and may lead to unspecified behavior. Note: do 2475 NOT create a mailer with the name OK. Return values that do not start 2476 with $# are ignored, i.e., normal processing continues. 2477 2478 Delay all checks 2479 ---------------- 2480 2481 By using FEATURE(`delay_checks') the rulesets check_mail and check_relay 2482 will not be called when a client connects or issues a MAIL command, 2483 respectively. Instead, those rulesets will be called by the check_rcpt 2484 ruleset; they will be skipped if a sender has been authenticated using 2485 a "trusted" mechanism, i.e., one that is defined via TRUST_AUTH_MECH(). 2486 If check_mail returns an error then the RCPT TO command will be rejected 2487 with that error. If it returns some other result starting with $# then 2488 check_relay will be skipped. If the sender address (or a part of it) is 2489 listed in the access map and it has a RHS of OK or RELAY, then check_relay 2490 will be skipped. This has an interesting side effect: if your domain is 2491 my.domain and you have 2492 2493 my.domain RELAY 2494 2495 in the access map, then any e-mail with a sender address of 2496 <user@my.domain> will not be rejected by check_relay even though 2497 it would match the hostname or IP address. This allows spammers 2498 to get around DNS based blacklist by faking the sender address. To 2499 avoid this problem you have to use tagged entries: 2500 2501 To:my.domain RELAY 2502 Connect:my.domain RELAY 2503 2504 if you need those entries at all (class {R} may take care of them). 2505 2506 FEATURE(`delay_checks') can take an optional argument: 2507 2508 FEATURE(`delay_checks', `friend') 2509 enables spamfriend test 2510 FEATURE(`delay_checks', `hater') 2511 enables spamhater test 2512 2513 If such an argument is given, the recipient will be looked up in the 2514 access map (using the tag Spam:). If the argument is `friend', then 2515 the default behavior is to apply the other rulesets and make a SPAM 2516 friend the exception. The rulesets check_mail and check_relay will be 2517 skipped only if the recipient address is found and has RHS FRIEND. If 2518 the argument is `hater', then the default behavior is to skip the rulesets 2519 check_mail and check_relay and make a SPAM hater the exception. The 2520 other two rulesets will be applied only if the recipient address is 2521 found and has RHS HATER. 2522 2523 This allows for simple exceptions from the tests, e.g., by activating 2524 the friend option and having 2525 2526 Spam:abuse@ FRIEND 2527 2528 in the access map, mail to abuse@localdomain will get through (where 2529 "localdomain" is any domain in class {w}). It is also possible to 2530 specify a full address or an address with +detail: 2531 2532 Spam:abuse@my.domain FRIEND 2533 Spam:me+abuse@ FRIEND 2534 Spam:spam.domain FRIEND 2535 2536 Note: The required tag has been changed in 8.12 from To: to Spam:. 2537 This change is incompatible to previous versions. However, you can 2538 (for now) simply add the new entries to the access map, the old 2539 ones will be ignored. As soon as you removed the old entries from 2540 the access map, specify a third parameter (`n') to this feature and 2541 the backward compatibility rules will not be in the generated .cf 2542 file. 2543 2544 Header Checks 2545 ------------- 2546 2547 You can also reject mail on the basis of the contents of headers. 2548 This is done by adding a ruleset call to the 'H' header definition command 2549 in sendmail.cf. For example, this can be used to check the validity of 2550 a Message-ID: header: 2551 2552 LOCAL_CONFIG 2553 HMessage-Id: $>CheckMessageId 2554 2555 LOCAL_RULESETS 2556 SCheckMessageId 2557 R< $+ @ $+ > $@ OK 2558 R$* $#error $: 553 Header Error 2559 2560 The alternative format: 2561 2562 HSubject: $>+CheckSubject 2563 2564 that is, $>+ instead of $>, gives the full Subject: header including 2565 comments to the ruleset (comments in parentheses () are stripped 2566 by default). 2567 2568 A default ruleset for headers which don't have a specific ruleset 2569 defined for them can be given by: 2570 2571 H*: $>CheckHdr 2572 2573 Notice: 2574 1. All rules act on tokens as explained in doc/op/op.{me,ps,txt}. 2575 That may cause problems with simple header checks due to the 2576 tokenization. It might be simpler to use a regex map and apply it 2577 to $&{currHeader}. 2578 2. There are no default rulesets coming with this distribution of 2579 sendmail. You can write your own or search the WWW for examples. 2580 3. When using a default ruleset for headers, the name of the header 2581 currently being checked can be found in the $&{hdr_name} macro. 2582 2583 After all of the headers are read, the check_eoh ruleset will be called for 2584 any final header-related checks. The ruleset is called with the number of 2585 headers and the size of all of the headers in bytes separated by $|. One 2586 example usage is to reject messages which do not have a Message-Id: 2587 header. However, the Message-Id: header is *NOT* a required header and is 2588 not a guaranteed spam indicator. This ruleset is an example and should 2589 probably not be used in production. 2590 2591 LOCAL_CONFIG 2592 Kstorage macro 2593 HMessage-Id: $>CheckMessageId 2594 2595 LOCAL_RULESETS 2596 SCheckMessageId 2597 # Record the presence of the header 2598 R$* $: $(storage {MessageIdCheck} $@ OK $) $1 2599 R< $+ @ $+ > $@ OK 2600 R$* $#error $: 553 Header Error 2601 2602 Scheck_eoh 2603 # Check the macro 2604 R$* $: < $&{MessageIdCheck} > 2605 # Clear the macro for the next message 2606 R$* $: $(storage {MessageIdCheck} $) $1 2607 # Has a Message-Id: header 2608 R< $+ > $@ OK 2609 # Allow missing Message-Id: from local mail 2610 R$* $: < $&{client_name} > 2611 R< > $@ OK 2612 R< $=w > $@ OK 2613 # Otherwise, reject the mail 2614 R$* $#error $: 553 Header Error 2615 2616 2617 +--------------------+ 2618 | CONNECTION CONTROL | 2619 +--------------------+ 2620 2621 The features ratecontrol and conncontrol allow to establish connection 2622 limits per client IP address or net. These features can limit the 2623 rate of connections (connections per time unit) or the number of 2624 incoming SMTP connections, respectively. If enabled, appropriate 2625 rulesets are called at the end of check_relay, i.e., after DNS 2626 blacklists and generic access_db operations. The features require 2627 FEATURE(`access_db') to be listed earlier in the mc file. 2628 2629 Note: FEATURE(`delay_checks') delays those connection control checks 2630 after a recipient address has been received, hence making these 2631 connection control features less useful. To run the checks as early 2632 as possible, specify the parameter `nodelay', e.g., 2633 2634 FEATURE(`ratecontrol', `nodelay') 2635 2636 In that case, FEATURE(`delay_checks') has no effect on connection 2637 control (and it must be specified earlier in the mc file). 2638 2639 An optional second argument `terminate' specifies whether the 2640 rulesets should return the error code 421 which will cause 2641 sendmail to terminate the session with that error if it is 2642 returned from check_relay, i.e., not delayed as explained in 2643 the previous paragraph. Example: 2644 2645 FEATURE(`ratecontrol', `nodelay', `terminate') 2646 2647 2648 +----------+ 2649 | STARTTLS | 2650 +----------+ 2651 2652 In this text, cert will be used as an abbreviation for X.509 certificate, 2653 DN (CN) is the distinguished (common) name of a cert, and CA is a 2654 certification authority, which signs (issues) certs. 2655 2656 For STARTTLS to be offered by sendmail you need to set at least 2657 these variables (the file names and paths are just examples): 2658 2659 define(`confCACERT_PATH', `/etc/mail/certs/') 2660 define(`confCACERT', `/etc/mail/certs/CA.cert.pem') 2661 define(`confSERVER_CERT', `/etc/mail/certs/my.cert.pem') 2662 define(`confSERVER_KEY', `/etc/mail/certs/my.key.pem') 2663 2664 On systems which do not have the compile flag HASURANDOM set (see 2665 sendmail/README) you also must set confRAND_FILE. 2666 2667 See doc/op/op.{me,ps,txt} for more information about these options, 2668 especially the sections ``Certificates for STARTTLS'' and ``PRNG for 2669 STARTTLS''. 2670 2671 Macros related to STARTTLS are: 2672 2673 ${cert_issuer} holds the DN of the CA (the cert issuer). 2674 ${cert_subject} holds the DN of the cert (called the cert subject). 2675 ${cn_issuer} holds the CN of the CA (the cert issuer). 2676 ${cn_subject} holds the CN of the cert (called the cert subject). 2677 ${tls_version} the TLS/SSL version used for the connection, e.g., TLSv1, 2678 TLSv1/SSLv3, SSLv3, SSLv2. 2679 ${cipher} the cipher used for the connection, e.g., EDH-DSS-DES-CBC3-SHA, 2680 EDH-RSA-DES-CBC-SHA, DES-CBC-MD5, DES-CBC3-SHA. 2681 ${cipher_bits} the keylength (in bits) of the symmetric encryption algorithm 2682 used for the connection. 2683 ${verify} holds the result of the verification of the presented cert. 2684 Possible values are: 2685 OK verification succeeded. 2686 NO no cert presented. 2687 NOT no cert requested. 2688 FAIL cert presented but could not be verified, 2689 e.g., the cert of the signing CA is missing. 2690 NONE STARTTLS has not been performed. 2691 TEMP temporary error occurred. 2692 PROTOCOL protocol error occurred (SMTP level). 2693 SOFTWARE STARTTLS handshake failed. 2694 ${server_name} the name of the server of the current outgoing SMTP 2695 connection. 2696 ${server_addr} the address of the server of the current outgoing SMTP 2697 connection. 2698 2699 Relaying 2700 -------- 2701 2702 SMTP STARTTLS can allow relaying for remote SMTP clients which have 2703 successfully authenticated themselves. If the verification of the cert 2704 failed (${verify} != OK), relaying is subject to the usual rules. 2705 Otherwise the DN of the issuer is looked up in the access map using the 2706 tag CERTISSUER. If the resulting value is RELAY, relaying is allowed. 2707 If it is SUBJECT, the DN of the cert subject is looked up next in the 2708 access map using the tag CERTSUBJECT. If the value is RELAY, relaying 2709 is allowed. 2710 2711 To make things a bit more flexible (or complicated), the values for 2712 ${cert_issuer} and ${cert_subject} can be optionally modified by regular 2713 expressions defined in the m4 variables _CERT_REGEX_ISSUER_ and 2714 _CERT_REGEX_SUBJECT_, respectively. To avoid problems with those macros in 2715 rulesets and map lookups, they are modified as follows: each non-printable 2716 character and the characters '<', '>', '(', ')', '"', '+', ' ' are replaced 2717 by their HEX value with a leading '+'. For example: 2718 2719 /C=US/ST=California/O=endmail.org/OU=private/CN=Darth Mail (Cert)/Email= 2720 darth+cert@endmail.org 2721 2722 is encoded as: 2723 2724 /C=US/ST=California/O=endmail.org/OU=private/CN= 2725 Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org 2726 2727 (line breaks have been inserted for readability). 2728 2729 The macros which are subject to this encoding are ${cert_subject}, 2730 ${cert_issuer}, ${cn_subject}, and ${cn_issuer}. 2731 2732 Examples: 2733 2734 To allow relaying for everyone who can present a cert signed by 2735 2736 /C=US/ST=California/O=endmail.org/OU=private/CN= 2737 Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org 2738 2739 simply use: 2740 2741 CertIssuer:/C=US/ST=California/O=endmail.org/OU=private/CN= 2742 Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org RELAY 2743 2744 To allow relaying only for a subset of machines that have a cert signed by 2745 2746 /C=US/ST=California/O=endmail.org/OU=private/CN= 2747 Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org 2748 2749 use: 2750 2751 CertIssuer:/C=US/ST=California/O=endmail.org/OU=private/CN= 2752 Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org SUBJECT 2753 CertSubject:/C=US/ST=California/O=endmail.org/OU=private/CN= 2754 DeathStar/Email=deathstar@endmail.org RELAY 2755 2756 Notes: 2757 - line breaks have been inserted after "CN=" for readability, 2758 each tagged entry must be one (long) line in the access map. 2759 - if OpenSSL 0.9.7 or newer is used then the "Email=" part of a DN 2760 is replaced by "emailAddress=". 2761 2762 Of course it is also possible to write a simple ruleset that allows 2763 relaying for everyone who can present a cert that can be verified, e.g., 2764 2765 LOCAL_RULESETS 2766 SLocal_check_rcpt 2767 R$* $: $&{verify} 2768 ROK $# OK 2769 2770 Allowing Connections 2771 -------------------- 2772 2773 The rulesets tls_server, tls_client, and tls_rcpt are used to decide whether 2774 an SMTP connection is accepted (or should continue). 2775 2776 tls_server is called when sendmail acts as client after a STARTTLS command 2777 (should) have been issued. The parameter is the value of ${verify}. 2778 2779 tls_client is called when sendmail acts as server, after a STARTTLS command 2780 has been issued, and from check_mail. The parameter is the value of 2781 ${verify} and STARTTLS or MAIL, respectively. 2782 2783 Both rulesets behave the same. If no access map is in use, the connection 2784 will be accepted unless ${verify} is SOFTWARE, in which case the connection 2785 is always aborted. For tls_server/tls_client, ${client_name}/${server_name} 2786 is looked up in the access map using the tag TLS_Srv/TLS_Clt, which is done 2787 with the ruleset LookUpDomain. If no entry is found, ${client_addr} 2788 (${server_addr}) is looked up in the access map (same tag, ruleset 2789 LookUpAddr). If this doesn't result in an entry either, just the tag is 2790 looked up in the access map (included the trailing colon). Notice: 2791 requiring that e-mail is sent to a server only encrypted, e.g., via 2792 2793 TLS_Srv:secure.domain ENCR:112 2794 2795 doesn't necessarily mean that e-mail sent to that domain is encrypted. 2796 If the domain has multiple MX servers, e.g., 2797 2798 secure.domain. IN MX 10 mail.secure.domain. 2799 secure.domain. IN MX 50 mail.other.domain. 2800 2801 then mail to user@secure.domain may go unencrypted to mail.other.domain. 2802 tls_rcpt can be used to address this problem. 2803 2804 tls_rcpt is called before a RCPT TO: command is sent. The parameter is the 2805 current recipient. This ruleset is only defined if FEATURE(`access_db') 2806 is selected. A recipient address user@domain is looked up in the access 2807 map in four formats: TLS_Rcpt:user@domain, TLS_Rcpt:user@, TLS_Rcpt:domain, 2808 and TLS_Rcpt:; the first match is taken. 2809 2810 The result of the lookups is then used to call the ruleset TLS_connection, 2811 which checks the requirement specified by the RHS in the access map against 2812 the actual parameters of the current TLS connection, esp. ${verify} and 2813 ${cipher_bits}. Legal RHSs in the access map are: 2814 2815 VERIFY verification must have succeeded 2816 VERIFY:bits verification must have succeeded and ${cipher_bits} must 2817 be greater than or equal bits. 2818 ENCR:bits ${cipher_bits} must be greater than or equal bits. 2819 2820 The RHS can optionally be prefixed by TEMP+ or PERM+ to select a temporary 2821 or permanent error. The default is a temporary error code (403 4.7.0) 2822 unless the macro TLS_PERM_ERR is set during generation of the .cf file. 2823 2824 If a certain level of encryption is required, then it might also be 2825 possible that this level is provided by the security layer from a SASL 2826 algorithm, e.g., DIGEST-MD5. 2827 2828 Furthermore, there can be a list of extensions added. Such a list 2829 starts with '+' and the items are separated by '++'. Allowed 2830 extensions are: 2831 2832 CN:name name must match ${cn_subject} 2833 CN ${server_name} must match ${cn_subject} 2834 CS:name name must match ${cert_subject} 2835 CI:name name must match ${cert_issuer} 2836 2837 Example: e-mail sent to secure.example.com should only use an encrypted 2838 connection. E-mail received from hosts within the laptop.example.com domain 2839 should only be accepted if they have been authenticated. The host which 2840 receives e-mail for darth@endmail.org must present a cert that uses the 2841 CN smtp.endmail.org. 2842 2843 TLS_Srv:secure.example.com ENCR:112 2844 TLS_Clt:laptop.example.com PERM+VERIFY:112 2845 TLS_Rcpt:darth@endmail.org ENCR:112+CN:smtp.endmail.org 2846 2847 2848 Disabling STARTTLS And Setting SMTP Server Features 2849 --------------------------------------------------- 2850 2851 By default STARTTLS is used whenever possible. However, there are 2852 some broken MTAs that don't properly implement STARTTLS. To be able 2853 to send to (or receive from) those MTAs, the ruleset try_tls 2854 (srv_features) can be used that work together with the access map. 2855 Entries for the access map must be tagged with Try_TLS (Srv_Features) 2856 and refer to the hostname or IP address of the connecting system. 2857 A default case can be specified by using just the tag. For example, 2858 the following entries in the access map: 2859 2860 Try_TLS:broken.server NO 2861 Srv_Features:my.domain v 2862 Srv_Features: V 2863 2864 will turn off STARTTLS when sending to broken.server (or any host 2865 in that domain), and request a client certificate during the TLS 2866 handshake only for hosts in my.domain. The valid entries on the RHS 2867 for Srv_Features are listed in the Sendmail Installation and 2868 Operations Guide. 2869 2870 2871 Received: Header 2872 ---------------- 2873 2874 The Received: header reveals whether STARTTLS has been used. It contains an 2875 extra line: 2876 2877 (version=${tls_version} cipher=${cipher} bits=${cipher_bits} verify=${verify}) 2878 2879 2880 +--------------------------------+ 2881 | ADDING NEW MAILERS OR RULESETS | 2882 +--------------------------------+ 2883 2884 Sometimes you may need to add entirely new mailers or rulesets. They 2885 should be introduced with the constructs MAILER_DEFINITIONS and 2886 LOCAL_RULESETS respectively. For example: 2887 2888 MAILER_DEFINITIONS 2889 Mmymailer, ... 2890 ... 2891 2892 LOCAL_RULESETS 2893 Smyruleset 2894 ... 2895 2896 Local additions for the rulesets srv_features, try_tls, tls_rcpt, 2897 tls_client, and tls_server can be made using LOCAL_SRV_FEATURES, 2898 LOCAL_TRY_TLS, LOCAL_TLS_RCPT, LOCAL_TLS_CLIENT, and LOCAL_TLS_SERVER, 2899 respectively. For example, to add a local ruleset that decides 2900 whether to try STARTTLS in a sendmail client, use: 2901 2902 LOCAL_TRY_TLS 2903 R... 2904 2905 Note: you don't need to add a name for the ruleset, it is implicitly 2906 defined by using the appropriate macro. 2907 2908 2909 +-------------------------+ 2910 | ADDING NEW MAIL FILTERS | 2911 +-------------------------+ 2912 2913 Sendmail supports mail filters to filter incoming SMTP messages according 2914 to the "Sendmail Mail Filter API" documentation. These filters can be 2915 configured in your mc file using the two commands: 2916 2917 MAIL_FILTER(`name', `equates') 2918 INPUT_MAIL_FILTER(`name', `equates') 2919 2920 The first command, MAIL_FILTER(), simply defines a filter with the given 2921 name and equates. For example: 2922 2923 MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R') 2924 2925 This creates the equivalent sendmail.cf entry: 2926 2927 Xarchive, S=local:/var/run/archivesock, F=R 2928 2929 The INPUT_MAIL_FILTER() command performs the same actions as MAIL_FILTER 2930 but also populates the m4 variable `confINPUT_MAIL_FILTERS' with the name 2931 of the filter such that the filter will actually be called by sendmail. 2932 2933 For example, the two commands: 2934 2935 INPUT_MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R') 2936 INPUT_MAIL_FILTER(`spamcheck', `S=inet:2525@localhost, F=T') 2937 2938 are equivalent to the three commands: 2939 2940 MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R') 2941 MAIL_FILTER(`spamcheck', `S=inet:2525@localhost, F=T') 2942 define(`confINPUT_MAIL_FILTERS', `archive, spamcheck') 2943 2944 In general, INPUT_MAIL_FILTER() should be used unless you need to define 2945 more filters than you want to use for `confINPUT_MAIL_FILTERS'. 2946 2947 Note that setting `confINPUT_MAIL_FILTERS' after any INPUT_MAIL_FILTER() 2948 commands will clear the list created by the prior INPUT_MAIL_FILTER() 2949 commands. 2950 2951 2952 +-------------------------+ 2953 | QUEUE GROUP DEFINITIONS | 2954 +-------------------------+ 2955 2956 In addition to the queue directory (which is the default queue group 2957 called "mqueue"), sendmail can deal with multiple queue groups, which 2958 are collections of queue directories with the same behaviour. Queue 2959 groups can be defined using the command: 2960 2961 QUEUE_GROUP(`name', `equates') 2962 2963 For details about queue groups, please see doc/op/op.{me,ps,txt}. 2964 2965 +-------------------------------+ 2966 | NON-SMTP BASED CONFIGURATIONS | 2967 +-------------------------------+ 2968 2969 These configuration files are designed primarily for use by 2970 SMTP-based sites. They may not be well tuned for UUCP-only or 2971 UUCP-primarily nodes (the latter is defined as a small local net 2972 connected to the rest of the world via UUCP). However, there is 2973 one hook to handle some special cases. 2974 2975 You can define a ``smart host'' that understands a richer address syntax 2976 using: 2977 2978 define(`SMART_HOST', `mailer:hostname') 2979 2980 In this case, the ``mailer:'' defaults to "relay". Any messages that 2981 can't be handled using the usual UUCP rules are passed to this host. 2982 2983 If you are on a local SMTP-based net that connects to the outside 2984 world via UUCP, you can use LOCAL_NET_CONFIG to add appropriate rules. 2985 For example: 2986 2987 define(`SMART_HOST', `uucp-new:uunet') 2988 LOCAL_NET_CONFIG 2989 R$* < @ $* .$m. > $* $#smtp $@ $2.$m. $: $1 < @ $2.$m. > $3 2990 2991 This will cause all names that end in your domain name ($m) to be sent 2992 via SMTP; anything else will be sent via uucp-new (smart UUCP) to uunet. 2993 If you have FEATURE(`nocanonify'), you may need to omit the dots after 2994 the $m. If you are running a local DNS inside your domain which is 2995 not otherwise connected to the outside world, you probably want to 2996 use: 2997 2998 define(`SMART_HOST', `smtp:fire.wall.com') 2999 LOCAL_NET_CONFIG 3000 R$* < @ $* . > $* $#smtp $@ $2. $: $1 < @ $2. > $3 3001 3002 That is, send directly only to things you found in your DNS lookup; 3003 anything else goes through SMART_HOST. 3004 3005 You may need to turn off the anti-spam rules in order to accept 3006 UUCP mail with FEATURE(`promiscuous_relay') and 3007 FEATURE(`accept_unresolvable_domains'). 3008 3009 3010 +-----------+ 3011 | WHO AM I? | 3012 +-----------+ 3013 3014 Normally, the $j macro is automatically defined to be your fully 3015 qualified domain name (FQDN). Sendmail does this by getting your 3016 host name using gethostname and then calling gethostbyname on the 3017 result. For example, in some environments gethostname returns 3018 only the root of the host name (such as "foo"); gethostbyname is 3019 supposed to return the FQDN ("foo.bar.com"). In some (fairly rare) 3020 cases, gethostbyname may fail to return the FQDN. In this case 3021 you MUST define confDOMAIN_NAME to be your fully qualified domain 3022 name. This is usually done using: 3023 3024 Dmbar.com 3025 define(`confDOMAIN_NAME', `$w.$m')dnl 3026 3027 3028 +-----------------------------------+ 3029 | ACCEPTING MAIL FOR MULTIPLE NAMES | 3030 +-----------------------------------+ 3031 3032 If your host is known by several different names, you need to augment 3033 class {w}. This is a list of names by which your host is known, and 3034 anything sent to an address using a host name in this list will be 3035 treated as local mail. You can do this in two ways: either create the 3036 file /etc/mail/local-host-names containing a list of your aliases (one per 3037 line), and use ``FEATURE(`use_cw_file')'' in the .mc file, or add 3038 ``LOCAL_DOMAIN(`alias.host.name')''. Be sure you use the fully-qualified 3039 name of the host, rather than a short name. 3040 3041 If you want to have different address in different domains, take 3042 a look at the virtusertable feature, which is also explained at 3043 http://www.sendmail.org/virtual-hosting.html 3044 3045 3046 +--------------------+ 3047 | USING MAILERTABLES | 3048 +--------------------+ 3049 3050 To use FEATURE(`mailertable'), you will have to create an external 3051 database containing the routing information for various domains. 3052 For example, a mailertable file in text format might be: 3053 3054 .my.domain xnet:%1.my.domain 3055 uuhost1.my.domain uucp-new:uuhost1 3056 .bitnet smtp:relay.bit.net 3057 3058 This should normally be stored in /etc/mail/mailertable. The actual 3059 database version of the mailertable is built using: 3060 3061 makemap hash /etc/mail/mailertable < /etc/mail/mailertable 3062 3063 The semantics are simple. Any LHS entry that does not begin with 3064 a dot matches the full host name indicated. LHS entries beginning 3065 with a dot match anything ending with that domain name (including 3066 the leading dot) -- that is, they can be thought of as having a 3067 leading ".+" regular expression pattern for a non-empty sequence of 3068 characters. Matching is done in order of most-to-least qualified 3069 -- for example, even though ".my.domain" is listed first in the 3070 above example, an entry of "uuhost1.my.domain" will match the second 3071 entry since it is more explicit. Note: e-mail to "user@my.domain" 3072 does not match any entry in the above table. You need to have 3073 something like: 3074 3075 my.domain esmtp:host.my.domain 3076 3077 The RHS should always be a "mailer:host" pair. The mailer is the 3078 configuration name of a mailer (that is, an M line in the 3079 sendmail.cf file). The "host" will be the hostname passed to 3080 that mailer. In domain-based matches (that is, those with leading 3081 dots) the "%1" may be used to interpolate the wildcarded part of 3082 the host name. For example, the first line above sends everything 3083 addressed to "anything.my.domain" to that same host name, but using 3084 the (presumably experimental) xnet mailer. 3085 3086 In some cases you may want to temporarily turn off MX records, 3087 particularly on gateways. For example, you may want to MX 3088 everything in a domain to one machine that then forwards it 3089 directly. To do this, you might use the DNS configuration: 3090 3091 *.domain. IN MX 0 relay.machine 3092 3093 and on relay.machine use the mailertable: 3094 3095 .domain smtp:[gateway.domain] 3096 3097 The [square brackets] turn off MX records for this host only. 3098 If you didn't do this, the mailertable would use the MX record 3099 again, which would give you an MX loop. Note that the use of 3100 wildcard MX records is almost always a bad idea. Please avoid 3101 using them if possible. 3102 3103 3104 +--------------------------------+ 3105 | USING USERDB TO MAP FULL NAMES | 3106 +--------------------------------+ 3107 3108 The user database was not originally intended for mapping full names 3109 to login names (e.g., Eric.Allman => eric), but some people are using 3110 it that way. (it is recommended that you set up aliases for this 3111 purpose instead -- since you can specify multiple alias files, this 3112 is fairly easy.) The intent was to locate the default maildrop at 3113 a site, but allow you to override this by sending to a specific host. 3114 3115 If you decide to set up the user database in this fashion, it is 3116 imperative that you not use FEATURE(`stickyhost') -- otherwise, 3117 e-mail sent to Full.Name@local.host.name will be rejected. 3118 3119 To build the internal form of the user database, use: 3120 3121 makemap btree /etc/mail/userdb < /etc/mail/userdb.txt 3122 3123 As a general rule, it is an extremely bad idea to using full names 3124 as e-mail addresses, since they are not in any sense unique. For 3125 example, the UNIX software-development community has at least two 3126 well-known Peter Deutsches, and at one time Bell Labs had two 3127 Stephen R. Bournes with offices along the same hallway. Which one 3128 will be forced to suffer the indignity of being Stephen_R_Bourne_2? 3129 The less famous of the two, or the one that was hired later? 3130 3131 Finger should handle full names (and be fuzzy). Mail should use 3132 handles, and not be fuzzy. 3133 3134 3135 +--------------------------------+ 3136 | MISCELLANEOUS SPECIAL FEATURES | 3137 +--------------------------------+ 3138 3139 Plussed users 3140 Sometimes it is convenient to merge configuration on a 3141 centralized mail machine, for example, to forward all 3142 root mail to a mail server. In this case it might be 3143 useful to be able to treat the root addresses as a class 3144 of addresses with subtle differences. You can do this 3145 using plussed users. For example, a client might include 3146 the alias: 3147 3148 root: root+client1@server 3149 3150 On the server, this will match an alias for "root+client1". 3151 If that is not found, the alias "root+*" will be tried, 3152 then "root". 3153 3154 3155 +----------------+ 3156 | SECURITY NOTES | 3157 +----------------+ 3158 3159 A lot of sendmail security comes down to you. Sendmail 8 is much 3160 more careful about checking for security problems than previous 3161 versions, but there are some things that you still need to watch 3162 for. In particular: 3163 3164 * Make sure the aliases file is not writable except by trusted 3165 system personnel. This includes both the text and database 3166 version. 3167 3168 * Make sure that other files that sendmail reads, such as the 3169 mailertable, are only writable by trusted system personnel. 3170 3171 * The queue directory should not be world writable PARTICULARLY 3172 if your system allows "file giveaways" (that is, if a non-root 3173 user can chown any file they own to any other user). 3174 3175 * If your system allows file giveaways, DO NOT create a publically 3176 writable directory for forward files. This will allow anyone 3177 to steal anyone else's e-mail. Instead, create a script that 3178 copies the .forward file from users' home directories once a 3179 night (if you want the non-NFS-mounted forward directory). 3180 3181 * If your system allows file giveaways, you'll find that 3182 sendmail is much less trusting of :include: files -- in 3183 particular, you'll have to have /SENDMAIL/ANY/SHELL/ in 3184 /etc/shells before they will be trusted (that is, before 3185 files and programs listed in them will be honored). 3186 3187 In general, file giveaways are a mistake -- if you can turn them 3188 off, do so. 3189 3190 3191 +--------------------------------+ 3192 | TWEAKING CONFIGURATION OPTIONS | 3193 +--------------------------------+ 3194 3195 There are a large number of configuration options that don't normally 3196 need to be changed. However, if you feel you need to tweak them, 3197 you can define the following M4 variables. Note that some of these 3198 variables require formats that are defined in RFC 2821 or RFC 2822. 3199 Before changing them you need to make sure you do not violate those 3200 (and other relevant) RFCs. 3201 3202 This list is shown in four columns: the name you define, the default 3203 value for that definition, the option or macro that is affected 3204 (either Ox for an option or Dx for a macro), and a brief description. 3205 3206 Some options are likely to be deprecated in future versions -- that is, 3207 the option is only included to provide back-compatibility. These are 3208 marked with "*". 3209 3210 Remember that these options are M4 variables, and hence may need to 3211 be quoted. In particular, arguments with commas will usually have to 3212 be ``double quoted, like this phrase'' to avoid having the comma 3213 confuse things. This is common for alias file definitions and for 3214 the read timeout. 3215 3216 M4 Variable Name Configuration [Default] & Description 3217 ================ ============= ======================= 3218 confMAILER_NAME $n macro [MAILER-DAEMON] The sender name used 3219 for internally generated outgoing 3220 messages. 3221 confDOMAIN_NAME $j macro If defined, sets $j. This should 3222 only be done if your system cannot 3223 determine your local domain name, 3224 and then it should be set to 3225 $w.Foo.COM, where Foo.COM is your 3226 domain name. 3227 confCF_VERSION $Z macro If defined, this is appended to the 3228 configuration version name. 3229 confLDAP_CLUSTER ${sendmailMTACluster} macro 3230 If defined, this is the LDAP 3231 cluster to use for LDAP searches 3232 as described above in ``USING LDAP 3233 FOR ALIASES, MAPS, AND CLASSES''. 3234 confFROM_HEADER From: [$?x$x <$g>$|$g$.] The format of an 3235 internally generated From: address. 3236 confRECEIVED_HEADER Received: 3237 [$?sfrom $s $.$?_($?s$|from $.$_) 3238 $.$?{auth_type}(authenticated) 3239 $.by $j ($v/$Z)$?r with $r$. id $i$?u 3240 for $u; $|; 3241 $.$b] 3242 The format of the Received: header 3243 in messages passed through this host. 3244 It is unwise to try to change this. 3245 confMESSAGEID_HEADER Message-Id: [<$t.$i@$j>] The format of an 3246 internally generated Message-Id: 3247 header. 3248 confCW_FILE Fw class [/etc/mail/local-host-names] Name 3249 of file used to get the local 3250 additions to class {w} (local host 3251 names). 3252 confCT_FILE Ft class [/etc/mail/trusted-users] Name of 3253 file used to get the local additions 3254 to class {t} (trusted users). 3255 confCR_FILE FR class [/etc/mail/relay-domains] Name of 3256 file used to get the local additions 3257 to class {R} (hosts allowed to relay). 3258 confTRUSTED_USERS Ct class [no default] Names of users to add to 3259 the list of trusted users. This list 3260 always includes root, uucp, and daemon. 3261 See also FEATURE(`use_ct_file'). 3262 confTRUSTED_USER TrustedUser [no default] Trusted user for file 3263 ownership and starting the daemon. 3264 Not to be confused with 3265 confTRUSTED_USERS (see above). 3266 confSMTP_MAILER - [esmtp] The mailer name used when 3267 SMTP connectivity is required. 3268 One of "smtp", "smtp8", 3269 "esmtp", or "dsmtp". 3270 confUUCP_MAILER - [uucp-old] The mailer to be used by 3271 default for bang-format recipient 3272 addresses. See also discussion of 3273 class {U}, class {Y}, and class {Z} 3274 in the MAILER(`uucp') section. 3275 confLOCAL_MAILER - [local] The mailer name used when 3276 local connectivity is required. 3277 Almost always "local". 3278 confRELAY_MAILER - [relay] The default mailer name used 3279 for relaying any mail (e.g., to a 3280 BITNET_RELAY, a SMART_HOST, or 3281 whatever). This can reasonably be 3282 "uucp-new" if you are on a 3283 UUCP-connected site. 3284 confSEVEN_BIT_INPUT SevenBitInput [False] Force input to seven bits? 3285 confEIGHT_BIT_HANDLING EightBitMode [pass8] 8-bit data handling 3286 confALIAS_WAIT AliasWait [10m] Time to wait for alias file 3287 rebuild until you get bored and 3288 decide that the apparently pending 3289 rebuild failed. 3290 confMIN_FREE_BLOCKS MinFreeBlocks [100] Minimum number of free blocks on 3291 queue filesystem to accept SMTP mail. 3292 (Prior to 8.7 this was minfree/maxsize, 3293 where minfree was the number of free 3294 blocks and maxsize was the maximum 3295 message size. Use confMAX_MESSAGE_SIZE 3296 for the second value now.) 3297 confMAX_MESSAGE_SIZE MaxMessageSize [infinite] The maximum size of messages 3298 that will be accepted (in bytes). 3299 confBLANK_SUB BlankSub [.] Blank (space) substitution 3300 character. 3301 confCON_EXPENSIVE HoldExpensive [False] Avoid connecting immediately 3302 to mailers marked expensive. 3303 confCHECKPOINT_INTERVAL CheckpointInterval 3304 [10] Checkpoint queue files every N 3305 recipients. 3306 confDELIVERY_MODE DeliveryMode [background] Default delivery mode. 3307 confERROR_MODE ErrorMode [print] Error message mode. 3308 confERROR_MESSAGE ErrorHeader [undefined] Error message header/file. 3309 confSAVE_FROM_LINES SaveFromLine Save extra leading From_ lines. 3310 confTEMP_FILE_MODE TempFileMode [0600] Temporary file mode. 3311 confMATCH_GECOS MatchGECOS [False] Match GECOS field. 3312 confMAX_HOP MaxHopCount [25] Maximum hop count. 3313 confIGNORE_DOTS* IgnoreDots [False; always False in -bs or -bd 3314 mode] Ignore dot as terminator for 3315 incoming messages? 3316 confBIND_OPTS ResolverOptions [undefined] Default options for DNS 3317 resolver. 3318 confMIME_FORMAT_ERRORS* SendMimeErrors [True] Send error messages as MIME- 3319 encapsulated messages per RFC 1344. 3320 confFORWARD_PATH ForwardPath [$z/.forward.$w:$z/.forward] 3321 The colon-separated list of places to 3322 search for .forward files. N.B.: see 3323 the Security Notes section. 3324 confMCI_CACHE_SIZE ConnectionCacheSize 3325 [2] Size of open connection cache. 3326 confMCI_CACHE_TIMEOUT ConnectionCacheTimeout 3327 [5m] Open connection cache timeout. 3328 confHOST_STATUS_DIRECTORY HostStatusDirectory 3329 [undefined] If set, host status is kept 3330 on disk between sendmail runs in the 3331 named directory tree. This need not be 3332 a full pathname, in which case it is 3333 interpreted relative to the queue 3334 directory. 3335 confSINGLE_THREAD_DELIVERY SingleThreadDelivery 3336 [False] If this option and the 3337 HostStatusDirectory option are both 3338 set, single thread deliveries to other 3339 hosts. That is, don't allow any two 3340 sendmails on this host to connect 3341 simultaneously to any other single 3342 host. This can slow down delivery in 3343 some cases, in particular since a 3344 cached but otherwise idle connection 3345 to a host will prevent other sendmails 3346 from connecting to the other host. 3347 confUSE_ERRORS_TO* UseErrorsTo [False] Use the Errors-To: header to 3348 deliver error messages. This should 3349 not be necessary because of general 3350 acceptance of the envelope/header 3351 distinction. 3352 confLOG_LEVEL LogLevel [9] Log level. 3353 confME_TOO MeToo [True] Include sender in group 3354 expansions. This option is 3355 deprecated and will be removed from 3356 a future version. 3357 confCHECK_ALIASES CheckAliases [False] Check RHS of aliases when 3358 running newaliases. Since this does 3359 DNS lookups on every address, it can 3360 slow down the alias rebuild process 3361 considerably on large alias files. 3362 confOLD_STYLE_HEADERS* OldStyleHeaders [True] Assume that headers without 3363 special chars are old style. 3364 confPRIVACY_FLAGS PrivacyOptions [authwarnings] Privacy flags. 3365 confCOPY_ERRORS_TO PostmasterCopy [undefined] Address for additional 3366 copies of all error messages. 3367 confQUEUE_FACTOR QueueFactor [600000] Slope of queue-only function. 3368 confQUEUE_FILE_MODE QueueFileMode [undefined] Default permissions for 3369 queue files (octal). If not set, 3370 sendmail uses 0600 unless its real 3371 and effective uid are different in 3372 which case it uses 0644. 3373 confDONT_PRUNE_ROUTES DontPruneRoutes [False] Don't prune down route-addr 3374 syntax addresses to the minimum 3375 possible. 3376 confSAFE_QUEUE* SuperSafe [True] Commit all messages to disk 3377 before forking. 3378 confTO_INITIAL Timeout.initial [5m] The timeout waiting for a response 3379 on the initial connect. 3380 confTO_CONNECT Timeout.connect [0] The timeout waiting for an initial 3381 connect() to complete. This can only 3382 shorten connection timeouts; the kernel 3383 silently enforces an absolute maximum 3384 (which varies depending on the system). 3385 confTO_ICONNECT Timeout.iconnect 3386 [undefined] Like Timeout.connect, but 3387 applies only to the very first attempt 3388 to connect to a host in a message. 3389 This allows a single very fast pass 3390 followed by more careful delivery 3391 attempts in the future. 3392 confTO_ACONNECT Timeout.aconnect 3393 [0] The overall timeout waiting for 3394 all connection for a single delivery 3395 attempt to succeed. If 0, no overall 3396 limit is applied. 3397 confTO_HELO Timeout.helo [5m] The timeout waiting for a response 3398 to a HELO or EHLO command. 3399 confTO_MAIL Timeout.mail [10m] The timeout waiting for a 3400 response to the MAIL command. 3401 confTO_RCPT Timeout.rcpt [1h] The timeout waiting for a response 3402 to the RCPT command. 3403 confTO_DATAINIT Timeout.datainit 3404 [5m] The timeout waiting for a 354 3405 response from the DATA command. 3406 confTO_DATABLOCK Timeout.datablock 3407 [1h] The timeout waiting for a block 3408 during DATA phase. 3409 confTO_DATAFINAL Timeout.datafinal 3410 [1h] The timeout waiting for a response 3411 to the final "." that terminates a 3412 message. 3413 confTO_RSET Timeout.rset [5m] The timeout waiting for a response 3414 to the RSET command. 3415 confTO_QUIT Timeout.quit [2m] The timeout waiting for a response 3416 to the QUIT command. 3417 confTO_MISC Timeout.misc [2m] The timeout waiting for a response 3418 to other SMTP commands. 3419 confTO_COMMAND Timeout.command [1h] In server SMTP, the timeout 3420 waiting for a command to be issued. 3421 confTO_IDENT Timeout.ident [5s] The timeout waiting for a 3422 response to an IDENT query. 3423 confTO_FILEOPEN Timeout.fileopen 3424 [60s] The timeout waiting for a file 3425 (e.g., :include: file) to be opened. 3426 confTO_LHLO Timeout.lhlo [2m] The timeout waiting for a response 3427 to an LMTP LHLO command. 3428 confTO_STARTTLS Timeout.starttls 3429 [1h] The timeout waiting for a 3430 response to an SMTP STARTTLS command. 3431 confTO_CONTROL Timeout.control 3432 [2m] The timeout for a complete 3433 control socket transaction to complete. 3434 confTO_QUEUERETURN Timeout.queuereturn 3435 [5d] The timeout before a message is 3436 returned as undeliverable. 3437 confTO_QUEUERETURN_NORMAL 3438 Timeout.queuereturn.normal 3439 [undefined] As above, for normal 3440 priority messages. 3441 confTO_QUEUERETURN_URGENT 3442 Timeout.queuereturn.urgent 3443 [undefined] As above, for urgent 3444 priority messages. 3445 confTO_QUEUERETURN_NONURGENT 3446 Timeout.queuereturn.non-urgent 3447 [undefined] As above, for non-urgent 3448 (low) priority messages. 3449 confTO_QUEUERETURN_DSN 3450 Timeout.queuereturn.dsn 3451 [undefined] As above, for delivery 3452 status notification messages. 3453 confTO_QUEUEWARN Timeout.queuewarn 3454 [4h] The timeout before a warning 3455 message is sent to the sender telling 3456 them that the message has been 3457 deferred. 3458 confTO_QUEUEWARN_NORMAL Timeout.queuewarn.normal 3459 [undefined] As above, for normal 3460 priority messages. 3461 confTO_QUEUEWARN_URGENT Timeout.queuewarn.urgent 3462 [undefined] As above, for urgent 3463 priority messages. 3464 confTO_QUEUEWARN_NONURGENT 3465 Timeout.queuewarn.non-urgent 3466 [undefined] As above, for non-urgent 3467 (low) priority messages. 3468 confTO_QUEUEWARN_DSN 3469 Timeout.queuewarn.dsn 3470 [undefined] As above, for delivery 3471 status notification messages. 3472 confTO_HOSTSTATUS Timeout.hoststatus 3473 [30m] How long information about host 3474 statuses will be maintained before it 3475 is considered stale and the host should 3476 be retried. This applies both within 3477 a single queue run and to persistent 3478 information (see below). 3479 confTO_RESOLVER_RETRANS Timeout.resolver.retrans 3480 [varies] Sets the resolver's 3481 retransmission time interval (in 3482 seconds). Sets both 3483 Timeout.resolver.retrans.first and 3484 Timeout.resolver.retrans.normal. 3485 confTO_RESOLVER_RETRANS_FIRST Timeout.resolver.retrans.first 3486 [varies] Sets the resolver's 3487 retransmission time interval (in 3488 seconds) for the first attempt to 3489 deliver a message. 3490 confTO_RESOLVER_RETRANS_NORMAL Timeout.resolver.retrans.normal 3491 [varies] Sets the resolver's 3492 retransmission time interval (in 3493 seconds) for all resolver lookups 3494 except the first delivery attempt. 3495 confTO_RESOLVER_RETRY Timeout.resolver.retry 3496 [varies] Sets the number of times 3497 to retransmit a resolver query. 3498 Sets both 3499 Timeout.resolver.retry.first and 3500 Timeout.resolver.retry.normal. 3501 confTO_RESOLVER_RETRY_FIRST Timeout.resolver.retry.first 3502 [varies] Sets the number of times 3503 to retransmit a resolver query for 3504 the first attempt to deliver a 3505 message. 3506 confTO_RESOLVER_RETRY_NORMAL Timeout.resolver.retry.normal 3507 [varies] Sets the number of times 3508 to retransmit a resolver query for 3509 all resolver lookups except the 3510 first delivery attempt. 3511 confTIME_ZONE TimeZoneSpec [USE_SYSTEM] Time zone info -- can be 3512 USE_SYSTEM to use the system's idea, 3513 USE_TZ to use the user's TZ envariable, 3514 or something else to force that value. 3515 confDEF_USER_ID DefaultUser [1:1] Default user id. 3516 confUSERDB_SPEC UserDatabaseSpec 3517 [undefined] User database 3518 specification. 3519 confFALLBACK_MX FallbackMXhost [undefined] Fallback MX host. 3520 confFALLBACK_SMARTHOST FallbackSmartHost 3521 [undefined] Fallback smart host. 3522 confTRY_NULL_MX_LIST TryNullMXList [False] If this host is the best MX 3523 for a host and other arrangements 3524 haven't been made, try connecting 3525 to the host directly; normally this 3526 would be a config error. 3527 confQUEUE_LA QueueLA [varies] Load average at which 3528 queue-only function kicks in. 3529 Default values is (8 * numproc) 3530 where numproc is the number of 3531 processors online (if that can be 3532 determined). 3533 confREFUSE_LA RefuseLA [varies] Load average at which 3534 incoming SMTP connections are 3535 refused. Default values is (12 * 3536 numproc) where numproc is the 3537 number of processors online (if 3538 that can be determined). 3539 confREJECT_LOG_INTERVAL RejectLogInterval [3h] Log interval when 3540 refusing connections for this long. 3541 confDELAY_LA DelayLA [0] Load average at which sendmail 3542 will sleep for one second on most 3543 SMTP commands and before accepting 3544 connections. 0 means no limit. 3545 confMAX_ALIAS_RECURSION MaxAliasRecursion 3546 [10] Maximum depth of alias recursion. 3547 confMAX_DAEMON_CHILDREN MaxDaemonChildren 3548 [undefined] The maximum number of 3549 children the daemon will permit. After 3550 this number, connections will be 3551 rejected. If not set or <= 0, there is 3552 no limit. 3553 confMAX_HEADERS_LENGTH MaxHeadersLength 3554 [32768] Maximum length of the sum 3555 of all headers. 3556 confMAX_MIME_HEADER_LENGTH MaxMimeHeaderLength 3557 [undefined] Maximum length of 3558 certain MIME header field values. 3559 confCONNECTION_RATE_THROTTLE ConnectionRateThrottle 3560 [undefined] The maximum number of 3561 connections permitted per second per 3562 daemon. After this many connections 3563 are accepted, further connections 3564 will be delayed. If not set or <= 0, 3565 there is no limit. 3566 confCONNECTION_RATE_WINDOW_SIZE ConnectionRateWindowSize 3567 [60s] Define the length of the 3568 interval for which the number of 3569 incoming connections is maintained. 3570 confWORK_RECIPIENT_FACTOR 3571 RecipientFactor [30000] Cost of each recipient. 3572 confSEPARATE_PROC ForkEachJob [False] Run all deliveries in a 3573 separate process. 3574 confWORK_CLASS_FACTOR ClassFactor [1800] Priority multiplier for class. 3575 confWORK_TIME_FACTOR RetryFactor [90000] Cost of each delivery attempt. 3576 confQUEUE_SORT_ORDER QueueSortOrder [Priority] Queue sort algorithm: 3577 Priority, Host, Filename, Random, 3578 Modification, or Time. 3579 confMIN_QUEUE_AGE MinQueueAge [0] The minimum amount of time a job 3580 must sit in the queue between queue 3581 runs. This allows you to set the 3582 queue run interval low for better 3583 responsiveness without trying all 3584 jobs in each run. 3585 confDEF_CHAR_SET DefaultCharSet [unknown-8bit] When converting 3586 unlabeled 8 bit input to MIME, the 3587 character set to use by default. 3588 confSERVICE_SWITCH_FILE ServiceSwitchFile 3589 [/etc/mail/service.switch] The file 3590 to use for the service switch on 3591 systems that do not have a 3592 system-defined switch. 3593 confHOSTS_FILE HostsFile [/etc/hosts] The file to use when doing 3594 "file" type access of hosts names. 3595 confDIAL_DELAY DialDelay [0s] If a connection fails, wait this 3596 long and try again. Zero means "don't 3597 retry". This is to allow "dial on 3598 demand" connections to have enough time 3599 to complete a connection. 3600 confNO_RCPT_ACTION NoRecipientAction 3601 [none] What to do if there are no legal 3602 recipient fields (To:, Cc: or Bcc:) 3603 in the message. Legal values can 3604 be "none" to just leave the 3605 nonconforming message as is, "add-to" 3606 to add a To: header with all the 3607 known recipients (which may expose 3608 blind recipients), "add-apparently-to" 3609 to do the same but use Apparently-To: 3610 instead of To: (strongly discouraged 3611 in accordance with IETF standards), 3612 "add-bcc" to add an empty Bcc: 3613 header, or "add-to-undisclosed" to 3614 add the header 3615 ``To: undisclosed-recipients:;''. 3616 confSAFE_FILE_ENV SafeFileEnvironment 3617 [undefined] If set, sendmail will do a 3618 chroot() into this directory before 3619 writing files. 3620 confCOLON_OK_IN_ADDR ColonOkInAddr [True unless Configuration Level > 6] 3621 If set, colons are treated as a regular 3622 character in addresses. If not set, 3623 they are treated as the introducer to 3624 the RFC 822 "group" syntax. Colons are 3625 handled properly in route-addrs. This 3626 option defaults on for V5 and lower 3627 configuration files. 3628 confMAX_QUEUE_RUN_SIZE MaxQueueRunSize [0] If set, limit the maximum size of 3629 any given queue run to this number of 3630 entries. Essentially, this will stop 3631 reading each queue directory after this 3632 number of entries are reached; it does 3633 _not_ pick the highest priority jobs, 3634 so this should be as large as your 3635 system can tolerate. If not set, there 3636 is no limit. 3637 confMAX_QUEUE_CHILDREN MaxQueueChildren 3638 [undefined] Limits the maximum number 3639 of concurrent queue runners active. 3640 This is to keep system resources used 3641 within a reasonable limit. Relates to 3642 Queue Groups and ForkEachJob. 3643 confMAX_RUNNERS_PER_QUEUE MaxRunnersPerQueue 3644 [1] Only active when MaxQueueChildren 3645 defined. Controls the maximum number 3646 of queue runners (aka queue children) 3647 active at the same time in a work 3648 group. See also MaxQueueChildren. 3649 confDONT_EXPAND_CNAMES DontExpandCnames 3650 [False] If set, $[ ... $] lookups that 3651 do DNS based lookups do not expand 3652 CNAME records. This currently violates 3653 the published standards, but the IETF 3654 seems to be moving toward legalizing 3655 this. For example, if "FTP.Foo.ORG" 3656 is a CNAME for "Cruft.Foo.ORG", then 3657 with this option set a lookup of 3658 "FTP" will return "FTP.Foo.ORG"; if 3659 clear it returns "Cruft.FOO.ORG". N.B. 3660 you may not see any effect until your 3661 downstream neighbors stop doing CNAME 3662 lookups as well. 3663 confFROM_LINE UnixFromLine [From $g $d] The From_ line used 3664 when sending to files or programs. 3665 confSINGLE_LINE_FROM_HEADER SingleLineFromHeader 3666 [False] From: lines that have 3667 embedded newlines are unwrapped 3668 onto one line. 3669 confALLOW_BOGUS_HELO AllowBogusHELO [False] Allow HELO SMTP command that 3670 does not include a host name. 3671 confMUST_QUOTE_CHARS MustQuoteChars [.'] Characters to be quoted in a full 3672 name phrase (@,;:\()[] are automatic). 3673 confOPERATORS OperatorChars [.:%@!^/[]+] Address operator 3674 characters. 3675 confSMTP_LOGIN_MSG SmtpGreetingMessage 3676 [$j Sendmail $v/$Z; $b] 3677 The initial (spontaneous) SMTP 3678 greeting message. The word "ESMTP" 3679 will be inserted between the first and 3680 second words to convince other 3681 sendmails to try to speak ESMTP. 3682 confDONT_INIT_GROUPS DontInitGroups [False] If set, the initgroups(3) 3683 routine will never be invoked. You 3684 might want to do this if you are 3685 running NIS and you have a large group 3686 map, since this call does a sequential 3687 scan of the map; in a large site this 3688 can cause your ypserv to run 3689 essentially full time. If you set 3690 this, agents run on behalf of users 3691 will only have their primary 3692 (/etc/passwd) group permissions. 3693 confUNSAFE_GROUP_WRITES UnsafeGroupWrites 3694 [True] If set, group-writable 3695 :include: and .forward files are 3696 considered "unsafe", that is, programs 3697 and files cannot be directly referenced 3698 from such files. World-writable files 3699 are always considered unsafe. 3700 Notice: this option is deprecated and 3701 will be removed in future versions; 3702 Set GroupWritableForwardFileSafe 3703 and GroupWritableIncludeFileSafe in 3704 DontBlameSendmail if required. 3705 confCONNECT_ONLY_TO ConnectOnlyTo [undefined] override connection 3706 address (for testing). 3707 confCONTROL_SOCKET_NAME ControlSocketName 3708 [undefined] Control socket for daemon 3709 management. 3710 confDOUBLE_BOUNCE_ADDRESS DoubleBounceAddress 3711 [postmaster] If an error occurs when 3712 sending an error message, send that 3713 "double bounce" error message to this 3714 address. If it expands to an empty 3715 string, double bounces are dropped. 3716 confDEAD_LETTER_DROP DeadLetterDrop [undefined] Filename to save bounce 3717 messages which could not be returned 3718 to the user or sent to postmaster. 3719 If not set, the queue file will 3720 be renamed. 3721 confRRT_IMPLIES_DSN RrtImpliesDsn [False] Return-Receipt-To: header 3722 implies DSN request. 3723 confRUN_AS_USER RunAsUser [undefined] If set, become this user 3724 when reading and delivering mail. 3725 Causes all file reads (e.g., .forward 3726 and :include: files) to be done as 3727 this user. Also, all programs will 3728 be run as this user, and all output 3729 files will be written as this user. 3730 confMAX_RCPTS_PER_MESSAGE MaxRecipientsPerMessage 3731 [infinite] If set, allow no more than 3732 the specified number of recipients in 3733 an SMTP envelope. Further recipients 3734 receive a 452 error code (i.e., they 3735 are deferred for the next delivery 3736 attempt). 3737 confBAD_RCPT_THROTTLE BadRcptThrottle [infinite] If set and the specified 3738 number of recipients in a single SMTP 3739 transaction have been rejected, sleep 3740 for one second after each subsequent 3741 RCPT command in that transaction. 3742 confDONT_PROBE_INTERFACES DontProbeInterfaces 3743 [False] If set, sendmail will _not_ 3744 insert the names and addresses of any 3745 local interfaces into class {w} 3746 (list of known "equivalent" addresses). 3747 If you set this, you must also include 3748 some support for these addresses (e.g., 3749 in a mailertable entry) -- otherwise, 3750 mail to addresses in this list will 3751 bounce with a configuration error. 3752 If set to "loopback" (without 3753 quotes), sendmail will skip 3754 loopback interfaces (e.g., "lo0"). 3755 confPID_FILE PidFile [system dependent] Location of pid 3756 file. 3757 confPROCESS_TITLE_PREFIX ProcessTitlePrefix 3758 [undefined] Prefix string for the 3759 process title shown on 'ps' listings. 3760 confDONT_BLAME_SENDMAIL DontBlameSendmail 3761 [safe] Override sendmail's file 3762 safety checks. This will definitely 3763 compromise system security and should 3764 not be used unless absolutely 3765 necessary. 3766 confREJECT_MSG - [550 Access denied] The message 3767 given if the access database contains 3768 REJECT in the value portion. 3769 confRELAY_MSG - [550 Relaying denied] The message 3770 given if an unauthorized relaying 3771 attempt is rejected. 3772 confDF_BUFFER_SIZE DataFileBufferSize 3773 [4096] The maximum size of a 3774 memory-buffered data (df) file 3775 before a disk-based file is used. 3776 confXF_BUFFER_SIZE XScriptFileBufferSize 3777 [4096] The maximum size of a 3778 memory-buffered transcript (xf) 3779 file before a disk-based file is 3780 used. 3781 confTLS_SRV_OPTIONS TLSSrvOptions If this option is 'V' no client 3782 verification is performed, i.e., 3783 the server doesn't ask for a 3784 certificate. 3785 confLDAP_DEFAULT_SPEC LDAPDefaultSpec [undefined] Default map 3786 specification for LDAP maps. The 3787 value should only contain LDAP 3788 specific settings such as "-h host 3789 -p port -d bindDN", etc. The 3790 settings will be used for all LDAP 3791 maps unless they are specified in 3792 the individual map specification 3793 ('K' command). 3794 confCACERT_PATH CACertPath [undefined] Path to directory 3795 with certs of CAs. 3796 confCACERT CACertFile [undefined] File containing one CA 3797 cert. 3798 confSERVER_CERT ServerCertFile [undefined] File containing the 3799 cert of the server, i.e., this cert 3800 is used when sendmail acts as 3801 server. 3802 confSERVER_KEY ServerKeyFile [undefined] File containing the 3803 private key belonging to the server 3804 cert. 3805 confCLIENT_CERT ClientCertFile [undefined] File containing the 3806 cert of the client, i.e., this cert 3807 is used when sendmail acts as 3808 client. 3809 confCLIENT_KEY ClientKeyFile [undefined] File containing the 3810 private key belonging to the client 3811 cert. 3812 confCRL CRLFile [undefined] File containing certificate 3813 revocation status, useful for X.509v3 3814 authentication. Note that CRL requires 3815 at least OpenSSL version 0.9.7. 3816 confDH_PARAMETERS DHParameters [undefined] File containing the 3817 DH parameters. 3818 confRAND_FILE RandFile [undefined] File containing random 3819 data (use prefix file:) or the 3820 name of the UNIX socket if EGD is 3821 used (use prefix egd:). STARTTLS 3822 requires this option if the compile 3823 flag HASURANDOM is not set (see 3824 sendmail/README). 3825 confNICE_QUEUE_RUN NiceQueueRun [undefined] If set, the priority of 3826 queue runners is set the given value 3827 (nice(3)). 3828 confDIRECT_SUBMISSION_MODIFIERS DirectSubmissionModifiers 3829 [undefined] Defines {daemon_flags} 3830 for direct submissions. 3831 confUSE_MSP UseMSP [undefined] Use as mail submission 3832 program. 3833 confDELIVER_BY_MIN DeliverByMin [0] Minimum time for Deliver By 3834 SMTP Service Extension (RFC 2852). 3835 confREQUIRES_DIR_FSYNC RequiresDirfsync [true] RequiresDirfsync can 3836 be used to turn off the compile time 3837 flag REQUIRES_DIR_FSYNC at runtime. 3838 See sendmail/README for details. 3839 confSHARED_MEMORY_KEY SharedMemoryKey [0] Key for shared memory. 3840 confFAST_SPLIT FastSplit [1] If set to a value greater than 3841 zero, the initial MX lookups on 3842 addresses is suppressed when they 3843 are sorted which may result in 3844 faster envelope splitting. If the 3845 mail is submitted directly from the 3846 command line, then the value also 3847 limits the number of processes to 3848 deliver the envelopes. 3849 confMAILBOX_DATABASE MailboxDatabase [pw] Type of lookup to find 3850 information about local mailboxes. 3851 confDEQUOTE_OPTS - [empty] Additional options for the 3852 dequote map. 3853 confINPUT_MAIL_FILTERS InputMailFilters 3854 A comma separated list of filters 3855 which determines which filters and 3856 the invocation sequence are 3857 contacted for incoming SMTP 3858 messages. If none are set, no 3859 filters will be contacted. 3860 confMILTER_LOG_LEVEL Milter.LogLevel [9] Log level for input mail filter 3861 actions, defaults to LogLevel. 3862 confMILTER_MACROS_CONNECT Milter.macros.connect 3863 [j, _, {daemon_name}, {if_name}, 3864 {if_addr}] Macros to transmit to 3865 milters when a session connection 3866 starts. 3867 confMILTER_MACROS_HELO Milter.macros.helo 3868 [{tls_version}, {cipher}, 3869 {cipher_bits}, {cert_subject}, 3870 {cert_issuer}] Macros to transmit to 3871 milters after HELO/EHLO command. 3872 confMILTER_MACROS_ENVFROM Milter.macros.envfrom 3873 [i, {auth_type}, {auth_authen}, 3874 {auth_ssf}, {auth_author}, 3875 {mail_mailer}, {mail_host}, 3876 {mail_addr}] Macros to transmit to 3877 milters after MAIL FROM command. 3878 confMILTER_MACROS_ENVRCPT Milter.macros.envrcpt 3879 [{rcpt_mailer}, {rcpt_host}, 3880 {rcpt_addr}] Macros to transmit to 3881 milters after RCPT TO command. 3882 confMILTER_MACROS_EOM Milter.macros.eom 3883 [{msg_id}] Macros to transmit to 3884 milters after DATA command. 3885 3886 3887 See also the description of OSTYPE for some parameters that can be 3888 tweaked (generally pathnames to mailers). 3889 3890 ClientPortOptions and DaemonPortOptions are special cases since multiple 3891 clients/daemons can be defined. This can be done via 3892 3893 CLIENT_OPTIONS(`field1=value1,field2=value2,...') 3894 DAEMON_OPTIONS(`field1=value1,field2=value2,...') 3895 3896 Note that multiple CLIENT_OPTIONS() commands (and therefore multiple 3897 ClientPortOptions settings) are allowed in order to give settings for each 3898 protocol family (e.g., one for Family=inet and one for Family=inet6). A 3899 restriction placed on one family only affects outgoing connections on that 3900 particular family. 3901 3902 If DAEMON_OPTIONS is not used, then the default is 3903 3904 DAEMON_OPTIONS(`Port=smtp, Name=MTA') 3905 DAEMON_OPTIONS(`Port=587, Name=MSA, M=E') 3906 3907 If you use one DAEMON_OPTIONS macro, it will alter the parameters 3908 of the first of these. The second will still be defaulted; it 3909 represents a "Message Submission Agent" (MSA) as defined by RFC 3910 2476 (see below). To turn off the default definition for the MSA, 3911 use FEATURE(`no_default_msa') (see also FEATURES). If you use 3912 additional DAEMON_OPTIONS macros, they will add additional daemons. 3913 3914 Example 1: To change the port for the SMTP listener, while 3915 still using the MSA default, use 3916 DAEMON_OPTIONS(`Port=925, Name=MTA') 3917 3918 Example 2: To change the port for the MSA daemon, while still 3919 using the default SMTP port, use 3920 FEATURE(`no_default_msa') 3921 DAEMON_OPTIONS(`Name=MTA') 3922 DAEMON_OPTIONS(`Port=987, Name=MSA, M=E') 3923 3924 Note that if the first of those DAEMON_OPTIONS lines were omitted, then 3925 there would be no listener on the standard SMTP port. 3926 3927 Example 3: To listen on both IPv4 and IPv6 interfaces, use 3928 3929 DAEMON_OPTIONS(`Name=MTA-v4, Family=inet') 3930 DAEMON_OPTIONS(`Name=MTA-v6, Family=inet6') 3931 3932 A "Message Submission Agent" still uses all of the same rulesets for 3933 processing the message (and therefore still allows message rejection via 3934 the check_* rulesets). In accordance with the RFC, the MSA will ensure 3935 that all domains in envelope addresses are fully qualified if the message 3936 is relayed to another MTA. It will also enforce the normal address syntax 3937 rules and log error messages. Additionally, by using the M=a modifier you 3938 can require authentication before messages are accepted by the MSA. 3939 Notice: Do NOT use the 'a' modifier on a public accessible MTA! Finally, 3940 the M=E modifier shown above disables ETRN as required by RFC 2476. 3941 3942 Mail filters can be defined using the INPUT_MAIL_FILTER() and MAIL_FILTER() 3943 commands: 3944 3945 INPUT_MAIL_FILTER(`sample', `S=local:/var/run/f1.sock') 3946 MAIL_FILTER(`myfilter', `S=inet:3333@localhost') 3947 3948 The INPUT_MAIL_FILTER() command causes the filter(s) to be called in the 3949 same order they were specified by also setting confINPUT_MAIL_FILTERS. A 3950 filter can be defined without adding it to the input filter list by using 3951 MAIL_FILTER() instead of INPUT_MAIL_FILTER() in your .mc file. 3952 Alternatively, you can reset the list of filters and their order by setting 3953 confINPUT_MAIL_FILTERS option after all INPUT_MAIL_FILTER() commands in 3954 your .mc file. 3955 3956 3957 +----------------------------+ 3958 | MESSAGE SUBMISSION PROGRAM | 3959 +----------------------------+ 3960 3961 This section contains a list of caveats and 3962 a few hints how for those who want to tweak the default configuration 3963 for it (which is installed as submit.cf). 3964 3965 Notice: do not add options/features to submit.mc unless you are 3966 absolutely sure you need them. Options you may want to change 3967 include: 3968 3969 - confTRUSTED_USERS, FEATURE(`use_ct_file'), and confCT_FILE for 3970 avoiding X-Authentication warnings. 3971 - confTIME_ZONE to change it from the default `USE_TZ'. 3972 - confDELIVERY_MODE is set to interactive in msp.m4 instead 3973 of the default background mode. 3974 - FEATURE(stickyhost) and LOCAL_RELAY to send unqualified addresses 3975 to the LOCAL_RELAY instead of the default relay. 3976 3977 The MSP performs hostname canonicalization by default. Mail may end 3978 up for various DNS related reasons in the MSP queue. This problem 3979 can be minimized by using 3980 3981 FEATURE(`nocanonify', `canonify_hosts') 3982 define(`confDIRECT_SUBMISSION_MODIFIERS', `C') 3983 3984 See the discussion about nocanonify for possible side effects. 3985 3986 Some things are not intended to work with the MSP. These include 3987 features that influence the delivery process (e.g., mailertable, 3988 aliases), or those that are only important for a SMTP server (e.g., 3989 virtusertable, DaemonPortOptions, multiple queues). Moreover, 3990 relaxing certain restrictions (RestrictQueueRun, permissions on 3991 queue directory) or adding features (e.g., enabling prog/file mailer) 3992 can cause security problems. 3993 3994 Other things don't work well with the MSP and require tweaking or 3995 workarounds. 3996 3997 The file and the map created by makemap should be owned by smmsp, 3998 its group should be smmsp, and it should have mode 640. 3999 4000 feature/msp.m4 defines almost all settings for the MSP. Most of 4001 those should not be changed at all. Some of the features and options 4002 can be overridden if really necessary. It is a bit tricky to do 4003 this, because it depends on the actual way the option is defined 4004 in feature/msp.m4. If it is directly defined (i.e., define()) then 4005 the modified value must be defined after 4006 4007 FEATURE(`msp') 4008 4009 If it is conditionally defined (i.e., ifdef()) then the desired 4010 value must be defined before the FEATURE line in the .mc file. 4011 To see how the options are defined read feature/msp.m4. 4012 4013 4014 +--------------------------+ 4015 | FORMAT OF FILES AND MAPS | 4016 +--------------------------+ 4017 4018 Files that define classes, i.e., F{classname}, consist of lines 4019 each of which contains a single element of the class. For example, 4020 /etc/mail/local-host-names may have the following content: 4021 4022 my.domain 4023 another.domain 4024 4025 Maps must be created using makemap(8) , e.g., 4026 4027 makemap hash MAP < MAP 4028 4029 In general, a text file from which a map is created contains lines 4030 of the form 4031 4032 key value 4033 4034 where 'key' and 'value' are also called LHS and RHS, respectively. 4035 By default, the delimiter between LHS and RHS is a non-empty sequence 4036 of white space characters. 4037 4038 4039 +------------------+ 4040 | DIRECTORY LAYOUT | 4041 +------------------+ 4042 4043 Within this directory are several subdirectories, to wit: 4044 4045 m4 General support routines. These are typically 4046 very important and should not be changed without 4047 very careful consideration. 4048 4049 cf The configuration files themselves. They have 4050 ".mc" suffixes, and must be run through m4 to 4051 become complete. The resulting output should 4052 have a ".cf" suffix. 4053 4054 ostype Definitions describing a particular operating 4055 system type. These should always be referenced 4056 using the OSTYPE macro in the .mc file. Examples 4057 include "bsd4.3", "bsd4.4", "sunos3.5", and 4058 "sunos4.1". 4059 4060 domain Definitions describing a particular domain, referenced 4061 using the DOMAIN macro in the .mc file. These are 4062 site dependent; for example, "CS.Berkeley.EDU.m4" 4063 describes hosts in the CS.Berkeley.EDU subdomain. 4064 4065 mailer Descriptions of mailers. These are referenced using 4066 the MAILER macro in the .mc file. 4067 4068 sh Shell files used when building the .cf file from the 4069 .mc file in the cf subdirectory. 4070 4071 feature These hold special orthogonal features that you might 4072 want to include. They should be referenced using 4073 the FEATURE macro. 4074 4075 hack Local hacks. These can be referenced using the HACK 4076 macro. They shouldn't be of more than voyeuristic 4077 interest outside the .Berkeley.EDU domain, but who knows? 4078 4079 siteconfig Site configuration -- e.g., tables of locally connected 4080 UUCP sites. 4081 4082 4083 +------------------------+ 4084 | ADMINISTRATIVE DETAILS | 4085 +------------------------+ 4086 4087 The following sections detail usage of certain internal parts of the 4088 sendmail.cf file. Read them carefully if you are trying to modify 4089 the current model. If you find the above descriptions adequate, these 4090 should be {boring, confusing, tedious, ridiculous} (pick one or more). 4091 4092 RULESETS (* means built in to sendmail) 4093 4094 0 * Parsing 4095 1 * Sender rewriting 4096 2 * Recipient rewriting 4097 3 * Canonicalization 4098 4 * Post cleanup 4099 5 * Local address rewrite (after aliasing) 4100 1x mailer rules (sender qualification) 4101 2x mailer rules (recipient qualification) 4102 3x mailer rules (sender header qualification) 4103 4x mailer rules (recipient header qualification) 4104 5x mailer subroutines (general) 4105 6x mailer subroutines (general) 4106 7x mailer subroutines (general) 4107 8x reserved 4108 90 Mailertable host stripping 4109 96 Bottom half of Ruleset 3 (ruleset 6 in old sendmail) 4110 97 Hook for recursive ruleset 0 call (ruleset 7 in old sendmail) 4111 98 Local part of ruleset 0 (ruleset 8 in old sendmail) 4112 4113 4114 MAILERS 4115 4116 0 local, prog local and program mailers 4117 1 [e]smtp, relay SMTP channel 4118 2 uucp-* UNIX-to-UNIX Copy Program 4119 3 netnews Network News delivery 4120 4 fax Sam Leffler's HylaFAX software 4121 5 mail11 DECnet mailer 4122 4123 4124 MACROS 4125 4126 A 4127 B Bitnet Relay 4128 C DECnet Relay 4129 D The local domain -- usually not needed 4130 E reserved for X.400 Relay 4131 F FAX Relay 4132 G 4133 H mail Hub (for mail clusters) 4134 I 4135 J 4136 K 4137 L Luser Relay 4138 M Masquerade (who you claim to be) 4139 N 4140 O 4141 P 4142 Q 4143 R Relay (for unqualified names) 4144 S Smart Host 4145 T 4146 U my UUCP name (if you have a UUCP connection) 4147 V UUCP Relay (class {V} hosts) 4148 W UUCP Relay (class {W} hosts) 4149 X UUCP Relay (class {X} hosts) 4150 Y UUCP Relay (all other hosts) 4151 Z Version number 4152 4153 4154 CLASSES 4155 4156 A 4157 B domains that are candidates for bestmx lookup 4158 C 4159 D 4160 E addresses that should not seem to come from $M 4161 F hosts this system forward for 4162 G domains that should be looked up in genericstable 4163 H 4164 I 4165 J 4166 K 4167 L addresses that should not be forwarded to $R 4168 M domains that should be mapped to $M 4169 N host/domains that should not be mapped to $M 4170 O operators that indicate network operations (cannot be in local names) 4171 P top level pseudo-domains: BITNET, DECNET, FAX, UUCP, etc. 4172 Q 4173 R domains this system is willing to relay (pass anti-spam filters) 4174 S 4175 T 4176 U locally connected UUCP hosts 4177 V UUCP hosts connected to relay $V 4178 W UUCP hosts connected to relay $W 4179 X UUCP hosts connected to relay $X 4180 Y locally connected smart UUCP hosts 4181 Z locally connected domain-ized UUCP hosts 4182 . the class containing only a dot 4183 [ the class containing only a left bracket 4184 4185 4186 M4 DIVERSIONS 4187 4188 1 Local host detection and resolution 4189 2 Local Ruleset 3 additions 4190 3 Local Ruleset 0 additions 4191 4 UUCP Ruleset 0 additions 4192 5 locally interpreted names (overrides $R) 4193 6 local configuration (at top of file) 4194 7 mailer definitions 4195 8 DNS based blacklists 4196 9 special local rulesets (1 and 2) 4197 4198 $Revision: 8.706 $, Last updated $Date: 2006/04/18 22:31:06 $ 4199 ident "%Z%%M% %I% %E% SMI" 4200