Sendmail, wolne wysyłanie e-maili
: 10 listopada 2011, 09:59
Witam.
Sendmail wysyła mi jeden e-mail średnio co 5 minut. Nie byłoby to problemem, gdyby nie fakt, że buduję autoresponder i czasami mam potrzebę wysłania nawet kilku tysięcy wiadomości. Pachnie mi tu jakimiś timerami, tylko gdzie mam ich szukać w sendmailu. Siedzę nad tym już drugi dzień i nie mogę nic znaleźć.
Proszę o pomoc.
/etc/mail/sendmail.conf
http://91.228.198.55/sm/sendmail.conf
/etc/mail/sendmail.cf
http://91.228.198.55/sm/sendmail.cf
/etc/cron.d/sendmail
http://91.228.198.55/sm/sendmail
Sendmail wysyła mi jeden e-mail średnio co 5 minut. Nie byłoby to problemem, gdyby nie fakt, że buduję autoresponder i czasami mam potrzebę wysłania nawet kilku tysięcy wiadomości. Pachnie mi tu jakimiś timerami, tylko gdzie mam ich szukać w sendmailu. Siedzę nad tym już drugi dzień i nie mogę nic znaleźć.
Proszę o pomoc.
/etc/mail/sendmail.conf
http://91.228.198.55/sm/sendmail.conf
Kod: Zaznacz cały
#------------------------------------------------------------------------------
#
# /etc/mail/sendmail.conf
#
# Copyright (c) 2001-2009 Richard Nelson. All Rights Reserved.
# Version: 8.14.3
# Time-stamp: <2010-09-21 11:05:34 cowboy>
#
# Parameter file for sendmail (sourced by /usr/share/sendmail/sendmail)
# Make all changes herein, instead of altering /etc/init.d/sendmail.
#
# After making changes here, you'll need to run /usr/sbin/sendmailconfig
# or /usr/share/sendmail/update_conf to have the changes take effect -
# If you change DAEMON_MODE, QUEUE_MODE, or QUEUE_INTERVAL, you'll also
# need to run /etc/init.d/sendmail restart.
#
# Changes made herein will be kept across upgrades - except for comments!
# Some comment lines have special significance ...
#
# **** **** **** **** DO NOT EDIT THE COMMENTS **** **** **** ****
#
# Supported parameters (and defaults) are listed herein.
#
# Notes:
# * This setup allows sendmail to run in several modes:
# - listener and queue runner..DAEMON_MODE="daemon".QUEUE_MODE="daemon"
# - listener only..............DAEMON_MODE="daemon".QUEUE_MODE="none"
# - queue runner only..........DAEMON_MODE="none"...QUEUE_MODE="daemon"
# - *NOTHING* ?!?..............DAEMON_MODE="none"...QUEUE_MODE="none"
#
# * You can also run the listener from inetd:
# - listener and queue runner..DAEMON_MODE="inetd"..QUEUE_MODE="daemon"
# - listener only..............DAEMON_MODE="inetd"..QUEUE_MODE="none"
#
# * You can also run the queue runner from cron:
# - listener and queue runner..DAEMON_MODE="....."..QUEUE_MODE="cron"
# - queue runner only..........DAEMON_MODE="none"...QUEUE_MODE="cron"
#
# * _PARMS entries herein are shown in precedence order, any later _PARMS
# field will, if applicable, override any previous _PARMS fields.
#
# * Values *MUST* be surrounded with double quotes ("), single quotes
# will *NOT* work !
#
#------------------------------------------------------------------------------
# SMTP Listener Configuration
#
# DAEMON_NETMODE="Static"; Keyword SMTP network mode
# static: Do not monitor any network interfaces for changes
# dynamic: Monitor one or more interfaces for changes
#
DAEMON_NETMODE="Static";
#
# DAEMON_NETIF="eth0"; string SMTP interface(s)
# This parameter defines the network interface(s) that the daemon
# will monitor for status changes (via ppp, dhcp, ifup/down hooks).
#
# NOTES:
# 1) Only list more than one interfaces if they only used for fallback,
# otherwise the daemon will wind up ping-ponging between interfaces.
# 2) Do not use 'lo' unless your daemon only listens on the localhost.
#
DAEMON_NETIF="vnet0:0";
#
# DAEMON_MODE="Daemon"; Keyword SMTP listener
# daemon: Run as standalone daemon
# inetd: Run from inet supervisor (forks for each mail)
# none: No listener (ie, nullclient/smarthost)
#
# NOTE: If you choose "none", mail will build up in the MSP queues
# and you will not receive any mail from external sites.
#
DAEMON_MODE="Daemon";
#
# DAEMON_PARMS=""; String Listener parms
# Any parameters here will be ignored when run from cron.
# Note that {QUEUE,MISC,CRON}_PARMS, if applicable, will override
# anything declared herein.
#
DAEMON_PARMS="";
#
# DAEMON_HOSTSTATS="No"; Boolean Listener stats
# This parameter determines whether or not host stats are collected
# and available for the `hoststat` command to display. There will
# be a (minor) performance hit, as files will be created/updated for each
# sendmail delivery attempt. The files are fixed in size, and small,
# but there can be many of them.
#
DAEMON_HOSTSTATS="No";
#
# DAEMON_MAILSTATS="No"; Boolean Listener stats
# This parameter determines whether or not mailer stats are collected
# and available for the `mailstats` command to display. There will
# be a (minor) performance hit, as this file will be updated for each
# item coming into, or out of, sendmail. The file is fixed in size,
# and small, so there's no need to rotate it.
#
DAEMON_MAILSTATS="No";
#
#------------------------------------------------------------------------------
# SMTP MTA Queue Runner Configuration
#
# QUEUE_MODE="${DAEMON_MODE}"; Keyword SMTP queue runner
# daemon: Run as standalone daemon
# cron: Run from crontab
# none: No queue runner (ie, nullclient/smarthost)
#
QUEUE_MODE="${DAEMON_MODE}";
#
# QUEUE_INTERVAL="10m"; Timespec (p?digits+w|d|h|m|s)
# Interval at which to run the MTA queues. What interval should you use?
# The amount of time that is acceptable before retrying delivery on
# mail that couldn't be delivered in one run, or how long an item can
# set in the queue before having the first delivery attempt done.
#
# NOTE: To use persistent queue-runners use this form: p120m
#
# NOTE: If you leave this field blank, You get *NO* queue runners !!!
#
QUEUE_INTERVAL="10m";
#
# QUEUE_PARMS=""; String queue parameters
# Any parameters here are also used when run from cron.
# Note that MISC_PARMS and CRON_PARMS, if applicable, will override
# anything declared herein.
#
QUEUE_PARMS="";
#
#------------------------------------------------------------------------------
# SMTP - MSP Queue Runner Configuration
#
# MSP_MODE="Cron"; Keyword MSP queue runner mode
# daemon: Run as standalone daemon
# cron: Run from crontab
# none: No queue runner (ie, nullclient/smarthost)
#
# NOTE: If QUEUE_MODE="cron" & MSP_MODE="none", the MSP queue will
# be run as part of the MTA queue running process.
#
MSP_MODE="Cron";
#
# MSP_INTERVAL="20m"; Timespec (digits+w|d|h|m|s)
# Interval at which to run the MSP queues. What interval should you use?
# The amount of time that is acceptable before retrying delivery on
# mail that couldn't be accepted by the MTA, and was therefore left
# in the message submission queue. The MTA shouldn't be down that often
# so this can be larger than QUEUE_INTERVAL.
#
# NOTE: If you leave this field blank, The MSP queue will *NOT* be run !!!
#
MSP_INTERVAL="20m";
#
# MSP_PARMS=""; String queue parameters
# Any parameters here are also used when run from cron.
# Note that MISC_PARMS and CRON_PARMS, if applicable, will override
# anything declared herein.
#
MSP_PARMS="";
#
# MSP_MAILSTATS="${DAEMON_MAILSTATS}"; Boolean Listener stats
# This parameter determines whether or not mailer stats are collected
# and available for the `mailstats` command to display. There will
# be a (minor) performance hit, as this file will be updated for each
# item coming into, or out of, sendmail. The file is fixed in size,
# and small, so there's no need to rotate it.
#
MSP_MAILSTATS="${DAEMON_MAILSTATS}";
#
#------------------------------------------------------------------------------
# Miscellaneous Confguration
#
# MISC_PARMS=""; String miscellaneous parameters
# Miscellaneous parameters - applied to any sendmail invocation.
# Any parameters here are also used when run from cron.
# Applied after {DAEMON,QUEUE}_PARMS, and can therefore override them
# if need be (in which case why did use them?)
# Note that CRON_PARMS, if applicable, will override anything
# declared herein.
#
# Here is where'd you setup and debugging or special parms that you
# want shared betwixt the possibly separate listener/queue-runner
# processes.
#
MISC_PARMS="";
#
#------------------------------------------------------------------------------
# Cron Job Configuration
#
# CRON_MAILTO="root"; String cronjob output
# Recipient of *rare* cronjob output. Some cronjobs will be running
# under user `mail`, so any problems encountered would probably be missed
# so define a user who actually (hopefully) checks email now and again.
#
CRON_MAILTO="root";
#
# CRON_PARMS=""; String cron specific parmeters
# Cron parameters - applied *only* when sendmail queue running is done
# via a cronjob. Applied after QUEUE_PARMS and MISC_PARMS, and can
# therefore override them if need be.
#
CRON_PARMS="";
#
#------------------------------------------------------------------------------
# Other stuff
# LOG_CMDS="No"; Binary command logging flag
# Will cause syslog entries for many of the sendmail related commands
# like runq, mailq, etc - you'll also see cron jobs (if enabled).
#
LOG_CMDS="No";
#
# HANDS_OFF="No"; Binary Do *NOT* touch the configuration
# Set this *ONLY* if you are going to be fully responsible for the entire
# setup of sendmail - the directories, permissions, databases, etc. With
# this variable set to "Yes", nothing will be done for you during updates.
#
# In other words, "The blood be upon your hands" if you set this...
# My ability to help with problems will be greatly reduced !
#
# "Well, a pet peeve of mine is people who directly edit the
# .cf file instead of using the m4 configuration files.
# Don't do it! [laughs] I treat the .cf file as a binary
# file - you should too."
# -- Eric Allman 1999/10/18
# http://www.dotcomeon.com/allman_sendmail_qa.html
#
HANDS_OFF="No";
#
#------------------------------------------------------------------------------
# Queue Aging Configuration
#
# Why would you want to age your queues? On every queue-run interval,
# sendmail will try *every* file in the queue... If a site is down
# for a while, considerable time can be wasted each interval in retrying
# it. The scheme supported allows aging by time, and can move the older
# files to another (less frequently run queue), thereby reducing overal
# system impact - and providing better mail throughput.
#
# Note that this support is completely separate from QUEUE_MODE=cron,
# you can age queues even if you're running QUEUE_MODE=daemon.
#
# There are four parts to the queue aging support, and these parts
# may be repeated, to operate on multiple queues.
#
# 1. Interval at which to age the queues (in minutes).
# What interval should you use? Roughly twice the normal queue
# interval, so that messages are tried twice in each successively
# slower queue.
#
# NOTE: some values just wont work, due to crontab pecularities
# a value of 90 minutes will actually be run at every x:30 !
# Please check /etc/cron.d/sendmail to make sure it is doing what
# you thought it should !
#
# 2. Criteria (optional and defaults to interval). This is the
# specification of which files to move. It defaults moving
# files whose age in the queues exceeds the interval.
# This field, if specified can be very complex - supporting
# aging by just about anything! see qtool(8) for details.
#
# 3. To queue. This is the queue to which files will be moved.
# It may be fully qualified, or relative to /var/spool/mqueue.
#
# 4. From queue. This is the queue from which files will be moved.
# It may be fully qualified, or relative to /var/spool/mqueue.
#
# Samples:
# AGE_DATA="[['25m', '', 'hourly', 'main']]";
# Every 25 minutes, move any file older than 25 minutes from
# /var/spool/mqueue/main to /var/spool/mqueue/hourly
#
# AGE_DATA="[['25m', '', 'hourly', 'main'],\
# ['120m', '', 'daily', 'hourly']]";
# Same as the above, but also move files from the hourly queue
# to the daily queue after 120 minutes in the hourly queue.
#
# AGE_DATA="[['25m',\
# '-e \'$msg{message}[0] == /Deferred: 452 4.2.2 Over quota/\'',\
# 'overquota', 'main']]";
# Every 25 minutes, move all files deferred because of quota
# violations from /var/spool/mqueue/main to
# /var/spool/mqueue/overquota where they can be processed on
# a different interval, or by some other means.
#
# If the above samples suggest Perl arrays, well, they are...
#
# AGE_DATA=""; Perl array Queue aging data
#
AGE_DATA="";
#
#------------------------------------------------------------------------------
# Dependant variables (set according to other variables)
#
#
#------------------------------------------------------------------------------
# Hidden variables (the blood be upon your hands)
#
DAEMON_RUNASUSER="No";
#
#------------------------------------------------------------------------------
# Deprecated variables (kept for reference)
#
DAEMON_STATS="${DAEMON_MAILSTATS}";
MSP_STATS="${MSP_MAILSTATS}";
#
#------------------------------------------------------------------------------
# Unknown variables (kept for reference)
#
#------------------------------------------------------------------------------
#
/etc/mail/sendmail.cf
http://91.228.198.55/sm/sendmail.cf
Kod: Zaznacz cały
#
# Copyright (c) 1998-2005 Richard Nelson. All Rights Reserved.
#
# This file is used to configure Sendmail for use with Debian systems.
#
#
# Copyright (c) 1998-2004 Sendmail, Inc. and its suppliers.
# All rights reserved.
# Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
# the sendmail distribution.
#
#
######################################################################
######################################################################
#####
##### SENDMAIL CONFIGURATION FILE
#####
##### built by root@vz5603 on Wed Nov 9 21:27:03 MSK 2011
##### in /
##### using /usr/share/sendmail/cf/ as configuration include directory
#####
######################################################################
#####
##### DO NOT EDIT THIS FILE! Only edit the source .mc file.
#####
######################################################################
######################################################################
##### $Id: cfhead.m4,v 8.116 2004/01/28 22:02:22 ca Exp $ #####
##### $Id: cf.m4,v 8.32 1999/02/07 07:26:14 gshapiro Exp $ #####
##### $Id: sendmail.mc, v 8.14.3-9.4 2010-09-21 11:05:34 cowboy Exp $ #####
##### $Id: autoconf.m4, v 8.14.3-9.4 2010-09-21 11:05:34 cowboy Exp $ #####
##### $Id: debian.m4, v 8.14.3-9.4 2010-09-21 11:05:34 cowboy Exp $ #####
#
#-------------------------------------------------------------------------
#
# Undocumented features are available in Debian Sendmail 8.14.3-9.4.
# * none
#
# _FFR_ features are available in Debian Sendmail 8.14.3-9.4.
# * milter
# * -D_FFR_QUEUE_SCHED_DBG -D_FFR_SKIP_DOMAINS -D_FFR_GROUPREADABLEAUTHINFOFILE -D_FFR_DAEMON_NETUNIX -D_FFR_NO_PIPE -D_FFR_SHM_STATUS -D_FFR_RHS -D_FFR_MAIL_MACRO -D_FFR_QUEUEDELAY=1 -D_FFR_BADRCPT_SHUTDOWN -D_FFR_RESET_MACRO_GLOBALS -D_FFR_TLS_1 -D_FFR_DEAL_WITH_ERROR_SSL
#-------------------------------------------------------------------------
#
# These _FFR_ features are for sendmail.mc processing
#
#-------------------------------------------------------------------------
##### $Id: debian-mta.m4, v 8.14.3-9.4 2010-09-21 11:05:34 cowboy Exp $ #####
##### $Id: no_default_msa.m4,v 8.2 2001/02/14 05:03:22 gshapiro Exp $ #####
##### $Id: use_cw_file.m4,v 8.11 2001/08/26 20:58:57 gshapiro Exp $ #####
##### $Id: access_db.m4,v 8.27 2006/07/06 21:10:10 ca Exp $ #####
##### $Id: greet_pause.m4,v 1.4 2004/07/06 20:49:51 ca Exp $ #####
##### $Id: delay_checks.m4,v 8.8 2000/12/05 18:50:45 ca Exp $ #####
##### $Id: conncontrol.m4,v 1.4 2004/02/19 21:31:47 ca Exp $ #####
##### $Id: ratecontrol.m4,v 1.5 2004/02/19 21:31:47 ca Exp $ #####
##### $Id: proto.m4,v 8.734 2008/01/24 23:42:01 ca Exp $ #####
# level 10 config file format
V10/Berkeley
# override file safeties - setting this option compromises system security,
# addressing the actual file configuration problem is preferred
# need to set this before any file actions are encountered in the cf file
O DontBlameSendmail= ,AssumeSafeChown,ForwardFileInGroupWritableDirPath,GroupWritableForwardFileSafe,GroupWritableIncludeFileSafe,IncludeFileInGroupWritableDirPath,DontWarnForwardFileInUnsafeDirPath,TrustStickyBit,NonRootSafeAddr,GroupWritableIncludeFile,GroupReadableaDefaultAuthInfoFile
# default LDAP map specification
# need to set this now before any LDAP maps are defined
#O LDAPDefaultSpec=-h localhost
##################
# local info #
##################
# my LDAP cluster
# need to set this before any LDAP lookups are done (including classes)
#D{sendmailMTACluster}$m
Cwlocalhost
# file containing names of hosts for which we receive email
Fw/etc/mail/local-host-names %[^\#]
# my official domain name
# ... define this only if sendmail cannot automatically determine your domain
#Dj$w.Foo.COM
# host/domain names ending with a token in class P are canonical
CP.
# "Smart" relay host (may be null)
DS
# operators that cannot be in local usernames (i.e., network indicators)
CO @ % !
# a class with just dot (for identifying canonical names)
C..
# a class with just a left bracket (for identifying domain literals)
C[[
# access_db acceptance class
C{Accept}OK RELAY
# Resolve map (to check if a host exists in check_mail)
Kresolve host -a<OKR> -T<TEMP>
C{ResOk}OKR
# Hosts for which relaying is permitted ($=R)
FR-o /etc/mail/relay-domains %[^\#]
# arithmetic map
Karith arith
# macro storage map
Kmacro macro
# possible values for TLS_connection in access map
C{Tls}VERIFY ENCR
# dequoting map
Kdequote dequote
# class E: names that should be exposed as from this host, even if we masquerade
# class L: names that should be delivered locally, even if we have a relay
# class M: domains that should be converted to $M
# class N: domains that should not be converted to $M
#CL root
# my name for error messages
DnMAILER-DAEMON
# Access list database (for spam stomping)
Kaccess hash -T<TMPF> /etc/mail/access
# Configuration version number
DZ8.14.3/Debian-9.4
###############
# Options #
###############
# strip message body to 7 bits on input?
O SevenBitInput=False
# 8-bit data handling
#O EightBitMode=pass8
# wait for alias file rebuild (default units: minutes)
O AliasWait=10
# location of alias file
O AliasFile=/etc/mail/aliases
# minimum number of free blocks on filesystem
O MinFreeBlocks=100
# maximum message size
#O MaxMessageSize=0
# substitution for space (blank) characters
O BlankSub=.
# avoid connecting to "expensive" mailers on initial submission?
O HoldExpensive=False
# checkpoint queue runs after every N successful deliveries
#O CheckpointInterval=10
# default delivery mode
O DeliveryMode=background
# error message header/file
#O ErrorHeader=/etc/mail/error-header
# error mode
#O ErrorMode=print
# save Unix-style "From_" lines at top of header?
#O SaveFromLine=False
# queue file mode (qf files)
O QueueFileMode=0640
# temporary file mode
O TempFileMode=0640
# match recipients against GECOS field?
#O MatchGECOS=False
# maximum hop count
O MaxHopCount=100
# location of help file
O HelpFile=/etc/mail/helpfile
# ignore dots as terminators in incoming messages?
#O IgnoreDots=False
# name resolver options
O ResolverOptions=+WorkAroundBrokenAAAA
# deliver MIME-encapsulated error messages?
O SendMimeErrors=True
# Forward file search path
O ForwardPath=$z/.forward.$w:$z/.forward
# open connection cache size
O ConnectionCacheSize=2
# open connection cache timeout
O ConnectionCacheTimeout=5m
# persistent host status directory
#O HostStatusDirectory=.hoststat
# single thread deliveries (requires HostStatusDirectory)?
#O SingleThreadDelivery=False
# use Errors-To: header?
O UseErrorsTo=False
# log level
O LogLevel=9
# send to me too, even in an alias expansion?
O MeToo=True
# verify RHS in newaliases?
O CheckAliases=False
# default messages to old style headers if no special punctuation?
O OldStyleHeaders=True
# SMTP daemon options
O DaemonPortOptions=Family=inet, Name=MTA-v4, Port=smtp, Addr=127.0.0.1
O DaemonPortOptions=Family=inet, Name=MSP-v4, Port=submission, M=Ea, Addr=127.0.0.1
# SMTP client options
#O ClientPortOptions=Family=inet, Address=0.0.0.0
# Modifiers to define {daemon_flags} for direct submissions
#O DirectSubmissionModifiers
# Use as mail submission program? See sendmail/SECURITY
#O UseMSP
# privacy flags
O PrivacyOptions=needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictexpand,nobodyreturn,authwarnings
# who (if anyone) should get extra copies of error messages
#O PostmasterCopy=Postmaster
# slope of queue-only function
#O QueueFactor=600000
# limit on number of concurrent queue runners
#O MaxQueueChildren
# maximum number of queue-runners per queue-grouping with multiple queues
O MaxRunnersPerQueue=5
# priority of queue runners (nice(3))
#O NiceQueueRun
# shall we sort the queue by hostname first?
#O QueueSortOrder=priority
# minimum time in queue before retry
#O MinQueueAge=30m
# how many jobs can you process in the queue?
#O MaxQueueRunSize=0
# perform initial split of envelope without checking MX records
#O FastSplit=1
# queue directory
O QueueDirectory=/var/spool/mqueue
# key for shared memory; 0 to turn off, -1 to auto-select
#O SharedMemoryKey=0
# file to store auto-selected key for shared memory (SharedMemoryKey = -1)
#O SharedMemoryKeyFile
# timeouts (many of these)
#O Timeout.initial=5m
#O Timeout.connect=5m
#O Timeout.aconnect=0s
O Timeout.iconnect=2m
#O Timeout.helo=5m
#O Timeout.mail=2m
#O Timeout.rcpt=1h
O Timeout.datainit=2m
#O Timeout.datablock=1h
#O Timeout.datafinal=1h
O Timeout.rset=1m
O Timeout.quit=2m
#O Timeout.misc=2m
O Timeout.command=5m
O Timeout.ident=5s
#O Timeout.fileopen=60s
#O Timeout.control=2m
O Timeout.queuereturn=5d
#O Timeout.queuereturn.normal=5d
#O Timeout.queuereturn.urgent=2d
#O Timeout.queuereturn.non-urgent=7d
#O Timeout.queuereturn.dsn=5d
O Timeout.queuewarn=4h
#O Timeout.queuewarn.normal=4h
#O Timeout.queuewarn.urgent=1h
#O Timeout.queuewarn.non-urgent=12h
#O Timeout.queuewarn.dsn=4h
#O Timeout.hoststatus=30m
#O Timeout.resolver.retrans=5s
#O Timeout.resolver.retrans.first=5s
#O Timeout.resolver.retrans.normal=5s
#O Timeout.resolver.retry=4
#O Timeout.resolver.retry.first=4
#O Timeout.resolver.retry.normal=4
#O Timeout.lhlo=2m
#O Timeout.auth=10m
#O Timeout.starttls=1h
# time for DeliverBy; extension disabled if less than 0
#O DeliverByMin=0
# should we not prune routes in route-addr syntax addresses?
#O DontPruneRoutes=False
# queue up everything before forking?
O SuperSafe=True
# status file
O StatusFile=/var/lib/sendmail/sendmail.st
# time zone handling:
# if undefined, use system default
# if defined but null, use TZ envariable passed in
# if defined and non-null, use that info
#O TimeZoneSpec=
# default UID (can be username or userid:groupid)
O DefaultUser=mail:mail
# list of locations of user database file (null means no lookup)
#O UserDatabaseSpec=/etc/mail/userdb
# fallback MX host
#O FallbackMXhost=fall.back.host.net
# fallback smart host
#O FallbackSmartHost=fall.back.host.net
# if we are the best MX host for a site, try it directly instead of config err
#O TryNullMXList=False
# load average at which we just queue messages
#O QueueLA=8
# load average at which we refuse connections
#O RefuseLA=12
# log interval when refusing connections for this long
#O RejectLogInterval=3h
# load average at which we delay connections; 0 means no limit
#O DelayLA=0
# maximum number of children we allow at one time
O MaxDaemonChildren=0
# maximum number of new connections per second
O ConnectionRateThrottle=15
# Width of the window
O ConnectionRateWindowSize=10m
# work recipient factor
#O RecipientFactor=30000
# deliver each queued job in a separate process?
#O ForkEachJob=False
# work class factor
#O ClassFactor=1800
# work time factor
#O RetryFactor=90000
# default character set
#O DefaultCharSet=unknown-8bit
# service switch file (name hardwired on Solaris, Ultrix, OSF/1, others)
#O ServiceSwitchFile=/etc/mail/service.switch
# hosts file (normally /etc/hosts)
#O HostsFile=/etc/hosts
# dialup line delay on connection failure
#O DialDelay=0s
# action to take if there are no recipients in the message
#O NoRecipientAction=none
# chrooted environment for writing to files
O SafeFileEnvironment=/
# are colons OK in addresses?
#O ColonOkInAddr=True
# shall I avoid expanding CNAMEs (violates protocols)?
#O DontExpandCnames=False
# SMTP initial login message (old $e macro)
O SmtpGreetingMessage=$j Sendmail $v/$Z; $b; (No UCE/UBE) $?{client_addr}logging access from: ${client_name}(${client_resolve})-$_$.
# UNIX initial From header format (old $l macro)
O UnixFromLine=From $g $d
# From: lines that have embedded newlines are unwrapped onto one line
#O SingleLineFromHeader=False
# Allow HELO SMTP command that does not include a host name
#O AllowBogusHELO=False
# Characters to be quoted in a full name phrase (@,;:\()[] are automatic)
O MustQuoteChars=.'
# delimiter (operator) characters (old $o macro)
O OperatorChars=.:%@!^/[]+
# shall I avoid calling initgroups(3) because of high NIS costs?
#O DontInitGroups=False
# are group-writable :include: and .forward files (un)trustworthy?
# True (the default) means they are not trustworthy.
#O UnsafeGroupWrites=True
# where do errors that occur when sending errors get sent?
#O DoubleBounceAddress=postmaster
# issue temporary errors (4xy) instead of permanent errors (5xy)?
#O SoftBounce=False
# where to save bounces if all else fails
O DeadLetterDrop=/var/lib/sendmail/dead.letter
# what user id do we assume for the majority of the processing?
#O RunAsUser=sendmail
# maximum number of recipients per SMTP envelope
#O MaxRecipientsPerMessage=0
# limit the rate recipients per SMTP envelope are accepted
# once the threshold number of recipients have been rejected
O BadRcptThrottle=3
# shall we get local names from our installed interfaces?
#O DontProbeInterfaces=False
# Return-Receipt-To: header implies DSN request
O RrtImpliesDsn=False
# override connection address (for testing)
#O ConnectOnlyTo=0.0.0.0
# Trusted user for file ownership and starting the daemon
O TrustedUser=smmta
# Control socket for daemon management
O ControlSocketName=/var/run/sendmail/mta/smcontrol
# Maximum MIME header length to protect MUAs
#O MaxMimeHeaderLength=0/0
# Maximum length of the sum of all headers
#O MaxHeadersLength=32768
# Maximum depth of alias recursion
#O MaxAliasRecursion=10
# location of pid file
O PidFile=/var/run/sendmail/mta/sendmail.pid
# Prefix string for the process title shown on 'ps' listings
O ProcessTitlePrefix=MTA
# Data file (df) memory-buffer file maximum size
#O DataFileBufferSize=4096
# Transcript file (xf) memory-buffer file maximum size
#O XscriptFileBufferSize=4096
# lookup type to find information about local mailboxes
#O MailboxDatabase=pw
# override compile time flag REQUIRES_DIR_FSYNC
#O RequiresDirfsync=true
# list of authentication mechanisms
#O AuthMechanisms=EXTERNAL GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5
# Authentication realm
#O AuthRealm
# default authentication information for outgoing connections
#O DefaultAuthInfo=/etc/mail/default-auth-info
# SMTP AUTH flags
#O AuthOptions
# SMTP AUTH maximum encryption strength
#O AuthMaxBits
# SMTP STARTTLS server options
#O TLSSrvOptions
# Input mail filters
#O InputMailFilters
# CA directory
#O CACertPath
# CA file
#O CACertFile
# Server Cert
#O ServerCertFile
# Server private key
#O ServerKeyFile
# Client Cert
#O ClientCertFile
# Client private key
#O ClientKeyFile
# File containing certificate revocation lists
#O CRLFile
# DHParameters (only required if DSA/DH is used)
#O DHParameters
# Random data source (required for systems without /dev/urandom under OpenSSL)
#O RandFile
# Maximum number of "useless" commands before slowing down
#O MaxNOOPCommands=20
# Name to use for EHLO (defaults to $j)
#O HeloName
############################
# QUEUE GROUP DEFINITIONS #
############################
###########################
# Message precedences #
###########################
Pfirst-class=0
Pspecial-delivery=100
Plist=-30
Pbulk=-60
Pjunk=-100
#####################
# Trusted users #
#####################
# this is equivalent to setting class "t"
#Ft/etc/mail/trusted-users %[^\#]
Troot
Tdaemon
Tuucp
#########################
# Format of headers #
#########################
H?P?Return-Path: <$g>
HReceived: $?sfrom $s $.$?_($?s$|from $.$_)
$.$?{auth_type}(authenticated$?{auth_ssf} bits=${auth_ssf}$.)
$.by $j ($v/$Z)$?r with $r$. id $i$?{tls_version}
(version=${tls_version} cipher=${cipher} bits=${cipher_bits} verify=${verify})$.$?u
for $u; $|;
$.$b
H?D?Resent-Date: $a
H?D?Date: $a
H?F?Resent-From: $?x$x <$g>$|$g$.
H?F?From: $?x$x <$g>$|$g$.
H?x?Full-Name: $x
# HPosted-Date: $a
# H?l?Received-Date: $b
H?M?Resent-Message-Id: <$t.$i@$j>
H?M?Message-Id: <$t.$i@$j>
#
######################################################################
######################################################################
#####
##### REWRITING RULES
#####
######################################################################
######################################################################
############################################
### Ruleset 3 -- Name Canonicalization ###
############################################
Scanonify=3
# handle null input (translate to <@> special case)
R$@ $@ <@>
# strip group: syntax (not inside angle brackets!) and trailing semicolon
R$* $: $1 <@> mark addresses
R$* < $* > $* <@> $: $1 < $2 > $3 unmark <addr>
R@ $* <@> $: @ $1 unmark @host:...
R$* [ IPv6 : $+ ] <@> $: $1 [ IPv6 : $2 ] unmark IPv6 addr
R$* :: $* <@> $: $1 :: $2 unmark node::addr
R:include: $* <@> $: :include: $1 unmark :include:...
R$* : $* [ $* ] $: $1 : $2 [ $3 ] <@> remark if leading colon
R$* : $* <@> $: $2 strip colon if marked
R$* <@> $: $1 unmark
R$* ; $1 strip trailing semi
R$* < $+ :; > $* $@ $2 :; <@> catch <list:;>
R$* < $* ; > $1 < $2 > bogus bracketed semi
# null input now results from list:; syntax
R$@ $@ :; <@>
# strip angle brackets -- note RFC733 heuristic to get innermost item
R$* $: < $1 > housekeeping <>
R$+ < $* > < $2 > strip excess on left
R< $* > $+ < $1 > strip excess on right
R<> $@ < @ > MAIL FROM:<> case
R< $+ > $: $1 remove housekeeping <>
# strip route address <@a,@b,@c:user@d> -> <user@d>
R@ $+ , $+ $2
R@ [ $* ] : $+ $2
R@ $+ : $+ $2
# find focus for list syntax
R $+ : $* ; @ $+ $@ $>Canonify2 $1 : $2 ; < @ $3 > list syntax
R $+ : $* ; $@ $1 : $2; list syntax
# find focus for @ syntax addresses
R$+ @ $+ $: $1 < @ $2 > focus on domain
R$+ < $+ @ $+ > $1 $2 < @ $3 > move gaze right
R$+ < @ $+ > $@ $>Canonify2 $1 < @ $2 > already canonical
# convert old-style addresses to a domain-based address
R$- ! $+ $@ $>Canonify2 $2 < @ $1 .UUCP > resolve uucp names
R$+ . $- ! $+ $@ $>Canonify2 $3 < @ $1 . $2 > domain uucps
R$+ ! $+ $@ $>Canonify2 $2 < @ $1 .UUCP > uucp subdomains
# if we have % signs, take the rightmost one
R$* % $* $1 @ $2 First make them all @s.
R$* @ $* @ $* $1 % $2 @ $3 Undo all but the last.
R$* @ $* $@ $>Canonify2 $1 < @ $2 > Insert < > and finish
# else we must be a local name
R$* $@ $>Canonify2 $1
################################################
### Ruleset 96 -- bottom half of ruleset 3 ###
################################################
SCanonify2=96
# handle special cases for local names
R$* < @ localhost > $* $: $1 < @ $j . > $2 no domain at all
R$* < @ localhost . $m > $* $: $1 < @ $j . > $2 local domain
R$* < @ localhost . UUCP > $* $: $1 < @ $j . > $2 .UUCP domain
# check for IPv4/IPv6 domain literal
R$* < @ [ $+ ] > $* $: $1 < @@ [ $2 ] > $3 mark [addr]
R$* < @@ $=w > $* $: $1 < @ $j . > $3 self-literal
R$* < @@ $+ > $* $@ $1 < @ $2 > $3 canon IP addr
# if really UUCP, handle it immediately
# try UUCP traffic as a local address
R$* < @ $+ . UUCP > $* $: $1 < @ $[ $2 $] . UUCP . > $3
R$* < @ $+ . . UUCP . > $* $@ $1 < @ $2 . > $3
# hostnames ending in class P are always canonical
R$* < @ $* $=P > $* $: $1 < @ $2 $3 . > $4
R$* < @ $* $~P > $* $: $&{daemon_flags} $| $1 < @ $2 $3 > $4
R$* CC $* $| $* < @ $+.$+ > $* $: $3 < @ $4.$5 . > $6
R$* CC $* $| $* $: $3
# pass to name server to make hostname canonical
R$* $| $* < @ $* > $* $: $2 < @ $[ $3 $] > $4
R$* $| $* $: $2
# local host aliases and pseudo-domains are always canonical
R$* < @ $=w > $* $: $1 < @ $2 . > $3
R$* < @ $=M > $* $: $1 < @ $2 . > $3
R$* < @ $* . . > $* $1 < @ $2 . > $3
##################################################
### Ruleset 4 -- Final Output Post-rewriting ###
##################################################
Sfinal=4
R$+ :; <@> $@ $1 : handle <list:;>
R$* <@> $@ handle <> and list:;
# strip trailing dot off possibly canonical name
R$* < @ $+ . > $* $1 < @ $2 > $3
# eliminate internal code
R$* < @ *LOCAL* > $* $1 < @ $j > $2
# externalize local domain info
R$* < $+ > $* $1 $2 $3 defocus
R@ $+ : @ $+ : $+ @ $1 , @ $2 : $3 <route-addr> canonical
R@ $* $@ @ $1 ... and exit
# UUCP must always be presented in old form
R$+ @ $- . UUCP $2!$1 u@h.UUCP => h!u
# delete duplicate local names
R$+ % $=w @ $=w $1 @ $2 u%host@host => u@host
##############################################################
### Ruleset 97 -- recanonicalize and call ruleset zero ###
### (used for recursive calls) ###
##############################################################
SRecurse=97
R$* $: $>canonify $1
R$* $@ $>parse $1
######################################
### Ruleset 0 -- Parse Address ###
######################################
Sparse=0
R$* $: $>Parse0 $1 initial parsing
R<@> $#local $: <@> special case error msgs
R$* $: $>ParseLocal $1 handle local hacks
R$* $: $>Parse1 $1 final parsing
#
# Parse0 -- do initial syntax checking and eliminate local addresses.
# This should either return with the (possibly modified) input
# or return with a #error mailer. It should not return with a
# #mailer other than the #error mailer.
#
SParse0
R<@> $@ <@> special case error msgs
R$* : $* ; <@> $#error $@ 5.1.3 $: "553 List:; syntax illegal for recipient addresses"
R@ <@ $* > < @ $1 > catch "@@host" bogosity
R<@ $+> $#error $@ 5.1.3 $: "553 User address required"
R$+ <@> $#error $@ 5.1.3 $: "553 Hostname required"
R$* $: <> $1
R<> $* < @ [ $* ] : $+ > $* $1 < @ [ $2 ] : $3 > $4
R<> $* < @ [ $* ] , $+ > $* $1 < @ [ $2 ] , $3 > $4
R<> $* < @ [ $* ] $+ > $* $#error $@ 5.1.2 $: "553 Invalid address"
R<> $* < @ [ $+ ] > $* $1 < @ [ $2 ] > $3
R<> $* <$* : $* > $* $#error $@ 5.1.3 $: "553 Colon illegal in host name part"
R<> $* $1
R$* < @ . $* > $* $#error $@ 5.1.2 $: "553 Invalid host name"
R$* < @ $* .. $* > $* $#error $@ 5.1.2 $: "553 Invalid host name"
R$* < @ $* @ > $* $#error $@ 5.1.2 $: "553 Invalid route address"
R$* @ $* < @ $* > $* $#error $@ 5.1.3 $: "553 Invalid route address"
R$* , $~O $* $#error $@ 5.1.3 $: "553 Invalid route address"
# now delete the local info -- note $=O to find characters that cause forwarding
R$* < @ > $* $@ $>Parse0 $>canonify $1 user@ => user
R< @ $=w . > : $* $@ $>Parse0 $>canonify $2 @here:... -> ...
R$- < @ $=w . > $: $(dequote $1 $) < @ $2 . > dequote "foo"@here
R< @ $+ > $#error $@ 5.1.3 $: "553 User address required"
R$* $=O $* < @ $=w . > $@ $>Parse0 $>canonify $1 $2 $3 ...@here -> ...
R$- $: $(dequote $1 $) < @ *LOCAL* > dequote "foo"
R< @ *LOCAL* > $#error $@ 5.1.3 $: "553 User address required"
R$* $=O $* < @ *LOCAL* >
$@ $>Parse0 $>canonify $1 $2 $3 ...@*LOCAL* -> ...
R$* < @ *LOCAL* > $: $1
#
# Parse1 -- the bottom half of ruleset 0.
#
SParse1
# handle numeric address spec
R$* < @ [ $+ ] > $* $: $>ParseLocal $1 < @ [ $2 ] > $3 numeric internet spec
R$* < @ [ $+ ] > $* $: $1 < @ [ $2 ] : $S > $3 Add smart host to path
R$* < @ [ $+ ] : > $* $#esmtp $@ [$2] $: $1 < @ [$2] > $3 no smarthost: send
R$* < @ [ $+ ] : $- : $*> $* $#$3 $@ $4 $: $1 < @ [$2] > $5 smarthost with mailer
R$* < @ [ $+ ] : $+ > $* $#esmtp $@ $3 $: $1 < @ [$2] > $4 smarthost without mailer
# short circuit local delivery so forwarded email works
R$=L < @ $=w . > $#local $: @ $1 special local names
R$+ < @ $=w . > $#local $: $1 regular local name
# resolve remotely connected UUCP links (if any)
# resolve fake top level domains by forwarding to other hosts
# pass names that still have a host to a smarthost (if defined)
R$* < @ $* > $* $: $>MailerToTriple < $S > $1 < @ $2 > $3 glue on smarthost name
# deal with other remote names
R$* < @$* > $* $#esmtp $@ $2 $: $1 < @ $2 > $3 user@host.domain
# handle locally delivered names
R$=L $#local $: @ $1 special local names
R$+ $#local $: $1 regular local names
###########################################################################
### Ruleset 5 -- special rewriting after aliases have been expanded ###
###########################################################################
SLocal_localaddr
Slocaladdr=5
R$+ $: $1 $| $>"Local_localaddr" $1
R$+ $| $#ok $@ $1 no change
R$+ $| $#$* $#$2
R$+ $| $* $: $1
# deal with plussed users so aliases work nicely
R$+ + * $#local $@ $&h $: $1
R$+ + $* $#local $@ + $2 $: $1 + *
# prepend an empty "forward host" on the front
R$+ $: <> $1
R< > $+ $: < > < $1 <> $&h > nope, restore +detail
R< > < $+ <> + $* > $: < > < $1 + $2 > check whether +detail
R< > < $+ <> $* > $: < > < $1 > else discard
R< > < $+ + $* > $* < > < $1 > + $2 $3 find the user part
R< > < $+ > + $* $#local $@ $2 $: @ $1 strip the extra +
R< > < $+ > $@ $1 no +detail
R$+ $: $1 <> $&h add +detail back in
R$+ <> + $* $: $1 + $2 check whether +detail
R$+ <> $* $: $1 else discard
R< local : $* > $* $: $>MailerToTriple < local : $1 > $2 no host extension
R< error : $* > $* $: $>MailerToTriple < error : $1 > $2 no host extension
R< $~[ : $+ > $+ $: $>MailerToTriple < $1 : $2 > $3 < @ $2 >
R< $+ > $+ $@ $>MailerToTriple < $1 > $2 < @ $1 >
###################################################################
### Ruleset 95 -- canonify mailer:[user@]host syntax to triple ###
###################################################################
SMailerToTriple=95
R< > $* $@ $1 strip off null relay
R< error : $-.$-.$- : $+ > $* $#error $@ $1.$2.$3 $: $4
R< error : $- : $+ > $* $#error $@ $(dequote $1 $) $: $2
R< error : $+ > $* $#error $: $1
R< local : $* > $* $>CanonLocal < $1 > $2
R< $~[ : $+ @ $+ > $*<$*>$* $# $1 $@ $3 $: $2<@$3> use literal user
R< $~[ : $+ > $* $# $1 $@ $2 $: $3 try qualified mailer
R< $=w > $* $@ $2 delete local host
R< $+ > $* $#relay $@ $1 $: $2 use unqualified mailer
###################################################################
### Ruleset CanonLocal -- canonify local: syntax ###
###################################################################
SCanonLocal
# strip local host from routed addresses
R< $* > < @ $+ > : $+ $@ $>Recurse $3
R< $* > $+ $=O $+ < @ $+ > $@ $>Recurse $2 $3 $4
# strip trailing dot from any host name that may appear
R< $* > $* < @ $* . > $: < $1 > $2 < @ $3 >
# handle local: syntax -- use old user, either with or without host
R< > $* < @ $* > $* $#local $@ $1@$2 $: $1
R< > $+ $#local $@ $1 $: $1
# handle local:user@host syntax -- ignore host part
R< $+ @ $+ > $* < @ $* > $: < $1 > $3 < @ $4 >
# handle local:user syntax
R< $+ > $* <@ $* > $* $#local $@ $2@$3 $: $1
R< $+ > $* $#local $@ $2 $: $1
###################################################################
### Ruleset 93 -- convert header names to masqueraded form ###
###################################################################
SMasqHdr=93
# do not masquerade anything in class N
R$* < @ $* $=N . > $@ $1 < @ $2 $3 . >
R$* < @ *LOCAL* > $@ $1 < @ $j . >
###################################################################
### Ruleset 94 -- convert envelope names to masqueraded form ###
###################################################################
SMasqEnv=94
R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2
###################################################################
### Ruleset 98 -- local part of ruleset zero (can be null) ###
###################################################################
SParseLocal=98
######################################################################
### D: LookUpDomain -- search for domain in access database
###
### Parameters:
### <$1> -- key (domain name)
### <$2> -- default (what to return if not found in db)
### <$3> -- mark (must be <(!|+) single-token>)
### ! does lookup only with tag
### + does lookup with and without tag
### <$4> -- passthru (additional data passed unchanged through)
######################################################################
SD
R<$*> <$+> <$- $-> <$*> $: < $(access $4:$1 $: ? $) > <$1> <$2> <$3 $4> <$5>
R<?> <$+> <$+> <+ $-> <$*> $: < $(access $1 $: ? $) > <$1> <$2> <+ $3> <$4>
R<SKIP> <$+> <$+> <$- $-> <$*> $@ <$2> <$5>
R<?> <[$+.$-]> <$+> <$- $-> <$*> $@ $>D <[$1]> <$3> <$4 $5> <$6>
R<?> <[$+::$-]> <$+> <$- $-> <$*> $: $>D <[$1]> <$3> <$4 $5> <$6>
R<?> <[$+:$-]> <$+> <$- $-> <$*> $: $>D <[$1]> <$3> <$4 $5> <$6>
R<?> <$+.$+> <$+> <$- $-> <$*> $@ $>D <$2> <$3> <$4 $5> <$6>
R<?> <$+> <$+> <$- $-> <$*> $@ <$2> <$5>
R<$* <TMPF>> <$+> <$+> <$- $-> <$*> $@ <<TMPF>> <$6>
R<$*> <$+> <$+> <$- $-> <$*> $@ <$1> <$6>
######################################################################
### A: LookUpAddress -- search for host address in access database
###
### Parameters:
### <$1> -- key (dot quadded host address)
### <$2> -- default (what to return if not found in db)
### <$3> -- mark (must be <(!|+) single-token>)
### ! does lookup only with tag
### + does lookup with and without tag
### <$4> -- passthru (additional data passed through)
######################################################################
SA
R<$+> <$+> <$- $-> <$*> $: < $(access $4:$1 $: ? $) > <$1> <$2> <$3 $4> <$5>
R<?> <$+> <$+> <+ $-> <$*> $: < $(access $1 $: ? $) > <$1> <$2> <+ $3> <$4>
R<SKIP> <$+> <$+> <$- $-> <$*> $@ <$2> <$5>
R<?> <$+::$-> <$+> <$- $-> <$*> $@ $>A <$1> <$3> <$4 $5> <$6>
R<?> <$+:$-> <$+> <$- $-> <$*> $@ $>A <$1> <$3> <$4 $5> <$6>
R<?> <$+.$-> <$+> <$- $-> <$*> $@ $>A <$1> <$3> <$4 $5> <$6>
R<?> <$+> <$+> <$- $-> <$*> $@ <$2> <$5>
R<$* <TMPF>> <$+> <$+> <$- $-> <$*> $@ <<TMPF>> <$6>
R<$*> <$+> <$+> <$- $-> <$*> $@ <$1> <$6>
######################################################################
### CanonAddr -- Convert an address into a standard form for
### relay checking. Route address syntax is
### crudely converted into a %-hack address.
###
### Parameters:
### $1 -- full recipient address
###
### Returns:
### parsed address, not in source route form
######################################################################
SCanonAddr
R$* $: $>Parse0 $>canonify $1 make domain canonical
######################################################################
### ParseRecipient -- Strip off hosts in $=R as well as possibly
### $* $=m or the access database.
### Check user portion for host separators.
###
### Parameters:
### $1 -- full recipient address
###
### Returns:
### parsed, non-local-relaying address
######################################################################
SParseRecipient
R$* $: <?> $>CanonAddr $1
R<?> $* < @ $* . > <?> $1 < @ $2 > strip trailing dots
R<?> $- < @ $* > $: <?> $(dequote $1 $) < @ $2 > dequote local part
# if no $=O character, no host in the user portion, we are done
R<?> $* $=O $* < @ $* > $: <NO> $1 $2 $3 < @ $4>
R<?> $* $@ $1
R<NO> $* < @ $* $=R > $: <RELAY> $1 < @ $2 $3 >
R<NO> $* < @ $+ > $: $>D <$2> <NO> <+ To> <$1 < @ $2 >>
R<$+> <$+> $: <$1> $2
R<RELAY> $* < @ $* > $@ $>ParseRecipient $1
R<$+> $* $@ $2
######################################################################
### check_relay -- check hostname/address on SMTP startup
######################################################################
Scheck_relay
R$* $: $>"RateControl" dummy
R$* $: $>"ConnControl" dummy
SLocal_check_relay
Scheckrelay
R$* $: $1 $| $>"Local_check_relay" $1
R$* $| $* $| $#$* $#$3
R$* $| $* $| $* $@ $>"Basic_check_relay" $1 $| $2
SBasic_check_relay
# check for deferred delivery mode
R$* $: < $&{deliveryMode} > $1
R< d > $* $@ deferred
R< $* > $* $: $2
R$+ $| $+ $: $>D < $1 > <?> <+ Connect> < $2 >
R $| $+ $: $>A < $1 > <?> <+ Connect> <> empty client_name
R<?> <$+> $: $>A < $1 > <?> <+ Connect> <> no: another lookup
R<?> <$*> $: OK found nothing
R<$={Accept}> <$*> $@ $1 return value of lookup
R<REJECT> <$*> $#error $@ 5.7.1 $: "550 Access denied"
R<DISCARD> <$*> $#discard $: discard
R<QUARANTINE:$+> <$*> $#error $@ quarantine $: $1
R<ERROR:$-.$-.$-:$+> <$*> $#error $@ $1.$2.$3 $: $4
R<ERROR:$+> <$*> $#error $: $1
R<$* <TMPF>> <$*> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R<$+> <$*> $#error $: $1
######################################################################
### check_mail -- check SMTP `MAIL FROM:' command argument
######################################################################
SLocal_check_mail
Scheckmail
R$* $: $1 $| $>"Local_check_mail" $1
R$* $| $#$* $#$2
R$* $| $* $@ $>"Basic_check_mail" $1
SBasic_check_mail
# check for deferred delivery mode
R$* $: < $&{deliveryMode} > $1
R< d > $* $@ deferred
R< $* > $* $: $2
# authenticated?
R$* $: $1 $| $>"tls_client" $&{verify} $| MAIL
R$* $| $#$+ $#$2
R$* $| $* $: $1
R<> $@ <OK> we MUST accept <> (RFC 1123)
R$+ $: <?> $1
R<?><$+> $: <@> <$1>
R<?>$+ $: <@> <$1>
R$* $: $&{daemon_flags} $| $1
R$* f $* $| <@> < $* @ $- > $: < ? $&{client_name} > < $3 @ $4 >
R$* u $* $| <@> < $* > $: <?> < $3 >
R$* $| $* $: $2
# handle case of @localhost on address
R<@> < $* @ localhost > $: < ? $&{client_name} > < $1 @ localhost >
R<@> < $* @ [127.0.0.1] >
$: < ? $&{client_name} > < $1 @ [127.0.0.1] >
R<@> < $* @ localhost.$m >
$: < ? $&{client_name} > < $1 @ localhost.$m >
R<@> < $* @ localhost.UUCP >
$: < ? $&{client_name} > < $1 @ localhost.UUCP >
R<@> $* $: $1 no localhost as domain
R<? $=w> $* $: $2 local client: ok
R<? $+> <$+> $#error $@ 5.5.4 $: "553 Real domain name required for sender address"
R<?> $* $: $1
R$* $: <?> $>CanonAddr $1 canonify sender address and mark it
R<?> $* < @ $+ . > <?> $1 < @ $2 > strip trailing dots
# handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc)
R<?> $* < @ $* $=P > $: <OKR> $1 < @ $2 $3 >
R<?> $* < @ $j > $: <OKR> $1 < @ $j >
R<?> $* < @ $+ > $: <? $(resolve $2 $: $2 <PERM> $) > $1 < @ $2 >
R<? $* <$->> $* < @ $+ >
$: <$2> $3 < @ $4 >
# check sender address: user@address, user@, address
R<$+> $+ < @ $* > $: @<$1> <$2 < @ $3 >> $| <F:$2@$3> <U:$2@> <D:$3>
R<$+> $+ $: @<$1> <$2> $| <U:$2@>
R@ <$+> <$*> $| <$+> $: <@> <$1> <$2> $| $>SearchList <+ From> $| <$3> <>
R<@> <$+> <$*> $| <$*> $: <$3> <$1> <$2> reverse result
# retransform for further use
R<?> <$+> <$*> $: <$1> $2 no match
R<$+> <$+> <$*> $: <$1> $3 relevant result, keep it
# handle case of no @domain on address
R<?> $* $: $&{daemon_flags} $| <?> $1
R$* u $* $| <?> $* $: <OKR> $3
R$* $| $* $: $2
R<?> $* $: < ? $&{client_addr} > $1
R<?> $* $@ <OKR> ...local unqualed ok
R<? $+> $* $#error $@ 5.5.4 $: "553 Domain name required for sender address " $&f
...remote is not
# check results
R<?> $* $: @ $1 mark address: nothing known about it
R<$={ResOk}> $* $: @ $2 domain ok
R<TEMP> $* $#error $@ 4.1.8 $: "451 Domain of sender address " $&f " does not resolve"
R<PERM> $* $#error $@ 5.1.8 $: "553 Domain of sender address " $&f " does not exist"
R<$={Accept}> $* $# $1 accept from access map
R<DISCARD> $* $#discard $: discard
R<QUARANTINE:$+> $* $#error $@ quarantine $: $1
R<REJECT> $* $#error $@ 5.7.1 $: "550 Access denied"
R<ERROR:$-.$-.$-:$+> $* $#error $@ $1.$2.$3 $: $4
R<ERROR:$+> $* $#error $: $1
R<<TMPF>> $* $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R<$+> $* $#error $: $1 error from access db
######################################################################
### check_rcpt -- check SMTP `RCPT TO:' command argument
######################################################################
SLocal_check_rcpt
Scheckrcpt
R$* $: $1 $| $>"Local_check_rcpt" $1
R$* $| $#$* $#$2
R$* $| $* $@ $>"Basic_check_rcpt" $1
SBasic_check_rcpt
# empty address?
R<> $#error $@ nouser $: "553 User address required"
R$@ $#error $@ nouser $: "553 User address required"
# check for deferred delivery mode
R$* $: < $&{deliveryMode} > $1
R< d > $* $@ deferred
R< $* > $* $: $2
######################################################################
R$* $: $1 $| @ $>"Rcpt_ok" $1
R$* $| @ $#TEMP $+ $: $1 $| T $2
R$* $| @ $#$* $#$2
R$* $| @ RELAY $@ RELAY
R$* $| @ $* $: O $| $>"Relay_ok" $1
R$* $| T $+ $: T $2 $| $>"Relay_ok" $1
R$* $| $#TEMP $+ $#error $2
R$* $| $#$* $#$2
R$* $| RELAY $@ RELAY
R T $+ $| $* $#error $1
# anything else is bogus
R$* $#error $@ 5.7.1 $: "550 Relaying denied"
######################################################################
### Rcpt_ok: is the recipient ok?
######################################################################
SRcpt_ok
R$* $: $>ParseRecipient $1 strip relayable hosts
# authenticated via TLS?
R$* $: $1 $| $>RelayTLS client authenticated?
R$* $| $# $+ $# $2 error/ok?
R$* $| $* $: $1 no
R$* $: $1 $| $>"Local_Relay_Auth" $&{auth_type}
R$* $| $# $* $# $2
R$* $| NO $: $1
R$* $| $* $: $1 $| $&{auth_type}
R$* $| $: $1
R$* $| $={TrustAuthMech} $# RELAY
R$* $| $* $: $1
# anything terminating locally is ok
R$+ < @ $=w > $@ RELAY
R$+ < @ $* $=R > $@ RELAY
R$+ < @ $+ > $: $>D <$2> <?> <+ To> <$1 < @ $2 >>
R<RELAY> $* $@ RELAY
R<$* <TMPF>> $* $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R<$*> <$*> $: $2
# check for local user (i.e. unqualified address)
R$* $: <?> $1
R<?> $* < @ $+ > $: <REMOTE> $1 < @ $2 >
# local user is ok
R<?> $+ $@ RELAY
R<$+> $* $: $2
######################################################################
### Relay_ok: is the relay/sender ok?
######################################################################
SRelay_ok
# anything originating locally is ok
# check IP address
R$* $: $&{client_addr}
R$@ $@ RELAY originated locally
R0 $@ RELAY originated locally
R127.0.0.1 $@ RELAY originated locally
RIPv6:::1 $@ RELAY originated locally
R$=R $* $@ RELAY relayable IP address
R$* $: $>A <$1> <?> <+ Connect> <$1>
R<RELAY> $* $@ RELAY relayable IP address
R<<TMPF>> $* $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R<$*> <$*> $: $2
R$* $: [ $1 ] put brackets around it...
R$=w $@ RELAY ... and see if it is local
# check client name: first: did it resolve?
R$* $: < $&{client_resolve} >
R<TEMP> $#TEMP $@ 4.4.0 $: "450 Relaying temporarily denied. Cannot resolve PTR record for " $&{client_addr}
R<FORGED> $#error $@ 5.7.1 $: "550 Relaying denied. IP name possibly forged " $&{client_name}
R<FAIL> $#error $@ 5.7.1 $: "550 Relaying denied. IP name lookup failed " $&{client_name}
R$* $: <@> $&{client_name}
# pass to name server to make hostname canonical
R<@> $* $=P $:<?> $1 $2
R<@> $+ $:<?> $[ $1 $]
R$* . $1 strip trailing dots
R<?> $=w $@ RELAY
R<?> $* $=R $@ RELAY
R<?> $* $: $>D <$1> <?> <+ Connect> <$1>
R<RELAY> $* $@ RELAY
R<$* <TMPF>> $* $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R<$*> <$*> $: $2
# turn a canonical address in the form user<@domain>
# qualify unqual. addresses with $j
SFullAddr
R$* <@ $+ . > $1 <@ $2 >
R$* <@ $* > $@ $1 <@ $2 >
R$+ $@ $1 <@ $j >
SDelay_TLS_Clt
# authenticated?
R$* $: $1 $| $>"tls_client" $&{verify} $| MAIL
R$* $| $#$+ $#$2
R$* $| $* $# $1
R$* $# $1
SDelay_TLS_Clt2
# authenticated?
R$* $: $1 $| $>"tls_client" $&{verify} $| MAIL
R$* $| $#$+ $#$2
R$* $| $* $@ $1
R$* $@ $1
# call all necessary rulesets
Scheck_rcpt
# R$@ $#error $@ 5.1.3 $: "553 Recipient address required"
R$+ $: $1 $| $>checkrcpt $1
R$+ $| $#error $* $#error $2
R$+ $| $#discard $* $#discard $2
R$+ $| $#$* $@ $>"Delay_TLS_Clt" $2
R$+ $| $* $: <?> $>FullAddr $>CanonAddr $1
R<?> $+ < @ $=w > $: <> $1 < @ $2 > $| <F: $1@$2 > <D: $2 > <U: $1@>
R<?> $+ < @ $* > $: <> $1 < @ $2 > $| <F: $1@$2 > <D: $2 >
# lookup the addresses only with Spam tag
R<> $* $| <$+> $: <@> $1 $| $>SearchList <! Spam> $| <$2> <>
R<@> $* $| $* $: $2 $1 reverse result
# is the recipient a spam friend?
R<FRIEND> $+ $@ $>"Delay_TLS_Clt2" SPAMFRIEND
R<$*> $+ $: $2
R$* $: $1 $| $>checkmail $&{mail_from}
R$* $| $#$* $#$2
R$* $| $* $: $1 $| $>checkrelay $&{client_name} $| $&{client_addr}
R$* $| $#$* $#$2
R$* $| $* $: $1
######################################################################
### F: LookUpFull -- search for an entry in access database
###
### lookup of full key (which should be an address) and
### variations if +detail exists: +* and without +detail
###
### Parameters:
### <$1> -- key
### <$2> -- default (what to return if not found in db)
### <$3> -- mark (must be <(!|+) single-token>)
### ! does lookup only with tag
### + does lookup with and without tag
### <$4> -- passthru (additional data passed unchanged through)
######################################################################
SF
R<$+> <$*> <$- $-> <$*> $: <$(access $4:$1 $: ? $)> <$1> <$2> <$3 $4> <$5>
R<?> <$+> <$*> <+ $-> <$*> $: <$(access $1 $: ? $)> <$1> <$2> <+ $3> <$4>
R<?> <$+ + $* @ $+> <$*> <$- $-> <$*>
$: <$(access $6:$1+*@$3 $: ? $)> <$1+$2@$3> <$4> <$5 $6> <$7>
R<?> <$+ + $* @ $+> <$*> <+ $-> <$*>
$: <$(access $1+*@$3 $: ? $)> <$1+$2@$3> <$4> <+ $5> <$6>
R<?> <$+ + $* @ $+> <$*> <$- $-> <$*>
$: <$(access $6:$1@$3 $: ? $)> <$1+$2@$3> <$4> <$5 $6> <$7>
R<?> <$+ + $* @ $+> <$*> <+ $-> <$*>
$: <$(access $1@$3 $: ? $)> <$1+$2@$3> <$4> <+ $5> <$6>
R<?> <$+> <$*> <$- $-> <$*> $@ <$2> <$5>
R<$+ <TMPF>> <$*> <$- $-> <$*> $@ <<TMPF>> <$5>
R<$+> <$*> <$- $-> <$*> $@ <$1> <$5>
######################################################################
### E: LookUpExact -- search for an entry in access database
###
### Parameters:
### <$1> -- key
### <$2> -- default (what to return if not found in db)
### <$3> -- mark (must be <(!|+) single-token>)
### ! does lookup only with tag
### + does lookup with and without tag
### <$4> -- passthru (additional data passed unchanged through)
######################################################################
SE
R<$*> <$*> <$- $-> <$*> $: <$(access $4:$1 $: ? $)> <$1> <$2> <$3 $4> <$5>
R<?> <$+> <$*> <+ $-> <$*> $: <$(access $1 $: ? $)> <$1> <$2> <+ $3> <$4>
R<?> <$+> <$*> <$- $-> <$*> $@ <$2> <$5>
R<$+ <TMPF>> <$*> <$- $-> <$*> $@ <<TMPF>> <$5>
R<$+> <$*> <$- $-> <$*> $@ <$1> <$5>
######################################################################
### U: LookUpUser -- search for an entry in access database
###
### lookup of key (which should be a local part) and
### variations if +detail exists: +* and without +detail
###
### Parameters:
### <$1> -- key (user@)
### <$2> -- default (what to return if not found in db)
### <$3> -- mark (must be <(!|+) single-token>)
### ! does lookup only with tag
### + does lookup with and without tag
### <$4> -- passthru (additional data passed unchanged through)
######################################################################
SU
R<$+> <$*> <$- $-> <$*> $: <$(access $4:$1 $: ? $)> <$1> <$2> <$3 $4> <$5>
R<?> <$+> <$*> <+ $-> <$*> $: <$(access $1 $: ? $)> <$1> <$2> <+ $3> <$4>
R<?> <$+ + $* @> <$*> <$- $-> <$*>
$: <$(access $5:$1+*@ $: ? $)> <$1+$2@> <$3> <$4 $5> <$6>
R<?> <$+ + $* @> <$*> <+ $-> <$*>
$: <$(access $1+*@ $: ? $)> <$1+$2@> <$3> <+ $4> <$5>
R<?> <$+ + $* @> <$*> <$- $-> <$*>
$: <$(access $5:$1@ $: ? $)> <$1+$2@> <$3> <$4 $5> <$6>
R<?> <$+ + $* @> <$*> <+ $-> <$*>
$: <$(access $1@ $: ? $)> <$1+$2@> <$3> <+ $4> <$5>
R<?> <$+> <$*> <$- $-> <$*> $@ <$2> <$5>
R<$+ <TMPF>> <$*> <$- $-> <$*> $@ <<TMPF>> <$5>
R<$+> <$*> <$- $-> <$*> $@ <$1> <$5>
######################################################################
### SearchList: search a list of items in the access map
### Parameters:
### <exact tag> $| <mark:address> <mark:address> ... <>
### where "exact" is either "+" or "!":
### <+ TAG> lookup with and w/o tag
### <! TAG> lookup with tag
### possible values for "mark" are:
### D: recursive host lookup (LookUpDomain)
### E: exact lookup, no modifications
### F: full lookup, try user+ext@domain and user@domain
### U: user lookup, try user+ext and user (input must have trailing @)
### return: <RHS of lookup> or <?> (not found)
######################################################################
# class with valid marks for SearchList
C{Src}E F D U A
SSearchList
# just call the ruleset with the name of the tag... nice trick...
R<$+> $| <$={Src}:$*> <$*> $: <$1> $| <$4> $| $>$2 <$3> <?> <$1> <>
R<$+> $| <> $| <?> <> $@ <?>
R<$+> $| <$+> $| <?> <> $@ $>SearchList <$1> $| <$2>
R<$+> $| <$*> $| <$+> <> $@ <$3>
R<$+> $| <$+> $@ <$2>
######################################################################
### trust_auth: is user trusted to authenticate as someone else?
###
### Parameters:
### $1: AUTH= parameter from MAIL command
######################################################################
SLocal_trust_auth
Strust_auth
R$* $: $&{auth_type} $| $1
# required by RFC 2554 section 4.
R$@ $| $* $#error $@ 5.7.1 $: "550 not authenticated"
R$* $| $&{auth_authen} $@ identical
R$* $| <$&{auth_authen}> $@ identical
R$* $| $* $: $1 $| $>"Local_trust_auth" $2
R$* $| $#$* $#$2
R$* $#error $@ 5.7.1 $: "550 " $&{auth_authen} " not allowed to act as " $&{auth_author}
######################################################################
### Relay_Auth: allow relaying based on authentication?
###
### Parameters:
### $1: ${auth_type}
######################################################################
SLocal_Relay_Auth
######################################################################
### srv_features: which features to offer to a client?
### (done in server)
######################################################################
Ssrv_features
R$* $: $>D <$&{client_name}> <?> <! "Srv_Features"> <>
R<?>$* $: $>A <$&{client_addr}> <?> <! "Srv_Features"> <>
R<?>$* $: <$(access "Srv_Features": $: ? $)>
R<?>$* $@ OK
R<$* <TMPF>>$* $#temp
R<$+>$* $# $1
######################################################################
### try_tls: try to use STARTTLS?
### (done in client)
######################################################################
Stry_tls
R$* $: $>D <$&{server_name}> <?> <! "Try_TLS"> <>
R<?>$* $: $>A <$&{server_addr}> <?> <! "Try_TLS"> <>
R<?>$* $: <$(access "Try_TLS": $: ? $)>
R<?>$* $@ OK
R<$* <TMPF>>$* $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R<NO>$* $#error $@ 5.7.1 $: "550 do not try TLS with " $&{server_name} " ["$&{server_addr}"]"
######################################################################
### tls_rcpt: is connection with server "good" enough?
### (done in client, per recipient)
###
### Parameters:
### $1: recipient
######################################################################
Stls_rcpt
R$* $: $(macro {TLS_Name} $@ $&{server_name} $) $1
R$+ $: <?> $>CanonAddr $1
R<?> $+ < @ $+ . > <?> $1 <@ $2 >
R<?> $+ < @ $+ > $: $1 <@ $2 > $| <F:$1@$2> <U:$1@> <D:$2> <E:>
R<?> $+ $: $1 $| <U:$1@> <E:>
R$* $| $+ $: $1 $| $>SearchList <! "TLS_Rcpt"> $| $2 <>
R$* $| <?> $@ OK
R$* $| <$* <TMPF>> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R$* $| <$+> $@ $>"TLS_connection" $&{verify} $| <$2>
######################################################################
### tls_client: is connection with client "good" enough?
### (done in server)
###
### Parameters:
### ${verify} $| (MAIL|STARTTLS)
######################################################################
Stls_client
R$* $: $(macro {TLS_Name} $@ $&{server_name} $) $1
R$* $| $* $: $1 $| $>D <$&{client_name}> <?> <! "TLS_Clt"> <>
R$* $| <?>$* $: $1 $| $>A <$&{client_addr}> <?> <! "TLS_Clt"> <>
R$* $| <?>$* $: $1 $| <$(access "TLS_Clt": $: ? $)>
R$* $| <$* <TMPF>> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R$* $@ $>"TLS_connection" $1
######################################################################
### tls_server: is connection with server "good" enough?
### (done in client)
###
### Parameter:
### ${verify}
######################################################################
Stls_server
R$* $: $(macro {TLS_Name} $@ $&{server_name} $) $1
R$* $: $1 $| $>D <$&{server_name}> <?> <! "TLS_Srv"> <>
R$* $| <?>$* $: $1 $| $>A <$&{server_addr}> <?> <! "TLS_Srv"> <>
R$* $| <?>$* $: $1 $| <$(access "TLS_Srv": $: ? $)>
R$* $| <$* <TMPF>> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R$* $@ $>"TLS_connection" $1
######################################################################
### TLS_connection: is TLS connection "good" enough?
###
### Parameters:
### ${verify} $| <Requirement> [<>]
### Requirement: RHS from access map, may be ? for none.
######################################################################
STLS_connection
R$* $| <$*>$* $: $1 $| <$2>
# create the appropriate error codes
R$* $| <PERM + $={Tls} $*> $: $1 $| <503:5.7.0> <$2 $3>
R$* $| <TEMP + $={Tls} $*> $: $1 $| <403:4.7.0> <$2 $3>
R$* $| <$={Tls} $*> $: $1 $| <403:4.7.0> <$2 $3>
# deal with TLS handshake failures: abort
RSOFTWARE $| <$-:$+> $* $#error $@ $2 $: $1 " TLS handshake failed."
RSOFTWARE $| $* $#error $@ 4.7.0 $: "403 TLS handshake failed."
# deal with TLS protocol errors: abort
RPROTOCOL $| <$-:$+> $* $#error $@ $2 $: $1 " STARTTLS failed."
RPROTOCOL $| $* $#error $@ 4.7.0 $: "403 STARTTLS failed."
R$* $| <$*> <VERIFY> $: <$2> <VERIFY> <> $1
R$* $| <$*> <VERIFY + $+> $: <$2> <VERIFY> <$3> $1
R$* $| <$*> <$={Tls}:$->$* $: <$2> <$3:$4> <> $1
R$* $| <$*> <$={Tls}:$- + $+>$* $: <$2> <$3:$4> <$5> $1
R$* $| $* $@ OK
# authentication required: give appropriate error
# other side did authenticate (via STARTTLS)
R<$*><VERIFY> <> OK $@ OK
R<$*><VERIFY> <$+> OK $: <$1> <REQ:0> <$2>
R<$*><VERIFY:$-> <$*> OK $: <$1> <REQ:$2> <$3>
R<$*><ENCR:$-> <$*> $* $: <$1> <REQ:$2> <$3>
R<$-:$+><VERIFY $*> <$*> $#error $@ $2 $: $1 " authentication required"
R<$-:$+><VERIFY $*> <$*> FAIL $#error $@ $2 $: $1 " authentication failed"
R<$-:$+><VERIFY $*> <$*> NO $#error $@ $2 $: $1 " not authenticated"
R<$-:$+><VERIFY $*> <$*> NOT $#error $@ $2 $: $1 " no authentication requested"
R<$-:$+><VERIFY $*> <$*> NONE $#error $@ $2 $: $1 " other side does not support STARTTLS"
R<$-:$+><VERIFY $*> <$*> $+ $#error $@ $2 $: $1 " authentication failure " $4
R<$*><REQ:$-> <$*> $: <$1> <REQ:$2> <$3> $>max $&{cipher_bits} : $&{auth_ssf}
R<$*><REQ:$-> <$*> $- $: <$1> <$2:$4> <$3> $(arith l $@ $4 $@ $2 $)
R<$-:$+><$-:$-> <$*> TRUE $#error $@ $2 $: $1 " encryption too weak " $4 " less than " $3
R<$-:$+><$-:$-> <$*> $* $: <$1:$2 ++ $5>
R<$-:$+ ++ > $@ OK
R<$-:$+ ++ $+ > $: <$1:$2> <$3>
R<$-:$+> < $+ ++ $+ > <$1:$2> <$3> <$4>
R<$-:$+> $+ $@ $>"TLS_req" $3 $| <$1:$2>
######################################################################
### TLS_req: check additional TLS requirements
###
### Parameters: [<list> <of> <req>] $| <$-:$+>
### $-: SMTP reply code
### $+: Enhanced Status Code
######################################################################
STLS_req
R $| $+ $@ OK
R<CN> $* $| <$+> $: <CN:$&{TLS_Name}> $1 $| <$2>
R<CN:$&{cn_subject}> $* $| <$+> $@ $>"TLS_req" $1 $| <$2>
R<CN:$+> $* $| <$-:$+> $#error $@ $4 $: $3 " CN " $&{cn_subject} " does not match " $1
R<CS:$&{cert_subject}> $* $| <$+> $@ $>"TLS_req" $1 $| <$2>
R<CS:$+> $* $| <$-:$+> $#error $@ $4 $: $3 " Cert Subject " $&{cert_subject} " does not match " $1
R<CI:$&{cert_issuer}> $* $| <$+> $@ $>"TLS_req" $1 $| <$2>
R<CI:$+> $* $| <$-:$+> $#error $@ $4 $: $3 " Cert Issuer " $&{cert_issuer} " does not match " $1
ROK $@ OK
######################################################################
### max: return the maximum of two values separated by :
###
### Parameters: [$-]:[$-]
######################################################################
Smax
R: $: 0
R:$- $: $1
R$-: $: $1
R$-:$- $: $(arith l $@ $1 $@ $2 $) : $1 : $2
RTRUE:$-:$- $: $2
R$-:$-:$- $: $2
######################################################################
### RelayTLS: allow relaying based on TLS authentication
###
### Parameters:
### none
######################################################################
SRelayTLS
# authenticated?
R$* $: <?> $&{verify}
R<?> OK $: OK authenticated: continue
R<?> $* $@ NO not authenticated
R$* $: $&{cert_issuer}
R$+ $: $(access CERTISSUER:$1 $)
RRELAY $# RELAY
RSUBJECT $: <@> $&{cert_subject}
R<@> $+ $: <@> $(access CERTSUBJECT:$1 $)
R<@> RELAY $# RELAY
R$* $: NO
######################################################################
### authinfo: lookup authinfo in the access map
###
### Parameters:
### $1: {server_name}
### $2: {server_addr}
######################################################################
Sauthinfo
R$* $: $1 $| $>D <$&{server_name}> <?> <! AuthInfo> <>
R$* $| <?>$* $: $1 $| $>A <$&{server_addr}> <?> <! AuthInfo> <>
R$* $| <?>$* $: $1 $| <$(access AuthInfo: $: ? $)> <>
R$* $| <?>$* $@ no no authinfo available
R$* $| <$*> <> $# $2
######################################################################
### RateControl:
### Parameters: ignored
### return: $#error or OK
######################################################################
SRateControl
R$* $: <A:$&{client_addr}> <E:>
R$+ $: $>SearchList <! ClientRate> $| $1 <>
R<?> $@ OK
R<$* <TMPF>> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R<0> $@ OK no limit
R<$+> $: <$1> $| $(arith l $@ $1 $@ $&{client_rate} $)
R<$+> $| TRUE $#error $@ 4.3.2 $: 421 Connection rate limit exceeded.
######################################################################
### ConnControl:
### Parameters: ignored
### return: $#error or OK
######################################################################
SConnControl
R$* $: <A:$&{client_addr}> <E:>
R$+ $: $>SearchList <! ClientConn> $| $1 <>
R<?> $@ OK
R<$* <TMPF>> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R<0> $@ OK no limit
R<$+> $: <$1> $| $(arith l $@ $1 $@ $&{client_connections} $)
R<$+> $| TRUE $#error $@ 4.3.2 $: 421 Too many open connections.
######################################################################
### greet_pause: lookup pause time before 220 greeting
###
### Parameters:
### $1: {client_name}
### $2: {client_addr}
######################################################################
SLocal_greet_pause
Sgreet_pause
R$* $: <$1><?> $| $>"Local_greet_pause" $1
R<$*><?> $| $#$* $#$2
R<$*><?> $| $* $: $1
R$+ $| $+ $: $>D < $1 > <?> <! GreetPause> < $2 >
R $| $+ $: $>A < $1 > <?> <! GreetPause> <> empty client_name
R<?> <$+> $: $>A < $1 > <?> <! GreetPause> <> no: another lookup
R<?> <$*> $# 1000
R<$* <TMPF>> <$*> $@
R<$+> <$*> $# $1
#
######################################################################
######################################################################
#####
##### MAIL FILTER DEFINITIONS
#####
######################################################################
######################################################################
#
######################################################################
######################################################################
#####
##### MAILER DEFINITIONS
#####
######################################################################
######################################################################
##################################################
### Local and Program Mailer specification ###
##################################################
##### $Id: local.m4,v 8.59 2004/11/23 00:37:25 ca Exp $ #####
#
# Envelope sender rewriting
#
SEnvFromL
R<@> $n errors to mailer-daemon
R@ <@ $*> $n temporarily bypass Sun bogosity
R$+ $: $>AddDomain $1 add local domain if needed
R$* $: $>MasqEnv $1 do masquerading
#
# Envelope recipient rewriting
#
SEnvToL
R$+ < @ $* > $: $1 strip host part
R$+ + $* $: < $&{addr_type} > $1 + $2 mark with addr type
R<e s> $+ + $* $: $1 remove +detail for sender
R< $* > $+ $: $2 else remove mark
#
# Header sender rewriting
#
SHdrFromL
R<@> $n errors to mailer-daemon
R@ <@ $*> $n temporarily bypass Sun bogosity
R$+ $: $>AddDomain $1 add local domain if needed
R$* $: $>MasqHdr $1 do masquerading
#
# Header recipient rewriting
#
SHdrToL
R$+ $: $>AddDomain $1 add local domain if needed
R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2
#
# Common code to add local domain name (only if always-add-domain)
#
SAddDomain
Mlocal, P=/usr/sbin/sensible-mda, F=lsDFMAw5:/|@qPn9S, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL,
T=DNS/RFC822/X-Unix,
A=sensible-mda $g $u $h ${client_addr}
Mprog, P=/bin/sh, F=lsDFMoqeu9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, D=$z:/,
T=X-Unix/X-Unix/X-Unix,
A=sh -c $u
#####################################
### SMTP Mailer specification ###
#####################################
##### $Id: smtp.m4,v 8.65 2006/07/12 21:08:10 ca Exp $ #####
#
# common sender and masquerading recipient rewriting
#
SMasqSMTP
R$* < @ $* > $* $@ $1 < @ $2 > $3 already fully qualified
R$+ $@ $1 < @ *LOCAL* > add local qualification
#
# convert pseudo-domain addresses to real domain addresses
#
SPseudoToReal
# pass <route-addr>s through
R< @ $+ > $* $@ < @ $1 > $2 resolve <route-addr>
# output fake domains as user%fake@relay
# do UUCP heuristics; note that these are shared with UUCP mailers
R$+ < @ $+ .UUCP. > $: < $2 ! > $1 convert to UUCP form
R$+ < @ $* > $* $@ $1 < @ $2 > $3 not UUCP form
# leave these in .UUCP form to avoid further tampering
R< $&h ! > $- ! $+ $@ $2 < @ $1 .UUCP. >
R< $&h ! > $-.$+ ! $+ $@ $3 < @ $1.$2 >
R< $&h ! > $+ $@ $1 < @ $&h .UUCP. >
R< $+ ! > $+ $: $1 ! $2 < @ $Y > use UUCP_RELAY
R$+ < @ $~[ $* : $+ > $@ $1 < @ $4 > strip mailer: part
R$+ < @ > $: $1 < @ *LOCAL* > if no UUCP_RELAY
#
# envelope sender rewriting
#
SEnvFromSMTP
R$+ $: $>PseudoToReal $1 sender/recipient common
R$* :; <@> $@ list:; special case
R$* $: $>MasqSMTP $1 qualify unqual'ed names
R$+ $: $>MasqEnv $1 do masquerading
#
# envelope recipient rewriting --
# also header recipient if not masquerading recipients
#
SEnvToSMTP
R$+ $: $>PseudoToReal $1 sender/recipient common
R$+ $: $>MasqSMTP $1 qualify unqual'ed names
R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2
#
# header sender and masquerading header recipient rewriting
#
SHdrFromSMTP
R$+ $: $>PseudoToReal $1 sender/recipient common
R:; <@> $@ list:; special case
# do special header rewriting
R$* <@> $* $@ $1 <@> $2 pass null host through
R< @ $* > $* $@ < @ $1 > $2 pass route-addr through
R$* $: $>MasqSMTP $1 qualify unqual'ed names
R$+ $: $>MasqHdr $1 do masquerading
#
# relay mailer header masquerading recipient rewriting
#
SMasqRelay
R$+ $: $>MasqSMTP $1
R$+ $: $>MasqHdr $1
Msmtp, P=[IPC], F=mDFMuX, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,
T=DNS/RFC822/SMTP,
A=TCP $h
Mesmtp, P=[IPC], F=mDFMuXa, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,
T=DNS/RFC822/SMTP,
A=TCP $h
Msmtp8, P=[IPC], F=mDFMuX8, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,
T=DNS/RFC822/SMTP,
A=TCP $h
Mdsmtp, P=[IPC], F=mDFMuXa%, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,
T=DNS/RFC822/SMTP,
A=TCP $h
Mrelay, P=[IPC], F=mDFMuXa8, S=EnvFromSMTP/HdrFromSMTP, R=MasqSMTP, E=\r\n, L=2040,
T=DNS/RFC822/SMTP,
A=TCP $h
### /etc/mail/sendmail.mc ###
# divert(-1)dnl
# #-----------------------------------------------------------------------------
# # $Sendmail: debproto.mc,v 8.14.3 2010-09-21 11:05:34 cowboy Exp $
# #
# # Copyright (c) 1998-2009 Richard Nelson. All Rights Reserved.
# #
# # cf/debian/sendmail.mc. Generated from sendmail.mc.in by configure.
# #
# # sendmail.mc prototype config file for building Sendmail 8.14.3
# #
# # Note: the .in file supports 8.7.6 - 9.0.0, but the generated
# # file is customized to the version noted above.
# #
# # This file is used to configure Sendmail for use with Debian systems.
# #
# # If you modify this file, you will have to regenerate /etc/mail/sendmail.cf
# # by running this file through the m4 preprocessor via one of the following:
# # * make (or make -C /etc/mail)
# # * sendmailconfig
# # * m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
# # The first two options are preferred as they will also update other files
# # that depend upon the contents of this file.
# #
# # The best documentation for this .mc file is:
# # /usr/share/doc/sendmail-doc/cf.README.gz
# #
# #-----------------------------------------------------------------------------
# divert(0)dnl
# #
# # Copyright (c) 1998-2005 Richard Nelson. All Rights Reserved.
# #
# # This file is used to configure Sendmail for use with Debian systems.
# #
# define(`_USE_ETC_MAIL_')dnl
# include(`/usr/share/sendmail/cf/m4/cf.m4')dnl
# VERSIONID(`$Id: sendmail.mc, v 8.14.3-9.4 2010-09-21 11:05:34 cowboy Exp $')
# OSTYPE(`debian')dnl
# DOMAIN(`debian-mta')dnl
# dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE
# undefine(`confHOST_STATUS_DIRECTORY')dnl #DAEMON_HOSTSTATS=
# dnl # Items controlled by /etc/mail/sendmail.conf - DO NOT TOUCH HERE
# dnl #
# dnl # General defines
# dnl #
# dnl # SAFE_FILE_ENV: [undefined] If set, sendmail will do a chroot()
# dnl # into this directory before writing files.
# dnl # If *all* your user accounts are under /home then use that
# dnl # instead - it will prevent any writes outside of /home !
# dnl # define(`confSAFE_FILE_ENV', `')dnl
# dnl #
# dnl # Daemon options - restrict to servicing LOCALHOST ONLY !!!
# dnl # Remove `, Addr=' clauses to receive from any interface
# dnl # If you want to support IPv6, switch the commented/uncommentd lines
# dnl #
# FEATURE(`no_default_msa')dnl
# dnl DAEMON_OPTIONS(`Family=inet6, Name=MTA-v6, Port=smtp, Addr=::1')dnl
# DAEMON_OPTIONS(`Family=inet, Name=MTA-v4, Port=smtp, Addr=127.0.0.1')dnl
# dnl DAEMON_OPTIONS(`Family=inet6, Name=MSP-v6, Port=submission, M=Ea, Addr=::1')dnl
# DAEMON_OPTIONS(`Family=inet, Name=MSP-v4, Port=submission, M=Ea, Addr=127.0.0.1')dnl
# dnl #
# dnl # Be somewhat anal in what we allow
# define(`confPRIVACY_FLAGS',dnl
# `needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictexpand,nobodyreturn,authwarnings')dnl
# dnl #
# dnl # Define connection throttling and window length
# define(`confCONNECTION_RATE_THROTTLE', `15')dnl
# define(`confCONNECTION_RATE_WINDOW_SIZE',`10m')dnl
# dnl #
# dnl # Features
# dnl #
# dnl # use /etc/mail/local-host-names
# FEATURE(`use_cw_file')dnl
# dnl #
# dnl # The access db is the basis for most of sendmail's checking
# FEATURE(`access_db', , `skip')dnl
# dnl #
# dnl # The greet_pause feature stops some automail bots - but check the
# dnl # provided access db for details on excluding localhosts...
# FEATURE(`greet_pause', `1000')dnl 1 seconds
# dnl #
# dnl # Delay_checks allows sender<->recipient checking
# FEATURE(`delay_checks', `friend', `n')dnl
# dnl #
# dnl # If we get too many bad recipients, slow things down...
# define(`confBAD_RCPT_THROTTLE',`3')dnl
# dnl #
# dnl # Stop connections that overflow our concurrent and time connection rates
# FEATURE(`conncontrol', `nodelay', `terminate')dnl
# FEATURE(`ratecontrol', `nodelay', `terminate')dnl
# dnl #
# dnl # If you're on a dialup link, you should enable this - so sendmail
# dnl # will not bring up the link (it will queue mail for later)
# dnl define(`confCON_EXPENSIVE',`True')dnl
# dnl #
# dnl # Dialup/LAN connection overrides
# dnl #
# include(`/etc/mail/m4/dialup.m4')dnl
# include(`/etc/mail/m4/provider.m4')dnl
# dnl #
# dnl # Default Mailer setup
# MAILER_DEFINITIONS
# MAILER(`local')dnl
# MAILER(`smtp')dnl
#
/etc/cron.d/sendmail
http://91.228.198.55/sm/sendmail
Kod: Zaznacz cały
####################################################################
##### This file is automagically generated -- edit at your own risk
#####
##### file: /etc/cron.d/sendmail
##### generated via: (/usr/bin/perl v5>10.1)
##### /usr/share/sendmail/update_conf
##### version: 8.14.3 2010-09-21 11:05:34 cowboy
##### by: root@vz5603
##### on: Wed Nov 9 21:50:39 2011
##### in: /etc/mail
##### input files:
##### /etc/mail/sendmail.conf
#####
####################################################################
#------------------------------------------------------------------------------
#
# /etc/cron.d/sendmail
#
# Copyright (c) 2001-2009 Richard Nelson. All Rights Reserved.
# Version: 8.14.3
# Time-stamp: <2010-09-21 11:05:34 cowboy>
#
# Sendmail crontab - Call sendmail at various times to do the following:
# 1) Age queues - move undelivered mail to a slower queue
# 2) Retry any mail queued by the message submission process
# 3) run the queues (deliver mail) if a standalone daemon is not desired
#
# Each processes is independant and guided by /etc/mail/sendmail.conf and
# {sendmail,submit}.mc files.
#
# There isn't anything here that should need touching.
#
# Any requisite queue/misc parameters must be set in /etc/mail/sendmail.conf
# and reflected herein via /usr/sbin/sendmailconfig (or more directly via
# /usr/share/sendmail/update_conf).
#
#------------------------------------------------------------------------------
#
# use default path, shell, home
#SHELL=/bin/sh
#PATH=
#HOME=
# send mail to this user, as `mail/smmsp` isn't real.
MAILTO=root
#
# format of entries:
# m h dom mon dow user command
#
#------------------------------------------------------------------------------
# Every so often, give sendmail a chance to run the MSP queues.
#
* * * * * smmsp test -x /etc/init.d/sendmail && /usr/share/sendmail/sendmail cron-msp
#
#------------------------------------------------------------------------------
# Every so often, give sendmail a chance to run the MTA queues.
# Will also run MSP queues if enabled
#
#*/10 * * * * root test -x /etc/init.d/sendmail && /usr/share/sendmail/sendmail cron-mta
#
#------------------------------------------------------------------------------
# Every so often, give sendmail a chance to age the queues.
#
# No queue aging
#