| blob | ab411b8c8eba31ab3c6ab5610c771c11eaeb3103 |
2 SENDMAIL CONFIGURATION FILES
4 This document describes the sendmail configuration files. It
5 explains how to create a sendmail.cf file for use with sendmail.
6 It also describes how to set options for sendmail which are explained
7 in the Sendmail Installation and Operation guide, which can be found
8 on-line at http://www.sendmail.org/%7Eca/email/doc8.12/op.html .
9 Recall this URL throughout this document when references to
10 doc/op/op.* are made.
12 Table of Content:
14 INTRODUCTION AND EXAMPLE
15 A BRIEF INTRODUCTION TO M4
16 FILE LOCATIONS
17 OSTYPE
18 DOMAINS
19 MAILERS
20 FEATURES
21 HACKS
22 SITE CONFIGURATION
23 USING UUCP MAILERS
24 TWEAKING RULESETS
25 MASQUERADING AND RELAYING
26 USING LDAP FOR ALIASES, MAPS, AND CLASSES
27 LDAP ROUTING
28 ANTI-SPAM CONFIGURATION CONTROL
29 CONNECTION CONTROL
30 STARTTLS
31 ADDING NEW MAILERS OR RULESETS
32 ADDING NEW MAIL FILTERS
33 QUEUE GROUP DEFINITIONS
34 NON-SMTP BASED CONFIGURATIONS
35 WHO AM I?
36 ACCEPTING MAIL FOR MULTIPLE NAMES
37 USING MAILERTABLES
38 USING USERDB TO MAP FULL NAMES
39 MISCELLANEOUS SPECIAL FEATURES
40 SECURITY NOTES
41 TWEAKING CONFIGURATION OPTIONS
42 MESSAGE SUBMISSION PROGRAM
43 FORMAT OF FILES AND MAPS
44 DIRECTORY LAYOUT
45 ADMINISTRATIVE DETAILS
48 +--------------------------+
49 | INTRODUCTION AND EXAMPLE |
50 +--------------------------+
52 Configuration files are contained in the subdirectory "cf", with a
53 suffix ".mc". They must be run through "m4" to produce a ".cf" file.
54 You must pre-load "cf.m4":
56 m4 ${CFDIR}/m4/cf.m4 config.mc > config.cf
58 Alternatively, you can simply:
60 cd ${CFDIR}/cf
61 /usr/ccs/bin/make config.cf
63 where ${CFDIR} is the root of the cf directory and config.mc is the
64 name of your configuration file. If you are running a version of M4
65 that understands the __file__ builtin (versions of GNU m4 >= 0.75 do
66 this, but the versions distributed with 4.4BSD and derivatives do not)
67 or the -I flag (ditto), then ${CFDIR} can be in an arbitrary directory.
68 For "traditional" versions, ${CFDIR} ***MUST*** be "..", or you MUST
69 use -D_CF_DIR_=/path/to/cf/dir/ -- note the trailing slash! For example:
71 m4 -D_CF_DIR_=${CFDIR}/ ${CFDIR}/m4/cf.m4 config.mc > config.cf
73 Let's examine a typical .mc file:
75 divert(-1)
76 #
77 # Copyright (c) 1998-2005 Sendmail, Inc. and its suppliers.
78 # All rights reserved.
79 # Copyright (c) 1983 Eric P. Allman. All rights reserved.
80 # Copyright (c) 1988, 1993
81 # The Regents of the University of California. All rights reserved.
82 #
83 # By using this file, you agree to the terms and conditions set
84 # forth in the LICENSE file which can be found at the top level of
85 # the sendmail distribution.
86 #
88 #
89 # This is a Berkeley-specific configuration file for HP-UX 9.x.
90 # It applies only to the Computer Science Division at Berkeley,
91 # and should not be used elsewhere. It is provided on the sendmail
92 # distribution as a sample only. To create your own configuration
93 # file, create an appropriate domain file in ../domain, change the
94 # `DOMAIN' macro below to reference that file, and copy the result
95 # to a name of your own choosing.
96 #
97 divert(0)
99 The divert(-1) will delete the crud in the resulting output file.
100 The copyright notice can be replaced by whatever your lawyers require;
101 our lawyers require the one that is included in these files. A copyleft
102 is a copyright by another name. The divert(0) restores regular output.
104 VERSIONID(`<SCCS or RCS version id>')
106 VERSIONID is a macro that stuffs the version information into the
107 resulting file. You could use SCCS, RCS, CVS, something else, or
108 omit it completely. This is not the same as the version id included
109 in SMTP greeting messages -- this is defined in m4/version.m4.
111 OSTYPE(`hpux9')dnl
113 You must specify an OSTYPE to properly configure things such as the
114 pathname of the help and status files, the flags needed for the local
115 mailer, and other important things. If you omit it, you will get an
116 error when you try to build the configuration. Look at the ostype
117 directory for the list of known operating system types.
119 DOMAIN(`CS.Berkeley.EDU')dnl
121 This example is specific to the Computer Science Division at Berkeley.
122 You can use "DOMAIN(`generic')" to get a sufficiently bland definition
123 that may well work for you, or you can create a customized domain
124 definition appropriate for your environment.
126 MAILER(`local')
127 MAILER(`smtp')
129 These describe the mailers used at the default CS site. The local
130 mailer is always included automatically. Beware: MAILER declarations
131 should only be followed by LOCAL_* sections. The general rules are
132 that the order should be:
134 VERSIONID
135 OSTYPE
136 DOMAIN
137 FEATURE
138 local macro definitions
139 MAILER
140 LOCAL_CONFIG
141 LOCAL_RULE_*
142 LOCAL_RULESETS
144 There are a few exceptions to this rule. Local macro definitions which
145 influence a FEATURE() should be done before that feature. For example,
146 a define(`PROCMAIL_MAILER_PATH', ...) should be done before
147 FEATURE(`local_procmail').
150 +----------------------------+
151 | A BRIEF INTRODUCTION TO M4 |
152 +----------------------------+
154 Sendmail uses the M4 macro processor to ``compile'' the configuration
155 files. The most important thing to know is that M4 is stream-based,
156 that is, it doesn't understand about lines. For this reason, in some
157 places you may see the word ``dnl'', which stands for ``delete
158 through newline''; essentially, it deletes all characters starting
159 at the ``dnl'' up to and including the next newline character. In
160 most cases sendmail uses this only to avoid lots of unnecessary
161 blank lines in the output.
163 Other important directives are define(A, B) which defines the macro
164 ``A'' to have value ``B''. Macros are expanded as they are read, so
165 one normally quotes both values to prevent expansion. For example,
167 define(`SMART_HOST', `smart.foo.com')
169 One word of warning: M4 macros are expanded even in lines that appear
170 to be comments. For example, if you have
172 # See FEATURE(`foo') above
174 it will not do what you expect, because the FEATURE(`foo') will be
175 expanded. This also applies to
177 # And then define the $X macro to be the return address
179 because ``define'' is an M4 keyword. If you want to use them, surround
180 them with directed quotes, `like this'.
182 Since m4 uses single quotes (opening "`" and closing "'") to quote
183 arguments, those quotes can't be used in arguments. For example,
184 it is not possible to define a rejection message containing a single
185 quote. Usually there are simple workarounds by changing those
186 messages; in the worst case it might be ok to change the value
187 directly in the generated .cf file, which however is not advised.
189 +----------------+
190 | FILE LOCATIONS |
191 +----------------+
193 sendmail 8.9 has introduced a new configuration directory for sendmail
194 related files, /etc/mail. The new files available for sendmail 8.9 --
195 the class {R} /etc/mail/relay-domains and the access database
196 /etc/mail/access -- take advantage of this new directory. Beginning with
197 8.10, all files will use this directory by default (some options may be
198 set by OSTYPE() files). This new directory should help to restore
199 uniformity to sendmail's file locations.
201 Below is a table of some of the common changes:
203 Old filename New filename
204 ------------ ------------
205 /etc/bitdomain /etc/mail/bitdomain
206 /etc/domaintable /etc/mail/domaintable
207 /etc/genericstable /etc/mail/genericstable
208 /etc/uudomain /etc/mail/uudomain
209 /etc/virtusertable /etc/mail/virtusertable
210 /etc/userdb /etc/mail/userdb
212 /etc/aliases /etc/mail/aliases
213 /etc/sendmail/aliases /etc/mail/aliases
214 /etc/ucbmail/aliases /etc/mail/aliases
215 /usr/adm/sendmail/aliases /etc/mail/aliases
216 /usr/lib/aliases /etc/mail/aliases
217 /usr/lib/mail/aliases /etc/mail/aliases
218 /usr/ucblib/aliases /etc/mail/aliases
220 /etc/sendmail.cw /etc/mail/local-host-names
221 /etc/mail/sendmail.cw /etc/mail/local-host-names
222 /etc/sendmail/sendmail.cw /etc/mail/local-host-names
224 /etc/sendmail.ct /etc/mail/trusted-users
226 /etc/sendmail.oE /etc/mail/error-header
228 /etc/sendmail.hf /etc/mail/helpfile
229 /etc/mail/sendmail.hf /etc/mail/helpfile
230 /usr/ucblib/sendmail.hf /etc/mail/helpfile
231 /etc/ucbmail/sendmail.hf /etc/mail/helpfile
232 /usr/lib/sendmail.hf /etc/mail/helpfile
233 /usr/share/lib/sendmail.hf /etc/mail/helpfile
234 /usr/share/misc/sendmail.hf /etc/mail/helpfile
235 /share/misc/sendmail.hf /etc/mail/helpfile
237 /etc/service.switch /etc/mail/service.switch
239 /etc/sendmail.st /etc/mail/statistics
240 /etc/mail/sendmail.st /etc/mail/statistics
241 /etc/mailer/sendmail.st /etc/mail/statistics
242 /etc/sendmail/sendmail.st /etc/mail/statistics
243 /usr/lib/sendmail.st /etc/mail/statistics
244 /usr/ucblib/sendmail.st /etc/mail/statistics
246 Note that all of these paths actually use a new m4 macro MAIL_SETTINGS_DIR
247 to create the pathnames. The default value of this variable is
248 `/etc/mail/'. If you set this macro to a different value, you MUST include
249 a trailing slash.
251 Notice: all filenames used in a .mc (or .cf) file should be absolute
252 (starting at the root, i.e., with '/'). Relative filenames most
253 likely cause surprises during operations (unless otherwise noted).
256 +--------+
257 | OSTYPE |
258 +--------+
260 You MUST define an operating system environment, or the configuration
261 file build will puke. There are several environments available; look
262 at the "ostype" directory for the current list. This macro changes
263 things like the location of the alias file and queue directory. Some
264 of these files are identical to one another.
266 It is IMPERATIVE that the OSTYPE occur before any MAILER definitions.
267 In general, the OSTYPE macro should go immediately after any version
268 information, and MAILER definitions should always go last.
270 Operating system definitions are usually easy to write. They may define
271 the following variables (everything defaults, so an ostype file may be
272 empty). Unfortunately, the list of configuration-supported systems is
273 not as broad as the list of source-supported systems, since many of
274 the source contributors do not include corresponding ostype files.
276 ALIAS_FILE [/etc/mail/aliases] The location of the text version
277 of the alias file(s). It can be a comma-separated
278 list of names (but be sure you quote values with
279 commas in them -- for example, use
280 define(`ALIAS_FILE', `a,b')
281 to get "a" and "b" both listed as alias files;
282 otherwise the define() primitive only sees "a").
283 HELP_FILE [/etc/mail/helpfile] The name of the file
284 containing information printed in response to
285 the SMTP HELP command.
286 QUEUE_DIR [/var/spool/mqueue] The directory containing
287 queue files. To use multiple queues, supply
288 a value ending with an asterisk. For
289 example, /var/spool/mqueue/qd* will use all of the
290 directories or symbolic links to directories
291 beginning with 'qd' in /var/spool/mqueue as queue
292 directories. The names 'qf', 'df', and 'xf' are
293 reserved as specific subdirectories for the
294 corresponding queue file types as explained in
295 doc/op/op.me. See also QUEUE GROUP DEFINITIONS.
296 MSP_QUEUE_DIR [/var/spool/clientmqueue] The directory containing
297 queue files for the MSP (Mail Submission Program).
298 STATUS_FILE [/etc/mail/statistics] The file containing status
299 information.
300 LOCAL_MAILER_PATH [/bin/mail] The program used to deliver local mail.
301 LOCAL_MAILER_FLAGS [Prmn9] The flags used by the local mailer. The
302 flags lsDFMAw5:/|@q are always included.
303 LOCAL_MAILER_ARGS [mail -d $u] The arguments passed to deliver local
304 mail.
305 LOCAL_MAILER_MAX [undefined] If defined, the maximum size of local
306 mail that you are willing to accept.
307 LOCAL_MAILER_MAXMSGS [undefined] If defined, the maximum number of
308 messages to deliver in a single connection. Only
309 useful for LMTP local mailers.
310 LOCAL_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
311 that ARRIVE from an address that resolves to the
312 local mailer and which are converted to MIME will be
313 labeled with this character set.
314 LOCAL_MAILER_EOL [undefined] If defined, the string to use as the
315 end of line for the local mailer.
316 LOCAL_MAILER_DSN_DIAGNOSTIC_CODE
317 [X-Unix] The DSN Diagnostic-Code value for the
318 local mailer. This should be changed with care.
319 LOCAL_SHELL_PATH [/bin/sh] The shell used to deliver piped email.
320 LOCAL_SHELL_FLAGS [eu9] The flags used by the shell mailer. The
321 flags lsDFM are always included.
322 LOCAL_SHELL_ARGS [sh -c $u] The arguments passed to deliver "prog"
323 mail.
324 LOCAL_SHELL_DIR [$z:/] The directory search path in which the
325 shell should run.
326 LOCAL_MAILER_QGRP [undefined] The queue group for the local mailer.
327 SMTP_MAILER_FLAGS [undefined] Flags added to SMTP mailer. Default
328 flags are `mDFMuX' for all SMTP-based mailers; the
329 "esmtp" mailer adds `a'; "smtp8" adds `8'; and
330 "dsmtp" adds `%'.
331 RELAY_MAILER_FLAGS [undefined] Flags added to the relay mailer. Default
332 flags are `mDFMuX' for all SMTP-based mailers; the
333 relay mailer adds `a8'. If this is not defined,
334 then SMTP_MAILER_FLAGS is used.
335 SMTP_MAILER_MAX [undefined] The maximum size of messages that will
336 be transported using the smtp, smtp8, esmtp, or dsmtp
337 mailers.
338 SMTP_MAILER_MAXMSGS [undefined] If defined, the maximum number of
339 messages to deliver in a single connection for the
340 smtp, smtp8, esmtp, or dsmtp mailers.
341 SMTP_MAILER_MAXRCPTS [undefined] If defined, the maximum number of
342 recipients to deliver in a single connection for the
343 smtp, smtp8, esmtp, or dsmtp mailers.
344 SMTP_MAILER_ARGS [TCP $h] The arguments passed to the smtp mailer.
345 About the only reason you would want to change this
346 would be to change the default port.
347 ESMTP_MAILER_ARGS [TCP $h] The arguments passed to the esmtp mailer.
348 SMTP8_MAILER_ARGS [TCP $h] The arguments passed to the smtp8 mailer.
349 DSMTP_MAILER_ARGS [TCP $h] The arguments passed to the dsmtp mailer.
350 RELAY_MAILER_ARGS [TCP $h] The arguments passed to the relay mailer.
351 SMTP_MAILER_QGRP [undefined] The queue group for the smtp mailer.
352 ESMTP_MAILER_QGRP [undefined] The queue group for the esmtp mailer.
353 SMTP8_MAILER_QGRP [undefined] The queue group for the smtp8 mailer.
354 DSMTP_MAILER_QGRP [undefined] The queue group for the dsmtp mailer.
355 RELAY_MAILER_QGRP [undefined] The queue group for the relay mailer.
356 RELAY_MAILER_MAXMSGS [undefined] If defined, the maximum number of
357 messages to deliver in a single connection for the
358 relay mailer.
359 SMTP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
360 that ARRIVE from an address that resolves to one of
361 the SMTP mailers and which are converted to MIME will
362 be labeled with this character set.
363 SMTP_MAILER_LL [990] The maximum line length for SMTP mailers
364 (except the relay mailer).
365 RELAY_MAILER_LL [2040] The maximum line length for the relay mailer.
366 UUCP_MAILER_PATH [/usr/bin/uux] The program used to send UUCP mail.
367 UUCP_MAILER_FLAGS [undefined] Flags added to UUCP mailer. Default
368 flags are `DFMhuU' (and `m' for uucp-new mailer,
369 minus `U' for uucp-dom mailer).
370 UUCP_MAILER_ARGS [uux - -r -z -a$g -gC $h!rmail ($u)] The arguments
371 passed to the UUCP mailer.
372 UUCP_MAILER_MAX [100000] The maximum size message accepted for
373 transmission by the UUCP mailers.
374 UUCP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
375 that ARRIVE from an address that resolves to one of
376 the UUCP mailers and which are converted to MIME will
377 be labeled with this character set.
378 UUCP_MAILER_QGRP [undefined] The queue group for the UUCP mailers.
379 PROCMAIL_MAILER_PATH [/usr/local/bin/procmail] The path to the procmail
380 program. This is also used by
381 FEATURE(`local_procmail').
382 PROCMAIL_MAILER_FLAGS [SPhnu9] Flags added to Procmail mailer. Flags
383 DFM are always set. This is NOT used by
384 FEATURE(`local_procmail'); tweak LOCAL_MAILER_FLAGS
385 instead.
386 PROCMAIL_MAILER_ARGS [procmail -Y -m $h $f $u] The arguments passed to
387 the Procmail mailer. This is NOT used by
388 FEATURE(`local_procmail'); tweak LOCAL_MAILER_ARGS
389 instead.
390 PROCMAIL_MAILER_MAX [undefined] If set, the maximum size message that
391 will be accepted by the procmail mailer.
392 PROCMAIL_MAILER_QGRP [undefined] The queue group for the procmail mailer.
393 confEBINDIR [/usr/libexec] The directory for executables.
394 Currently used for FEATURE(`local_lmtp') and
395 FEATURE(`smrsh').
396 LOCAL_PROG_QGRP [undefined] The queue group for the prog mailer.
398 Note: to tweak Name_MAILER_FLAGS use the macro MODIFY_MAILER_FLAGS:
399 MODIFY_MAILER_FLAGS(`Name', `change') where Name is the first part
400 of the macro Name_MAILER_FLAGS (note: that means Name is entirely in
401 upper case) and change can be: flags that should be used directly
402 (thus overriding the default value), or if it starts with `+' (`-')
403 then those flags are added to (removed from) the default value.
404 Example:
406 MODIFY_MAILER_FLAGS(`LOCAL', `+e')
408 will add the flag `e' to LOCAL_MAILER_FLAGS. Notice: there are
409 several smtp mailers all of which are manipulated individually.
410 See the section MAILERS for the available mailer names.
411 WARNING: The FEATUREs local_lmtp and local_procmail set LOCAL_MAILER_FLAGS
412 unconditionally, i.e., without respecting any definitions in an
413 OSTYPE setting.
416 +---------+
417 | DOMAINS |
418 +---------+
420 You will probably want to collect domain-dependent defines into one
421 file, referenced by the DOMAIN macro. For example, the Berkeley
422 domain file includes definitions for several internal distinguished
423 hosts:
425 UUCP_RELAY The host that will accept UUCP-addressed email.
426 If not defined, all UUCP sites must be directly
427 connected.
428 BITNET_RELAY The host that will accept BITNET-addressed email.
429 If not defined, the .BITNET pseudo-domain won't work.
430 DECNET_RELAY The host that will accept DECNET-addressed email.
431 If not defined, the .DECNET pseudo-domain and addresses
432 of the form node::user will not work.
433 FAX_RELAY The host that will accept mail to the .FAX pseudo-domain.
434 The "fax" mailer overrides this value.
435 LOCAL_RELAY The site that will handle unqualified names -- that
436 is, names without an @domain extension.
437 Normally MAIL_HUB is preferred for this function.
438 LOCAL_RELAY is mostly useful in conjunction with
439 FEATURE(`stickyhost') -- see the discussion of
440 stickyhost below. If not set, they are assumed to
441 belong on this machine. This allows you to have a
442 central site to store a company- or department-wide
443 alias database. This only works at small sites,
444 and only with some user agents.
445 LUSER_RELAY The site that will handle lusers -- that is, apparently
446 local names that aren't local accounts or aliases. To
447 specify a local user instead of a site, set this to
448 ``local:username''.
450 Any of these can be either ``mailer:hostname'' (in which case the
451 mailer is the internal mailer name, such as ``uucp-new'' and the hostname
452 is the name of the host as appropriate for that mailer) or just a
453 ``hostname'', in which case a default mailer type (usually ``relay'',
454 a variant on SMTP) is used. WARNING: if you have a wildcard MX
455 record matching your domain, you probably want to define these to
456 have a trailing dot so that you won't get the mail diverted back
457 to yourself.
459 The domain file can also be used to define a domain name, if needed
460 (using "DD<domain>") and set certain site-wide features. If all hosts
461 at your site masquerade behind one email name, you could also use
462 MASQUERADE_AS here.
464 You do not have to define a domain -- in particular, if you are a
465 single machine sitting off somewhere, it is probably more work than
466 it's worth. This is just a mechanism for combining "domain dependent
467 knowledge" into one place.
470 +---------+
471 | MAILERS |
472 +---------+
474 There are fewer mailers supported in this version than the previous
475 version, owing mostly to a simpler world. As a general rule, put the
476 MAILER definitions last in your .mc file.
478 local The local and prog mailers. You will almost always
479 need these; the only exception is if you relay ALL
480 your mail to another site. This mailer is included
481 automatically.
483 smtp The Simple Mail Transport Protocol mailer. This does
484 not hide hosts behind a gateway or another other
485 such hack; it assumes a world where everyone is
486 running the name server. This file actually defines
487 five mailers: "smtp" for regular (old-style) SMTP to
488 other servers, "esmtp" for extended SMTP to other
489 servers, "smtp8" to do SMTP to other servers without
490 converting 8-bit data to MIME (essentially, this is
491 your statement that you know the other end is 8-bit
492 clean even if it doesn't say so), "dsmtp" to do on
493 demand delivery, and "relay" for transmission to the
494 RELAY_HOST, LUSER_RELAY, or MAIL_HUB.
496 uucp The UNIX-to-UNIX Copy Program mailer. Actually, this
497 defines two mailers, "uucp-old" (a.k.a. "uucp") and
498 "uucp-new" (a.k.a. "suucp"). The latter is for when you
499 know that the UUCP mailer at the other end can handle
500 multiple recipients in one transfer. If the smtp mailer
501 is included in your configuration, two other mailers
502 ("uucp-dom" and "uucp-uudom") are also defined [warning: you
503 MUST specify MAILER(`smtp') before MAILER(`uucp')]. When you
504 include the uucp mailer, sendmail looks for all names in
505 class {U} and sends them to the uucp-old mailer; all
506 names in class {Y} are sent to uucp-new; and all
507 names in class {Z} are sent to uucp-uudom. Note that
508 this is a function of what version of rmail runs on
509 the receiving end, and hence may be out of your control.
510 See the section below describing UUCP mailers in more
511 detail.
513 procmail An interface to procmail (does not come with sendmail).
514 This is designed to be used in mailertables. For example,
515 a common question is "how do I forward all mail for a given
516 domain to a single person?". If you have this mailer
517 defined, you could set up a mailertable reading:
519 host.com procmail:/etc/procmailrcs/host.com
521 with the file /etc/procmailrcs/host.com reading:
523 :0 # forward mail for host.com
524 ! -oi -f $1 person@other.host
526 This would arrange for (anything)@host.com to be sent
527 to person@other.host. In a procmail script, $1 is the
528 name of the sender and $2 is the name of the recipient.
529 If you use this with FEATURE(`local_procmail'), the FEATURE
530 should be listed first.
532 Of course there are other ways to solve this particular
533 problem, e.g., a catch-all entry in a virtusertable.
535 The local mailer accepts addresses of the form "user+detail", where
536 the "+detail" is not used for mailbox matching but is available
537 to certain local mail programs (in particular, see
538 FEATURE(`local_procmail')). For example, "eric", "eric+sendmail", and
539 "eric+sww" all indicate the same user, but additional arguments <null>,
540 "sendmail", and "sww" may be provided for use in sorting mail.
543 +----------+
544 | FEATURES |
545 +----------+
547 Special features can be requested using the "FEATURE" macro. For
548 example, the .mc line:
550 FEATURE(`use_cw_file')
552 tells sendmail that you want to have it read an /etc/mail/local-host-names
553 file to get values for class {w}. A FEATURE may contain up to 9
554 optional parameters -- for example:
556 FEATURE(`mailertable', `dbm /usr/lib/mailertable')
558 The default database map type for the table features can be set with
560 define(`DATABASE_MAP_TYPE', `dbm')
562 which would set it to use ndbm databases. The default is the Berkeley DB
563 hash database format. Note that you must still declare a database map type
564 if you specify an argument to a FEATURE. DATABASE_MAP_TYPE is only used
565 if no argument is given for the FEATURE. It must be specified before any
566 feature that uses a map.
568 Also, features which can take a map definition as an argument can also take
569 the special keyword `LDAP'. If that keyword is used, the map will use the
570 LDAP definition described in the ``USING LDAP FOR ALIASES, MAPS, AND
571 CLASSES'' section below.
573 Available features are:
575 use_cw_file Read the file /etc/mail/local-host-names file to get
576 alternate names for this host. This might be used if you
577 were on a host that MXed for a dynamic set of other hosts.
578 If the set is static, just including the line "Cw<name1>
579 <name2> ..." (where the names are fully qualified domain
580 names) is probably superior. The actual filename can be
581 overridden by redefining confCW_FILE.
583 use_ct_file Read the file /etc/mail/trusted-users file to get the
584 names of users that will be ``trusted'', that is, able to
585 set their envelope from address using -f without generating
586 a warning message. The actual filename can be overridden
587 by redefining confCT_FILE.
589 redirect Reject all mail addressed to "address.REDIRECT" with
590 a ``551 User has moved; please try <address>'' message.
591 If this is set, you can alias people who have left
592 to their new address with ".REDIRECT" appended.
594 nouucp Don't route UUCP addresses. This feature takes one
595 parameter:
596 `reject': reject addresses which have "!" in the local
597 part unless it originates from a system
598 that is allowed to relay.
599 `nospecial': don't do anything special with "!".
600 Warnings: 1. See the notice in the anti-spam section.
601 2. don't remove "!" from OperatorChars if `reject' is
602 given as parameter.
604 nocanonify Don't pass addresses to $[ ... $] for canonification
605 by default, i.e., host/domain names are considered canonical,
606 except for unqualified names, which must not be used in this
607 mode (violation of the standard). It can be changed by
608 setting the DaemonPortOptions modifiers (M=). That is,
609 FEATURE(`nocanonify') will be overridden by setting the
610 'c' flag. Conversely, if FEATURE(`nocanonify') is not used,
611 it can be emulated by setting the 'C' flag
612 (DaemonPortOptions=Modifiers=C). This would generally only
613 be used by sites that only act as mail gateways or which have
614 user agents that do full canonification themselves. You may
615 also want to use
616 "define(`confBIND_OPTS', `-DNSRCH -DEFNAMES')" to turn off
617 the usual resolver options that do a similar thing.
619 An exception list for FEATURE(`nocanonify') can be
620 specified with CANONIFY_DOMAIN or CANONIFY_DOMAIN_FILE,
621 i.e., a list of domains which are nevertheless passed to
622 $[ ... $] for canonification. This is useful to turn on
623 canonification for local domains, e.g., use
624 CANONIFY_DOMAIN(`my.domain my') to canonify addresses
625 which end in "my.domain" or "my".
626 Another way to require canonification in the local
627 domain is CANONIFY_DOMAIN(`$=m').
629 A trailing dot is added to addresses with more than
630 one component in it such that other features which
631 expect a trailing dot (e.g., virtusertable) will
632 still work.
634 If `canonify_hosts' is specified as parameter, i.e.,
635 FEATURE(`nocanonify', `canonify_hosts'), then
636 addresses which have only a hostname, e.g.,
637 <user@host>, will be canonified (and hopefully fully
638 qualified), too.
640 stickyhost This feature is sometimes used with LOCAL_RELAY,
641 although it can be used for a different effect with
642 MAIL_HUB.
644 When used without MAIL_HUB, email sent to
645 "user@local.host" are marked as "sticky" -- that
646 is, the local addresses aren't matched against UDB,
647 don't go through ruleset 5, and are not forwarded to
648 the LOCAL_RELAY (if defined).
650 With MAIL_HUB, mail addressed to "user@local.host"
651 is forwarded to the mail hub, with the envelope
652 address still remaining "user@local.host".
653 Without stickyhost, the envelope would be changed
654 to "user@mail_hub", in order to protect against
655 mailing loops.
657 mailertable Include a "mailer table" which can be used to override
658 routing for particular domains (which are not in class {w},
659 i.e. local host names). The argument of the FEATURE may be
660 the key definition. If none is specified, the definition
661 used is:
663 hash /etc/mail/mailertable
665 Keys in this database are fully qualified domain names
666 or partial domains preceded by a dot -- for example,
667 "vangogh.CS.Berkeley.EDU" or ".CS.Berkeley.EDU". As a
668 special case of the latter, "." matches any domain not
669 covered by other keys. Values must be of the form:
670 mailer:domain
671 where "mailer" is the internal mailer name, and "domain"
672 is where to send the message. These maps are not
673 reflected into the message header. As a special case,
674 the forms:
675 local:user
676 will forward to the indicated user using the local mailer,
677 local:
678 will forward to the original user in the e-mail address
679 using the local mailer, and
680 error:code message
681 error:D.S.N:code message
682 will give an error message with the indicated SMTP reply
683 code and message, where D.S.N is an RFC 1893 compliant
684 error code.
686 domaintable Include a "domain table" which can be used to provide
687 domain name mapping. Use of this should really be
688 limited to your own domains. It may be useful if you
689 change names (e.g., your company changes names from
690 oldname.com to newname.com). The argument of the
691 FEATURE may be the key definition. If none is specified,
692 the definition used is:
694 hash /etc/mail/domaintable
696 The key in this table is the domain name; the value is
697 the new (fully qualified) domain. Anything in the
698 domaintable is reflected into headers; that is, this
699 is done in ruleset 3.
701 bitdomain Look up bitnet hosts in a table to try to turn them into
702 internet addresses. The table can be built using the
703 bitdomain program contributed by John Gardiner Myers.
704 The argument of the FEATURE may be the key definition; if
705 none is specified, the definition used is:
707 hash /etc/mail/bitdomain
709 Keys are the bitnet hostname; values are the corresponding
710 internet hostname.
712 uucpdomain Similar feature for UUCP hosts. The default map definition
713 is:
715 hash /etc/mail/uudomain
717 At the moment there is no automagic tool to build this
718 database.
720 always_add_domain
721 Include the local host domain even on locally delivered
722 mail. Normally it is not added on unqualified names.
723 However, if you use a shared message store but do not use
724 the same user name space everywhere, you may need the host
725 name on local names. An optional argument specifies
726 another domain to be added than the local.
728 allmasquerade If masquerading is enabled (using MASQUERADE_AS), this
729 feature will cause recipient addresses to also masquerade
730 as being from the masquerade host. Normally they get
731 the local hostname. Although this may be right for
732 ordinary users, it can break local aliases. For example,
733 if you send to "localalias", the originating sendmail will
734 find that alias and send to all members, but send the
735 message with "To: localalias@masqueradehost". Since that
736 alias likely does not exist, replies will fail. Use this
737 feature ONLY if you can guarantee that the ENTIRE
738 namespace on your masquerade host supersets all the
739 local entries.
741 limited_masquerade
742 Normally, any hosts listed in class {w} are masqueraded. If
743 this feature is given, only the hosts listed in class {M} (see
744 below: MASQUERADE_DOMAIN) are masqueraded. This is useful
745 if you have several domains with disjoint namespaces hosted
746 on the same machine.
748 masquerade_entire_domain
749 If masquerading is enabled (using MASQUERADE_AS) and
750 MASQUERADE_DOMAIN (see below) is set, this feature will
751 cause addresses to be rewritten such that the masquerading
752 domains are actually entire domains to be hidden. All
753 hosts within the masquerading domains will be rewritten
754 to the masquerade name (used in MASQUERADE_AS). For example,
755 if you have:
757 MASQUERADE_AS(`masq.com')
758 MASQUERADE_DOMAIN(`foo.org')
759 MASQUERADE_DOMAIN(`bar.com')
761 then *foo.org and *bar.com are converted to masq.com. Without
762 this feature, only foo.org and bar.com are masqueraded.
764 NOTE: only domains within your jurisdiction and
765 current hierarchy should be masqueraded using this.
767 local_no_masquerade
768 This feature prevents the local mailer from masquerading even
769 if MASQUERADE_AS is used. MASQUERADE_AS will only have effect
770 on addresses of mail going outside the local domain.
772 masquerade_envelope
773 If masquerading is enabled (using MASQUERADE_AS) or the
774 genericstable is in use, this feature will cause envelope
775 addresses to also masquerade as being from the masquerade
776 host. Normally only the header addresses are masqueraded.
778 genericstable This feature will cause unqualified addresses (i.e., without
779 a domain) and addresses with a domain listed in class {G}
780 to be looked up in a map and turned into another ("generic")
781 form, which can change both the domain name and the user name.
782 Notice: if you use an MSP (as it is default starting with
783 8.12), the MTA will only receive qualified addresses from the
784 MSP (as required by the RFCs). Hence you need to add your
785 domain to class {G}. This feature is similar to the userdb
786 functionality. The same types of addresses as for
787 masquerading are looked up, i.e., only header sender
788 addresses unless the allmasquerade and/or masquerade_envelope
789 features are given. Qualified addresses must have the domain
790 part in class {G}; entries can be added to this class by the
791 macros GENERICS_DOMAIN or GENERICS_DOMAIN_FILE (analogously
792 to MASQUERADE_DOMAIN and MASQUERADE_DOMAIN_FILE, see below).
794 The argument of FEATURE(`genericstable') may be the map
795 definition; the default map definition is:
797 hash /etc/mail/genericstable
799 The key for this table is either the full address, the domain
800 (with a leading @; the localpart is passed as first argument)
801 or the unqualified username (tried in the order mentioned);
802 the value is the new user address. If the new user address
803 does not include a domain, it will be qualified in the standard
804 manner, i.e., using $j or the masquerade name. Note that the
805 address being looked up must be fully qualified. For local
806 mail, it is necessary to use FEATURE(`always_add_domain')
807 for the addresses to be qualified.
808 The "+detail" of an address is passed as %1, so entries like
810 old+*@foo.org new+%1@example.com
811 gen+*@foo.org %1@example.com
813 and other forms are possible.
815 generics_entire_domain
816 If the genericstable is enabled and GENERICS_DOMAIN or
817 GENERICS_DOMAIN_FILE is used, this feature will cause
818 addresses to be searched in the map if their domain
819 parts are subdomains of elements in class {G}.
821 virtusertable A domain-specific form of aliasing, allowing multiple
822 virtual domains to be hosted on one machine. For example,
823 if the virtuser table contains:
825 info@foo.com foo-info
826 info@bar.com bar-info
827 joe@bar.com error:nouser 550 No such user here
828 jax@bar.com error:5.7.0:550 Address invalid
829 @baz.org jane@example.net
831 then mail addressed to info@foo.com will be sent to the
832 address foo-info, mail addressed to info@bar.com will be
833 delivered to bar-info, and mail addressed to anyone at baz.org
834 will be sent to jane@example.net, mail to joe@bar.com will
835 be rejected with the specified error message, and mail to
836 jax@bar.com will also have a RFC 1893 compliant error code
837 5.7.0.
839 The username from the original address is passed
840 as %1 allowing:
842 @foo.org %1@example.com
844 meaning someone@foo.org will be sent to someone@example.com.
845 Additionally, if the local part consists of "user+detail"
846 then "detail" is passed as %2 and "+detail" is passed as %3
847 when a match against user+* is attempted, so entries like
849 old+*@foo.org new+%2@example.com
850 gen+*@foo.org %2@example.com
851 +*@foo.org %1%3@example.com
852 X++@foo.org Z%3@example.com
853 @bar.org %1%3
855 and other forms are possible. Note: to preserve "+detail"
856 for a default case (@domain) %1%3 must be used as RHS.
857 There are two wildcards after "+": "+" matches only a non-empty
858 detail, "*" matches also empty details, e.g., user+@foo.org
859 matches +*@foo.org but not ++@foo.org. This can be used
860 to ensure that the parameters %2 and %3 are not empty.
862 All the host names on the left hand side (foo.com, bar.com,
863 and baz.org) must be in class {w} or class {VirtHost}. The
864 latter can be defined by the macros VIRTUSER_DOMAIN or
865 VIRTUSER_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and
866 MASQUERADE_DOMAIN_FILE, see below). If VIRTUSER_DOMAIN or
867 VIRTUSER_DOMAIN_FILE is used, then the entries of class
868 {VirtHost} are added to class {R}, i.e., relaying is allowed
869 to (and from) those domains, which by default includes also
870 all subdomains (see relay_hosts_only). The default map
871 definition is:
873 hash /etc/mail/virtusertable
875 A new definition can be specified as the second argument of
876 the FEATURE macro, such as
878 FEATURE(`virtusertable', `dbm /etc/mail/virtusers')
880 virtuser_entire_domain
881 If the virtusertable is enabled and VIRTUSER_DOMAIN or
882 VIRTUSER_DOMAIN_FILE is used, this feature will cause
883 addresses to be searched in the map if their domain
884 parts are subdomains of elements in class {VirtHost}.
886 ldap_routing Implement LDAP-based e-mail recipient routing according to
887 the Internet Draft draft-lachman-laser-ldap-mail-routing-01.
888 This provides a method to re-route addresses with a
889 domain portion in class {LDAPRoute} to either a
890 different mail host or a different address. Hosts can
891 be added to this class using LDAPROUTE_DOMAIN and
892 LDAPROUTE_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and
893 MASQUERADE_DOMAIN_FILE, see below).
895 See the LDAP ROUTING section below for more information.
897 nullclient This is a special case -- it creates a configuration file
898 containing nothing but support for forwarding all mail to a
899 central hub via a local SMTP-based network. The argument
900 is the name of that hub.
902 The only other feature that should be used in conjunction
903 with this one is FEATURE(`nocanonify'). No mailers
904 should be defined. No aliasing or forwarding is done.
906 local_lmtp Use an LMTP capable local mailer. The argument to this
907 feature is the pathname of an LMTP capable mailer. By
908 default, mail.local is used. This is expected to be the
909 mail.local which came with the 8.9 distribution which is
910 LMTP capable. The path to mail.local is set by the
911 confEBINDIR m4 variable -- making the default
912 LOCAL_MAILER_PATH /usr/libexec/mail.local.
913 If a different LMTP capable mailer is used, its pathname
914 can be specified as second parameter and the arguments
915 passed to it (A=) as third parameter, e.g.,
917 FEATURE(`local_lmtp', `/usr/local/bin/lmtp', `lmtp')
919 WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally,
920 i.e., without respecting any definitions in an OSTYPE setting.
922 local_procmail Use procmail or another delivery agent as the local mailer.
923 The argument to this feature is the pathname of the
924 delivery agent, which defaults to PROCMAIL_MAILER_PATH.
925 Note that this does NOT use PROCMAIL_MAILER_FLAGS or
926 PROCMAIL_MAILER_ARGS for the local mailer; tweak
927 LOCAL_MAILER_FLAGS and LOCAL_MAILER_ARGS instead, or
928 specify the appropriate parameters. When procmail is used,
929 the local mailer can make use of the
930 "user+indicator@local.host" syntax; normally the +indicator
931 is just tossed, but by default it is passed as the -a
932 argument to procmail.
934 This feature can take up to three arguments:
936 1. Path to the mailer program
937 [default: /usr/local/bin/procmail]
938 2. Argument vector including name of the program
939 [default: procmail -Y -a $h -d $u]
940 3. Flags for the mailer [default: SPfhn9]
942 Empty arguments cause the defaults to be taken.
943 Note that if you are on a system with a broken
944 setreuid() call, you may need to add -f $f to the procmail
945 argument vector to pass the proper sender to procmail.
947 For example, this allows it to use the maildrop
948 (http://www.flounder.net/~mrsam/maildrop/) mailer instead
949 by specifying:
951 FEATURE(`local_procmail', `/usr/local/bin/maildrop',
952 `maildrop -d $u')
954 or scanmails using:
956 FEATURE(`local_procmail', `/usr/local/bin/scanmails')
958 WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally,
959 i.e., without respecting any definitions in an OSTYPE setting.
961 bestmx_is_local Accept mail as though locally addressed for any host that
962 lists us as the best possible MX record. This generates
963 additional DNS traffic, but should be OK for low to
964 medium traffic hosts. The argument may be a set of
965 domains, which will limit the feature to only apply to
966 these domains -- this will reduce unnecessary DNS
967 traffic. THIS FEATURE IS FUNDAMENTALLY INCOMPATIBLE WITH
968 WILDCARD MX RECORDS!!! If you have a wildcard MX record
969 that matches your domain, you cannot use this feature.
971 smrsh Use the SendMail Restricted SHell (smrsh) provided
972 with the distribution instead of /bin/sh for mailing
973 to programs. This improves the ability of the local
974 system administrator to control what gets run via
975 e-mail. If an argument is provided it is used as the
976 pathname to smrsh; otherwise, the path defined by
977 confEBINDIR is used for the smrsh binary -- by default,
978 /usr/libexec/smrsh is assumed.
980 promiscuous_relay
981 By default, the sendmail configuration files do not permit
982 mail relaying (that is, accepting mail from outside your
983 local host (class {w}) and sending it to another host than
984 your local host). This option sets your site to allow
985 mail relaying from any site to any site. In almost all
986 cases, it is better to control relaying more carefully
987 with the access map, class {R}, or authentication. Domains
988 can be added to class {R} by the macros RELAY_DOMAIN or
989 RELAY_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and
990 MASQUERADE_DOMAIN_FILE, see below).
992 relay_entire_domain
993 This option allows any host in your domain as defined by
994 class {m} to use your server for relaying. Notice: make
995 sure that your domain is not just a top level domain,
996 e.g., com. This can happen if you give your host a name
997 like example.com instead of host.example.com.
999 relay_hosts_only
1000 By default, names that are listed as RELAY in the access
1001 db and class {R} are treated as domain names, not host names.
1002 For example, if you specify ``foo.com'', then mail to or
1003 from foo.com, abc.foo.com, or a.very.deep.domain.foo.com
1004 will all be accepted for relaying. This feature changes
1005 the behaviour to lookup individual host names only.
1007 relay_based_on_MX
1008 Turns on the ability to allow relaying based on the MX
1009 records of the host portion of an incoming recipient; that
1010 is, if an MX record for host foo.com points to your site,
1011 you will accept and relay mail addressed to foo.com. See
1012 description below for more information before using this
1013 feature. Also, see the KNOWNBUGS entry regarding bestmx
1014 map lookups.
1016 FEATURE(`relay_based_on_MX') does not necessarily allow
1017 routing of these messages which you expect to be allowed,
1018 if route address syntax (or %-hack syntax) is used. If
1019 this is a problem, add entries to the access-table or use
1020 FEATURE(`loose_relay_check').
1022 relay_mail_from
1023 Allows relaying if the mail sender is listed as RELAY in
1024 the access map. If an optional argument `domain' (this
1025 is the literal word `domain', not a placeholder) is given,
1026 relaying can be allowed just based on the domain portion
1027 of the sender address. This feature should only be used if
1028 absolutely necessary as the sender address can be easily
1029 forged. Use of this feature requires the "From:" tag to
1030 be used for the key in the access map; see the discussion
1031 of tags and FEATURE(`relay_mail_from') in the section on
1032 anti-spam configuration control.
1034 relay_local_from
1035 Allows relaying if the domain portion of the mail sender
1036 is a local host. This should only be used if absolutely
1037 necessary as it opens a window for spammers. Specifically,
1038 they can send mail to your mail server that claims to be
1039 from your domain (either directly or via a routed address),
1040 and you will go ahead and relay it out to arbitrary hosts
1041 on the Internet.
1043 accept_unqualified_senders
1044 Normally, MAIL FROM: commands in the SMTP session will be
1045 refused if the connection is a network connection and the
1046 sender address does not include a domain name. If your
1047 setup sends local mail unqualified (i.e., MAIL FROM:<joe>),
1048 you will need to use this feature to accept unqualified
1049 sender addresses. Setting the DaemonPortOptions modifier
1050 'u' overrides the default behavior, i.e., unqualified
1051 addresses are accepted even without this FEATURE.
1052 If this FEATURE is not used, the DaemonPortOptions modifier
1053 'f' can be used to enforce fully qualified addresses.
1055 accept_unresolvable_domains
1056 Normally, MAIL FROM: commands in the SMTP session will be
1057 refused if the host part of the argument to MAIL FROM:
1058 cannot be located in the host name service (e.g., an A or
1059 MX record in DNS). If you are inside a firewall that has
1060 only a limited view of the Internet host name space, this
1061 could cause problems. In this case you probably want to
1062 use this feature to accept all domains on input, even if
1063 they are unresolvable.
1065 access_db Turns on the access database feature. The access db gives
1066 you the ability to allow or refuse to accept mail from
1067 specified domains for administrative reasons. Moreover,
1068 it can control the behavior of sendmail in various situations.
1069 By default, the access database specification is:
1071 hash -T<TMPF> /etc/mail/access
1073 See the anti-spam configuration control section for further
1074 important information about this feature. Notice:
1075 "-T<TMPF>" is meant literal, do not replace it by anything.
1077 blacklist_recipients
1078 Turns on the ability to block incoming mail for certain
1079 recipient usernames, hostnames, or addresses. For
1080 example, you can block incoming mail to user nobody,
1081 host foo.mydomain.com, or guest@bar.mydomain.com.
1082 These specifications are put in the access db as
1083 described in the anti-spam configuration control section
1084 later in this document.
1086 delay_checks The rulesets check_mail and check_relay will not be called
1087 when a client connects or issues a MAIL command, respectively.
1088 Instead, those rulesets will be called by the check_rcpt
1089 ruleset; they will be skipped under certain circumstances.
1090 See "Delay all checks" in the anti-spam configuration control
1091 section. Note: this feature is incompatible to the versions
1092 in 8.10 and 8.11.
1094 use_client_ptr If this feature is enabled then check_relay will override
1095 its first argument with $&{client_ptr}. This is useful for
1096 rejections based on the unverified hostname of client,
1097 which turns on the same behavior as in earlier sendmail
1098 versions when delay_checks was not in use. See doc/op/op.*
1099 about check_relay, {client_name}, and {client_ptr}.
1101 dnsbl Turns on rejection, discarding, or quarantining of hosts
1102 found in a DNS based list. The first argument is used as
1103 the domain in which blocked hosts are listed. A second
1104 argument can be used to change the default error message,
1105 or select one of the operations `discard' and `quarantine'.
1106 Without that second argument, the error message will be
1108 Rejected: IP-ADDRESS listed at SERVER
1110 where IP-ADDRESS and SERVER are replaced by the appropriate
1111 information. By default, temporary lookup failures are
1112 ignored. This behavior can be changed by specifying a
1113 third argument, which must be either `t' or a full error
1114 message. See the anti-spam configuration control section for
1115 an example. The dnsbl feature can be included several times
1116 to query different DNS based rejection lists. See also
1117 enhdnsbl for an enhanced version.
1119 Set the DNSBL_MAP mc option to change the default map
1120 definition from `host'. Set the DNSBL_MAP_OPT mc option
1121 to add additional options to the map specification used.
1123 Some DNS based rejection lists cause failures if asked
1124 for AAAA records. If your sendmail version is compiled
1125 with IPv6 support (NETINET6) and you experience this
1126 problem, add
1128 define(`DNSBL_MAP', `dns -R A')
1130 before the first use of this feature. Alternatively you
1131 can use enhdnsbl instead (see below). Moreover, this
1132 statement can be used to reduce the number of DNS retries,
1133 e.g.,
1135 define(`DNSBL_MAP', `dns -R A -r2')
1137 See below (EDNSBL_TO) for an explanation.
1139 enhdnsbl Enhanced version of dnsbl (see above). Further arguments
1140 (up to 5) can be used to specify specific return values
1141 from lookups. Temporary lookup failures are ignored unless
1142 a third argument is given, which must be either `t' or a full
1143 error message. By default, any successful lookup will
1144 generate an error. Otherwise the result of the lookup is
1145 compared with the supplied argument(s), and only if a match
1146 occurs an error is generated. For example,
1148 FEATURE(`enhdnsbl', `dnsbl.example.com', `', `t', `127.0.0.2.')
1150 will reject the e-mail if the lookup returns the value
1151 ``127.0.0.2.'', or generate a 451 response if the lookup
1152 temporarily failed. The arguments can contain metasymbols
1153 as they are allowed in the LHS of rules. As the example
1154 shows, the default values are also used if an empty argument,
1155 i.e., `', is specified. This feature requires that sendmail
1156 has been compiled with the flag DNSMAP (see sendmail/README).
1158 Set the EDNSBL_TO mc option to change the DNS retry count
1159 from the default value of 5, this can be very useful when
1160 a DNS server is not responding, which in turn may cause
1161 clients to time out (an entry stating
1163 did not issue MAIL/EXPN/VRFY/ETRN
1165 will be logged).
1167 ratecontrol Enable simple ruleset to do connection rate control
1168 checking. This requires entries in access_db of the form
1170 ClientRate:IP.ADD.RE.SS LIMIT
1172 The RHS specifies the maximum number of connections
1173 (an integer number) over the time interval defined
1174 by ConnectionRateWindowSize, where 0 means unlimited.
1176 Take the following example:
1178 ClientRate:10.1.2.3 4
1179 ClientRate:127.0.0.1 0
1180 ClientRate: 10
1182 10.1.2.3 can only make up to 4 connections, the
1183 general limit it 10, and 127.0.0.1 can make an unlimited
1184 number of connections per ConnectionRateWindowSize.
1186 See also CONNECTION CONTROL.
1188 conncontrol Enable a simple check of the number of incoming SMTP
1189 connections. This requires entries in access_db of the
1190 form
1192 ClientConn:IP.ADD.RE.SS LIMIT
1194 The RHS specifies the maximum number of open connections
1195 (an integer number).
1197 Take the following example:
1199 ClientConn:10.1.2.3 4
1200 ClientConn:127.0.0.1 0
1201 ClientConn: 10
1203 10.1.2.3 can only have up to 4 open connections, the
1204 general limit it 10, and 127.0.0.1 does not have any
1205 explicit limit.
1207 See also CONNECTION CONTROL.
1209 mtamark Experimental support for "Marking Mail Transfer Agents in
1210 Reverse DNS with TXT RRs" (MTAMark), see
1211 draft-stumpf-dns-mtamark-01. Optional arguments are:
1213 1. Error message, default:
1215 550 Rejected: $&{client_addr} not listed as MTA
1217 2. Temporary lookup failures are ignored unless a second
1218 argument is given, which must be either `t' or a full
1219 error message.
1221 3. Lookup prefix, default: _perm._smtp._srv. This should
1222 not be changed unless the draft changes it.
1224 Example:
1226 FEATURE(`mtamark', `', `t')
1228 lookupdotdomain Look up also .domain in the access map. This allows to
1229 match only subdomains. It does not work well with
1230 FEATURE(`relay_hosts_only'), because most lookups for
1231 subdomains are suppressed by the latter feature.
1233 loose_relay_check
1234 Normally, if % addressing is used for a recipient, e.g.
1235 user%site@othersite, and othersite is in class {R}, the
1236 check_rcpt ruleset will strip @othersite and recheck
1237 user@site for relaying. This feature changes that
1238 behavior. It should not be needed for most installations.
1240 preserve_luser_host
1241 Preserve the name of the recipient host if LUSER_RELAY is
1242 used. Without this option, the domain part of the
1243 recipient address will be replaced by the host specified as
1244 LUSER_RELAY. This feature only works if the hostname is
1245 passed to the mailer (see mailer triple in op.me). Note
1246 that in the default configuration the local mailer does not
1247 receive the hostname, i.e., the mailer triple has an empty
1248 hostname.
1250 preserve_local_plus_detail
1251 Preserve the +detail portion of the address when passing
1252 address to local delivery agent. Disables alias and
1253 .forward +detail stripping (e.g., given user+detail, only
1254 that address will be looked up in the alias file; user+* and
1255 user will not be looked up). Only use if the local
1256 delivery agent in use supports +detail addressing.
1258 compat_check Enable ruleset check_compat to look up pairs of addresses
1259 with the Compat: tag -- Compat:sender<@>recipient -- in the
1260 access map. Valid values for the RHS include
1261 DISCARD silently discard recipient
1262 TEMP: return a temporary error
1263 ERROR: return a permanent error
1264 In the last two cases, a 4xy/5xy SMTP reply code should
1265 follow the colon.
1267 no_default_msa Don't generate the default MSA daemon, i.e.,
1268 DAEMON_OPTIONS(`Port=587,Name=MSA,M=E')
1269 To define a MSA daemon with other parameters, use this
1270 FEATURE and introduce new settings via DAEMON_OPTIONS().
1272 msp Defines config file for Message Submission Program.
1273 See cf/submit.mc for how
1274 to use it. An optional argument can be used to override
1275 the default of `[localhost]' to use as host to send all
1276 e-mails to. Note that MX records will be used if the
1277 specified hostname is not in square brackets (e.g.,
1278 [hostname]). If `MSA' is specified as second argument then
1279 port 587 is used to contact the server. Example:
1281 FEATURE(`msp', `', `MSA')
1283 Some more hints about possible changes can be found below
1284 in the section MESSAGE SUBMISSION PROGRAM.
1286 Note: Due to many problems, submit.mc uses
1288 FEATURE(`msp', `[127.0.0.1]')
1290 by default. If you have a machine with IPv6 only,
1291 change it to
1293 FEATURE(`msp', `[IPv6:::1]')
1295 If you want to continue using '[localhost]', (the behavior
1296 up to 8.12.6), use
1298 FEATURE(`msp')
1300 queuegroup A simple example how to select a queue group based
1301 on the full e-mail address or the domain of the
1302 recipient. Selection is done via entries in the
1303 access map using the tag QGRP:, for example:
1305 QGRP:example.com main
1306 QGRP:friend@some.org others
1307 QGRP:my.domain local
1309 where "main", "others", and "local" are names of
1310 queue groups. If an argument is specified, it is used
1311 as default queue group.
1313 Note: please read the warning in doc/op/op.me about
1314 queue groups and possible queue manipulations.
1316 greet_pause Adds the greet_pause ruleset which enables open proxy
1317 and SMTP slamming protection. The feature can take an
1318 argument specifying the milliseconds to wait:
1320 FEATURE(`greet_pause', `5000') dnl 5 seconds
1322 If FEATURE(`access_db') is enabled, an access database
1323 lookup with the GreetPause tag is done using client
1324 hostname, domain, IP address, or subnet to determine the
1325 pause time:
1327 GreetPause:my.domain 0
1328 GreetPause:example.com 5000
1329 GreetPause:10.1.2 2000
1330 GreetPause:127.0.0.1 0
1332 When using FEATURE(`access_db'), the optional
1333 FEATURE(`greet_pause') argument becomes the default if
1334 nothing is found in the access database. A ruleset called
1335 Local_greet_pause can be used for local modifications, e.g.,
1337 LOCAL_RULESETS
1338 SLocal_greet_pause
1339 R$* $: $&{daemon_flags}
1340 R$* a $* $# 0
1342 block_bad_helo Reject messages from SMTP clients which provide a HELO/EHLO
1343 argument which is either unqualified, or is one of our own
1344 names (i.e., the server name instead of the client name).
1345 This check is performed at RCPT stage and disabled for the
1346 following cases:
1347 - authenticated sessions,
1348 - connections from IP addresses in class $={R}.
1349 Currently access_db lookups can not be used to
1350 (selectively) disable this test, moreover,
1351 FEATURE(`delay_checks')
1352 is required.
1354 require_rdns Reject mail from connecting SMTP clients without proper
1355 rDNS (reverse DNS), functional gethostbyaddr() resolution.
1356 Note: this feature will cause false positives, i.e., there
1357 are legitimate MTAs that do not have proper DNS entries.
1358 Rejecting mails from those MTAs is a local policy decision.
1360 The basic policy is to reject message with a 5xx error if
1361 the IP address fails to resolve. However, if this is a
1362 temporary failure, a 4xx temporary failure is returned.
1363 If the look-up succeeds, but returns an apparently forged
1364 value, this is treated as a temporary failure with a 4xx
1365 error code.
1367 EXCEPTIONS:
1369 Exceptions based on access entries are discussed below.
1370 Any IP address matched using $=R (the "relay-domains" file)
1371 is excepted from the rules. Since we have explicitly
1372 allowed relaying for this host, based on IP address, we
1373 ignore the rDNS failure.
1375 The philosophical assumption here is that most users do
1376 not control their rDNS. They should be able to send mail
1377 through their ISP, whether or not they have valid rDNS.
1378 The class $=R, roughly speaking, contains those IP addresses
1379 and address ranges for which we are the ISP, or are acting
1380 as if the ISP.
1382 If `delay_checks' is in effect (recommended), then any
1383 sender who has authenticated is also excepted from the
1384 restrictions. This happens because the rules produced by
1385 this FEATURE() will not be applied to authenticated senders
1386 (assuming `delay_checks').
1388 ACCESS MAP ENTRIES:
1390 Entries such as
1391 Connect:1.2.3.4 OK
1392 Connect:1.2 RELAY
1393 will whitelist IP address 1.2.3.4, so that the rDNS
1394 blocking does apply to that IP address
1396 Entries such as
1397 Connect:1.2.3.4 REJECT
1398 will have the effect of forcing a temporary failure for
1399 that address to be treated as a permanent failure.
1401 badmx Reject envelope sender addresses (MAIL) whose domain part
1402 resolves to a "bad" MX record. By default these are
1403 MX records which resolve to A records that match the
1404 regular expression:
1406 ^(127\.|10\.|0\.0\.0\.0)
1408 This default regular expression can be overridden by
1409 specifying an argument, e.g.,
1411 FEATURE(`badmx', `^127\.0\.0\.1')
1413 Note: this feature requires that the sendmail binary
1414 has been compiled with the options MAP_REGEX and
1415 DNSMAP.
1417 +--------------------+
1418 | USING UUCP MAILERS |
1419 +--------------------+
1421 It's hard to get UUCP mailers right because of the extremely ad hoc
1422 nature of UUCP addressing. These config files are really designed
1423 for domain-based addressing, even for UUCP sites.
1425 There are four UUCP mailers available. The choice of which one to
1426 use is partly a matter of local preferences and what is running at
1427 the other end of your UUCP connection. Unlike good protocols that
1428 define what will go over the wire, UUCP uses the policy that you
1429 should do what is right for the other end; if they change, you have
1430 to change. This makes it hard to do the right thing, and discourages
1431 people from updating their software. In general, if you can avoid
1432 UUCP, please do.
1434 The major choice is whether to go for a domainized scheme or a
1435 non-domainized scheme. This depends entirely on what the other
1436 end will recognize. If at all possible, you should encourage the
1437 other end to go to a domain-based system -- non-domainized addresses
1438 don't work entirely properly.
1440 The four mailers are:
1442 uucp-old (obsolete name: "uucp")
1443 This is the oldest, the worst (but the closest to UUCP) way of
1444 sending messages across UUCP connections. It does bangify
1445 everything and prepends $U (your UUCP name) to the sender's
1446 address (which can already be a bang path itself). It can
1447 only send to one address at a time, so it spends a lot of
1448 time copying duplicates of messages. Avoid this if at all
1449 possible.
1451 uucp-new (obsolete name: "suucp")
1452 The same as above, except that it assumes that in one rmail
1453 command you can specify several recipients. It still has a
1454 lot of other problems.
1456 uucp-dom
1457 This UUCP mailer keeps everything as domain addresses.
1458 Basically, it uses the SMTP mailer rewriting rules. This mailer
1459 is only included if MAILER(`smtp') is specified before
1460 MAILER(`uucp').
1462 Unfortunately, a lot of UUCP mailer transport agents require
1463 bangified addresses in the envelope, although you can use
1464 domain-based addresses in the message header. (The envelope
1465 shows up as the From_ line on UNIX mail.) So....
1467 uucp-uudom
1468 This is a cross between uucp-new (for the envelope addresses)
1469 and uucp-dom (for the header addresses). It bangifies the
1470 envelope sender (From_ line in messages) without adding the
1471 local hostname, unless there is no host name on the address
1472 at all (e.g., "wolf") or the host component is a UUCP host name
1473 instead of a domain name ("somehost!wolf" instead of
1474 "some.dom.ain!wolf"). This is also included only if MAILER(`smtp')
1475 is also specified earlier.
1477 Examples:
1479 On host grasp.insa-lyon.fr (UUCP host name "grasp"), the following
1480 summarizes the sender rewriting for various mailers.
1482 Mailer sender rewriting in the envelope
1483 ------ ------ -------------------------
1484 uucp-{old,new} wolf grasp!wolf
1485 uucp-dom wolf wolf@grasp.insa-lyon.fr
1486 uucp-uudom wolf grasp.insa-lyon.fr!wolf
1488 uucp-{old,new} wolf@fr.net grasp!fr.net!wolf
1489 uucp-dom wolf@fr.net wolf@fr.net
1490 uucp-uudom wolf@fr.net fr.net!wolf
1492 uucp-{old,new} somehost!wolf grasp!somehost!wolf
1493 uucp-dom somehost!wolf somehost!wolf@grasp.insa-lyon.fr
1494 uucp-uudom somehost!wolf grasp.insa-lyon.fr!somehost!wolf
1496 If you are using one of the domainized UUCP mailers, you really want
1497 to convert all UUCP addresses to domain format -- otherwise, it will
1498 do it for you (and probably not the way you expected). For example,
1499 if you have the address foo!bar!baz (and you are not sending to foo),
1500 the heuristics will add the @uucp.relay.name or @local.host.name to
1501 this address. However, if you map foo to foo.host.name first, it
1502 will not add the local hostname. You can do this using the uucpdomain
1503 feature.
1506 +-------------------+
1507 | TWEAKING RULESETS |
1508 +-------------------+
1510 For more complex configurations, you can define special rules.
1511 The macro LOCAL_RULE_3 introduces rules that are used in canonicalizing
1512 the names. Any modifications made here are reflected in the header.
1514 A common use is to convert old UUCP addresses to SMTP addresses using
1515 the UUCPSMTP macro. For example:
1517 LOCAL_RULE_3
1518 UUCPSMTP(`decvax', `decvax.dec.com')
1519 UUCPSMTP(`research', `research.att.com')
1521 will cause addresses of the form "decvax!user" and "research!user"
1522 to be converted to "user@decvax.dec.com" and "user@research.att.com"
1523 respectively.
1525 This could also be used to look up hosts in a database map:
1527 LOCAL_RULE_3
1528 R$* < @ $+ > $* $: $1 < @ $(hostmap $2 $) > $3
1530 This map would be defined in the LOCAL_CONFIG portion, as shown below.
1532 Similarly, LOCAL_RULE_0 can be used to introduce new parsing rules.
1533 For example, new rules are needed to parse hostnames that you accept
1534 via MX records. For example, you might have:
1536 LOCAL_RULE_0
1537 R$+ <@ host.dom.ain.> $#uucp $@ cnmat $: $1 < @ host.dom.ain.>
1539 You would use this if you had installed an MX record for cnmat.Berkeley.EDU
1540 pointing at this host; this rule catches the message and forwards it on
1541 using UUCP.
1543 You can also tweak rulesets 1 and 2 using LOCAL_RULE_1 and LOCAL_RULE_2.
1544 These rulesets are normally empty.
1546 A similar macro is LOCAL_CONFIG. This introduces lines added after the
1547 boilerplate option setting but before rulesets. Do not declare rulesets in
1548 the LOCAL_CONFIG section. It can be used to declare local database maps or
1549 whatever. For example:
1551 LOCAL_CONFIG
1552 Khostmap hash /etc/mail/hostmap
1553 Kyplocal nis -m hosts.byname
1556 +---------------------------+
1557 | MASQUERADING AND RELAYING |
1558 +---------------------------+
1560 You can have your host masquerade as another using
1562 MASQUERADE_AS(`host.domain')
1564 This causes mail being sent to be labeled as coming from the
1565 indicated host.domain, rather than $j. One normally masquerades as
1566 one of one's own subdomains (for example, it's unlikely that
1567 Berkeley would choose to masquerade as an MIT site). This
1568 behaviour is modified by a plethora of FEATUREs; in particular, see
1569 masquerade_envelope, allmasquerade, limited_masquerade, and
1570 masquerade_entire_domain.
1572 The masquerade name is not normally canonified, so it is important
1573 that it be your One True Name, that is, fully qualified and not a
1574 CNAME. However, if you use a CNAME, the receiving side may canonify
1575 it for you, so don't think you can cheat CNAME mapping this way.
1577 Normally the only addresses that are masqueraded are those that come
1578 from this host (that is, are either unqualified or in class {w}, the list
1579 of local domain names). You can augment this list, which is realized
1580 by class {M} using
1582 MASQUERADE_DOMAIN(`otherhost.domain')
1584 The effect of this is that although mail to user@otherhost.domain
1585 will not be delivered locally, any mail including any user@otherhost.domain
1586 will, when relayed, be rewritten to have the MASQUERADE_AS address.
1587 This can be a space-separated list of names.
1589 If these names are in a file, you can use
1591 MASQUERADE_DOMAIN_FILE(`filename')
1593 to read the list of names from the indicated file (i.e., to add
1594 elements to class {M}).
1596 To exempt hosts or subdomains from being masqueraded, you can use
1598 MASQUERADE_EXCEPTION(`host.domain')
1600 This can come handy if you want to masquerade a whole domain
1601 except for one (or a few) host(s). If these names are in a file,
1602 you can use
1604 MASQUERADE_EXCEPTION_FILE(`filename')
1606 Normally only header addresses are masqueraded. If you want to
1607 masquerade the envelope as well, use
1609 FEATURE(`masquerade_envelope')
1611 There are always users that need to be "exposed" -- that is, their
1612 internal site name should be displayed instead of the masquerade name.
1613 Root is an example (which has been "exposed" by default prior to 8.10).
1614 You can add users to this list using
1616 EXPOSED_USER(`usernames')
1618 This adds users to class {E}; you could also use
1620 EXPOSED_USER_FILE(`filename')
1622 You can also arrange to relay all unqualified names (that is, names
1623 without @host) to a relay host. For example, if you have a central
1624 email server, you might relay to that host so that users don't have
1625 to have .forward files or aliases. You can do this using
1627 define(`LOCAL_RELAY', `mailer:hostname')
1629 The ``mailer:'' can be omitted, in which case the mailer defaults to
1630 "relay". There are some user names that you don't want relayed, perhaps
1631 because of local aliases. A common example is root, which may be
1632 locally aliased. You can add entries to this list using
1634 LOCAL_USER(`usernames')
1636 This adds users to class {L}; you could also use
1638 LOCAL_USER_FILE(`filename')
1640 If you want all incoming mail sent to a centralized hub, as for a
1641 shared /var/spool/mail scheme, use
1643 define(`MAIL_HUB', `mailer:hostname')
1645 Again, ``mailer:'' defaults to "relay". If you define both LOCAL_RELAY
1646 and MAIL_HUB _AND_ you have FEATURE(`stickyhost'), unqualified names will
1647 be sent to the LOCAL_RELAY and other local names will be sent to MAIL_HUB.
1648 Note: there is a (long standing) bug which keeps this combination from
1649 working for addresses of the form user+detail.
1650 Names in class {L} will be delivered locally, so you MUST have aliases or
1651 .forward files for them.
1653 For example, if you are on machine mastodon.CS.Berkeley.EDU and you have
1654 FEATURE(`stickyhost'), the following combinations of settings will have the
1655 indicated effects:
1657 email sent to.... eric eric@mastodon.CS.Berkeley.EDU
1659 LOCAL_RELAY set to mail.CS.Berkeley.EDU (delivered locally)
1660 mail.CS.Berkeley.EDU (no local aliasing) (aliasing done)
1662 MAIL_HUB set to mammoth.CS.Berkeley.EDU mammoth.CS.Berkeley.EDU
1663 mammoth.CS.Berkeley.EDU (aliasing done) (aliasing done)
1665 Both LOCAL_RELAY and mail.CS.Berkeley.EDU mammoth.CS.Berkeley.EDU
1666 MAIL_HUB set as above (no local aliasing) (aliasing done)
1668 If you do not have FEATURE(`stickyhost') set, then LOCAL_RELAY and
1669 MAIL_HUB act identically, with MAIL_HUB taking precedence.
1671 If you want all outgoing mail to go to a central relay site, define
1672 SMART_HOST as well. Briefly:
1674 LOCAL_RELAY applies to unqualified names (e.g., "eric").
1675 MAIL_HUB applies to names qualified with the name of the
1676 local host (e.g., "eric@mastodon.CS.Berkeley.EDU").
1677 SMART_HOST applies to names qualified with other hosts or
1678 bracketed addresses (e.g., "eric@mastodon.CS.Berkeley.EDU"
1679 or "eric@[127.0.0.1]").
1681 However, beware that other relays (e.g., UUCP_RELAY, BITNET_RELAY,
1682 DECNET_RELAY, and FAX_RELAY) take precedence over SMART_HOST, so if you
1683 really want absolutely everything to go to a single central site you will
1684 need to unset all the other relays -- or better yet, find or build a
1685 minimal config file that does this.
1687 For duplicate suppression to work properly, the host name is best
1688 specified with a terminal dot:
1690 define(`MAIL_HUB', `host.domain.')
1691 note the trailing dot ---^
1694 +-------------------------------------------+
1695 | USING LDAP FOR ALIASES, MAPS, AND CLASSES |
1696 +-------------------------------------------+
1698 LDAP can be used for aliases, maps, and classes by either specifying your
1699 own LDAP map specification or using the built-in default LDAP map
1700 specification. The built-in default specifications all provide lookups
1701 which match against either the machine's fully qualified hostname (${j}) or
1702 a "cluster". The cluster allows you to share LDAP entries among a large
1703 number of machines without having to enter each of the machine names into
1704 each LDAP entry. To set the LDAP cluster name to use for a particular
1705 machine or set of machines, set the confLDAP_CLUSTER m4 variable to a
1706 unique name. For example:
1708 define(`confLDAP_CLUSTER', `Servers')
1710 Here, the word `Servers' will be the cluster name. As an example, assume
1711 that smtp.sendmail.org, etrn.sendmail.org, and mx.sendmail.org all belong
1712 to the Servers cluster.
1714 Some of the LDAP LDIF examples below show use of the Servers cluster.
1715 Every entry must have either a sendmailMTAHost or sendmailMTACluster
1716 attribute or it will be ignored. Be careful as mixing clusters and
1717 individual host records can have surprising results (see the CAUTION
1718 sections below).
1720 See the file cf/sendmail.schema for the actual LDAP schemas. Note that
1721 this schema (and therefore the lookups and examples below) is experimental
1722 at this point as it has had little public review. Therefore, it may change
1723 in future versions. Feedback via sendmail-YYYY@support.sendmail.org is
1724 encouraged (replace YYYY with the current year, e.g., 2005).
1726 -------
1727 Aliases
1728 -------
1730 The ALIAS_FILE (O AliasFile) option can be set to use LDAP for alias
1731 lookups. To use the default schema, simply use:
1733 define(`ALIAS_FILE', `ldap:')
1735 By doing so, you will use the default schema which expands to a map
1736 declared as follows:
1738 ldap -k (&(objectClass=sendmailMTAAliasObject)
1739 (sendmailMTAAliasGrouping=aliases)
1740 (|(sendmailMTACluster=${sendmailMTACluster})
1741 (sendmailMTAHost=$j))
1742 (sendmailMTAKey=%0))
1743 -v sendmailMTAAliasValue,sendmailMTAAliasSearch:FILTER:sendmailMTAAliasObject,sendmailMTAAliasURL:URL:sendmailMTAAliasObject
1746 NOTE: The macros shown above ${sendmailMTACluster} and $j are not actually
1747 used when the binary expands the `ldap:' token as the AliasFile option is
1748 not actually macro-expanded when read from the sendmail.cf file.
1750 Example LDAP LDIF entries might be:
1752 dn: sendmailMTAKey=sendmail-list, dc=sendmail, dc=org
1753 objectClass: sendmailMTA
1754 objectClass: sendmailMTAAlias
1755 objectClass: sendmailMTAAliasObject
1756 sendmailMTAAliasGrouping: aliases
1757 sendmailMTAHost: etrn.sendmail.org
1758 sendmailMTAKey: sendmail-list
1759 sendmailMTAAliasValue: ca@example.org
1760 sendmailMTAAliasValue: eric
1761 sendmailMTAAliasValue: gshapiro@example.com
1763 dn: sendmailMTAKey=owner-sendmail-list, dc=sendmail, dc=org
1764 objectClass: sendmailMTA
1765 objectClass: sendmailMTAAlias
1766 objectClass: sendmailMTAAliasObject
1767 sendmailMTAAliasGrouping: aliases
1768 sendmailMTAHost: etrn.sendmail.org
1769 sendmailMTAKey: owner-sendmail-list
1770 sendmailMTAAliasValue: eric
1772 dn: sendmailMTAKey=postmaster, dc=sendmail, dc=org
1773 objectClass: sendmailMTA
1774 objectClass: sendmailMTAAlias
1775 objectClass: sendmailMTAAliasObject
1776 sendmailMTAAliasGrouping: aliases
1777 sendmailMTACluster: Servers
1778 sendmailMTAKey: postmaster
1779 sendmailMTAAliasValue: eric
1781 Here, the aliases sendmail-list and owner-sendmail-list will be available
1782 only on etrn.sendmail.org but the postmaster alias will be available on
1783 every machine in the Servers cluster (including etrn.sendmail.org).
1785 CAUTION: aliases are additive so that entries like these:
1787 dn: sendmailMTAKey=bob, dc=sendmail, dc=org
1788 objectClass: sendmailMTA
1789 objectClass: sendmailMTAAlias
1790 objectClass: sendmailMTAAliasObject
1791 sendmailMTAAliasGrouping: aliases
1792 sendmailMTACluster: Servers
1793 sendmailMTAKey: bob
1794 sendmailMTAAliasValue: eric
1796 dn: sendmailMTAKey=bobetrn, dc=sendmail, dc=org
1797 objectClass: sendmailMTA
1798 objectClass: sendmailMTAAlias
1799 objectClass: sendmailMTAAliasObject
1800 sendmailMTAAliasGrouping: aliases
1801 sendmailMTAHost: etrn.sendmail.org
1802 sendmailMTAKey: bob
1803 sendmailMTAAliasValue: gshapiro
1805 would mean that on all of the hosts in the cluster, mail to bob would go to
1806 eric EXCEPT on etrn.sendmail.org in which case it would go to BOTH eric and
1807 gshapiro.
1809 If you prefer not to use the default LDAP schema for your aliases, you can
1810 specify the map parameters when setting ALIAS_FILE. For example:
1812 define(`ALIAS_FILE', `ldap:-k (&(objectClass=mailGroup)(mail=%0)) -v mgrpRFC822MailMember')
1814 ----
1815 Maps
1816 ----
1818 FEATURE()'s which take an optional map definition argument (e.g., access,
1819 mailertable, virtusertable, etc.) can instead take the special keyword
1820 `LDAP', e.g.:
1822 FEATURE(`access_db', `LDAP')
1823 FEATURE(`virtusertable', `LDAP')
1825 When this keyword is given, that map will use LDAP lookups consisting of
1826 the objectClass sendmailMTAClassObject, the attribute sendmailMTAMapName
1827 with the map name, a search attribute of sendmailMTAKey, and the value
1828 attribute sendmailMTAMapValue.
1830 The values for sendmailMTAMapName are:
1832 FEATURE() sendmailMTAMapName
1833 --------- ------------------
1834 access_db access
1835 authinfo authinfo
1836 bitdomain bitdomain
1837 domaintable domain
1838 genericstable generics
1839 mailertable mailer
1840 uucpdomain uucpdomain
1841 virtusertable virtuser
1843 For example, FEATURE(`mailertable', `LDAP') would use the map definition:
1845 Kmailertable ldap -k (&(objectClass=sendmailMTAMapObject)
1846 (sendmailMTAMapName=mailer)
1847 (|(sendmailMTACluster=${sendmailMTACluster})
1848 (sendmailMTAHost=$j))
1849 (sendmailMTAKey=%0))
1850 -1 -v sendmailMTAMapValue,sendmailMTAMapSearch:FILTER:sendmailMTAMapObject,sendmailMTAMapURL:URL:sendmailMTAMapObject
1852 An example LDAP LDIF entry using this map might be:
1854 dn: sendmailMTAMapName=mailer, dc=sendmail, dc=org
1855 objectClass: sendmailMTA
1856 objectClass: sendmailMTAMap
1857 sendmailMTACluster: Servers
1858 sendmailMTAMapName: mailer
1860 dn: sendmailMTAKey=example.com, sendmailMTAMapName=mailer, dc=sendmail, dc=org
1861 objectClass: sendmailMTA
1862 objectClass: sendmailMTAMap
1863 objectClass: sendmailMTAMapObject
1864 sendmailMTAMapName: mailer
1865 sendmailMTACluster: Servers
1866 sendmailMTAKey: example.com
1867 sendmailMTAMapValue: relay:[smtp.example.com]
1869 CAUTION: If your LDAP database contains the record above and *ALSO* a host
1870 specific record such as:
1872 dn: sendmailMTAKey=example.com@etrn, sendmailMTAMapName=mailer, dc=sendmail, dc=org
1873 objectClass: sendmailMTA
1874 objectClass: sendmailMTAMap
1875 objectClass: sendmailMTAMapObject
1876 sendmailMTAMapName: mailer
1877 sendmailMTAHost: etrn.sendmail.org
1878 sendmailMTAKey: example.com
1879 sendmailMTAMapValue: relay:[mx.example.com]
1881 then these entries will give unexpected results. When the lookup is done
1882 on etrn.sendmail.org, the effect is that there is *NO* match at all as maps
1883 require a single match. Since the host etrn.sendmail.org is also in the
1884 Servers cluster, LDAP would return two answers for the example.com map key
1885 in which case sendmail would treat this as no match at all.
1887 If you prefer not to use the default LDAP schema for your maps, you can
1888 specify the map parameters when using the FEATURE(). For example:
1890 FEATURE(`access_db', `ldap:-1 -k (&(objectClass=mapDatabase)(key=%0)) -v value')
1892 -------
1893 Classes
1894 -------
1896 Normally, classes can be filled via files or programs. As of 8.12, they
1897 can also be filled via map lookups using a new syntax:
1899 F{ClassName}mapkey@mapclass:mapspec
1901 mapkey is optional and if not provided the map key will be empty. This can
1902 be used with LDAP to read classes from LDAP. Note that the lookup is only
1903 done when sendmail is initially started. Use the special value `@LDAP' to
1904 use the default LDAP schema. For example:
1906 RELAY_DOMAIN_FILE(`@LDAP')
1908 would put all of the attribute sendmailMTAClassValue values of LDAP records
1909 with objectClass sendmailMTAClass and an attribute sendmailMTAClassName of
1910 'R' into class $={R}. In other words, it is equivalent to the LDAP map
1911 specification:
1913 F{R}@ldap:-k (&(objectClass=sendmailMTAClass)
1914 (sendmailMTAClassName=R)
1915 (|(sendmailMTACluster=${sendmailMTACluster})
1916 (sendmailMTAHost=$j)))
1917 -v sendmailMTAClassValue,sendmailMTAClassSearch:FILTER:sendmailMTAClass,sendmailMTAClassURL:URL:sendmailMTAClass
1919 NOTE: The macros shown above ${sendmailMTACluster} and $j are not actually
1920 used when the binary expands the `@LDAP' token as class declarations are
1921 not actually macro-expanded when read from the sendmail.cf file.
1923 This can be used with class related commands such as RELAY_DOMAIN_FILE(),
1924 MASQUERADE_DOMAIN_FILE(), etc:
1926 Command sendmailMTAClassName
1927 ------- --------------------
1928 CANONIFY_DOMAIN_FILE() Canonify
1929 EXPOSED_USER_FILE() E
1930 GENERICS_DOMAIN_FILE() G
1931 LDAPROUTE_DOMAIN_FILE() LDAPRoute
1932 LDAPROUTE_EQUIVALENT_FILE() LDAPRouteEquiv
1933 LOCAL_USER_FILE() L
1934 MASQUERADE_DOMAIN_FILE() M
1935 MASQUERADE_EXCEPTION_FILE() N
1936 RELAY_DOMAIN_FILE() R
1937 VIRTUSER_DOMAIN_FILE() VirtHost
1939 You can also add your own as any 'F'ile class of the form:
1941 F{ClassName}@LDAP
1942 ^^^^^^^^^
1943 will use "ClassName" for the sendmailMTAClassName.
1945 An example LDAP LDIF entry would look like:
1947 dn: sendmailMTAClassName=R, dc=sendmail, dc=org
1948 objectClass: sendmailMTA
1949 objectClass: sendmailMTAClass
1950 sendmailMTACluster: Servers
1951 sendmailMTAClassName: R
1952 sendmailMTAClassValue: sendmail.org
1953 sendmailMTAClassValue: example.com
1954 sendmailMTAClassValue: 10.56.23
1956 CAUTION: If your LDAP database contains the record above and *ALSO* a host
1957 specific record such as:
1959 dn: sendmailMTAClassName=R@etrn.sendmail.org, dc=sendmail, dc=org
1960 objectClass: sendmailMTA
1961 objectClass: sendmailMTAClass
1962 sendmailMTAHost: etrn.sendmail.org
1963 sendmailMTAClassName: R
1964 sendmailMTAClassValue: example.com
1966 the result will be similar to the aliases caution above. When the lookup
1967 is done on etrn.sendmail.org, $={R} would contain all of the entries (from
1968 both the cluster match and the host match). In other words, the effective
1969 is additive.
1971 If you prefer not to use the default LDAP schema for your classes, you can
1972 specify the map parameters when using the class command. For example:
1974 VIRTUSER_DOMAIN_FILE(`@ldap:-k (&(objectClass=virtHosts)(host=*)) -v host')
1976 Remember, macros can not be used in a class declaration as the binary does
1977 not expand them.
1980 +--------------+
1981 | LDAP ROUTING |
1982 +--------------+
1984 FEATURE(`ldap_routing') can be used to implement the IETF Internet Draft
1985 LDAP Schema for Intranet Mail Routing
1986 (draft-lachman-laser-ldap-mail-routing-01). This feature enables
1987 LDAP-based rerouting of a particular address to either a different host
1988 or a different address. The LDAP lookup is first attempted on the full
1989 address (e.g., user@example.com) and then on the domain portion
1990 (e.g., @example.com). Be sure to setup your domain for LDAP routing using
1991 LDAPROUTE_DOMAIN(), e.g.:
1993 LDAPROUTE_DOMAIN(`example.com')
1995 Additionally, you can specify equivalent domains for LDAP routing using
1996 LDAPROUTE_EQUIVALENT() and LDAPROUTE_EQUIVALENT_FILE(). 'Equivalent'
1997 hostnames are mapped to $M (the masqueraded hostname for the server) before
1998 the LDAP query. For example, if the mail is addressed to
1999 user@host1.example.com, normally the LDAP lookup would only be done for
2000 'user@host1.example.com' and '@host1.example.com'. However, if
2001 LDAPROUTE_EQUIVALENT(`host1.example.com') is used, the lookups would also be
2002 done on 'user@example.com' and '@example.com' after attempting the
2003 host1.example.com lookups.
2005 By default, the feature will use the schemas as specified in the draft
2006 and will not reject addresses not found by the LDAP lookup. However,
2007 this behavior can be changed by giving additional arguments to the FEATURE()
2008 command:
2010 FEATURE(`ldap_routing', <mailHost>, <mailRoutingAddress>, <bounce>,
2011 <detail>, <nodomain>, <tempfail>)
2013 where <mailHost> is a map definition describing how to lookup an alternative
2014 mail host for a particular address; <mailRoutingAddress> is a map definition
2015 describing how to lookup an alternative address for a particular address;
2016 the <bounce> argument, if present and not the word "passthru", dictates
2017 that mail should be bounced if neither a mailHost nor mailRoutingAddress
2018 is found, if set to "sendertoo", the sender will be rejected if not
2019 found in LDAP; and <detail> indicates what actions to take if the address
2020 contains +detail information -- `strip' tries the lookup with the +detail
2021 and if no matches are found, strips the +detail and tries the lookup again;
2022 `preserve', does the same as `strip' but if a mailRoutingAddress match is
2023 found, the +detail information is copied to the new address; the <nodomain>
2024 argument, if present, will prevent the @domain lookup if the full
2025 address is not found in LDAP; the <tempfail> argument, if set to
2026 "tempfail", instructs the rules to give an SMTP 4XX temporary
2027 error if the LDAP server gives the MTA a temporary failure, or if set to
2028 "queue" (the default), the MTA will locally queue the mail.
2030 The default <mailHost> map definition is:
2032 ldap -1 -T<TMPF> -v mailHost -k (&(objectClass=inetLocalMailRecipient)
2033 (mailLocalAddress=%0))
2035 The default <mailRoutingAddress> map definition is:
2037 ldap -1 -T<TMPF> -v mailRoutingAddress
2038 -k (&(objectClass=inetLocalMailRecipient)
2039 (mailLocalAddress=%0))
2041 Note that neither includes the LDAP server hostname (-h server) or base DN
2042 (-b o=org,c=COUNTRY), both necessary for LDAP queries. It is presumed that
2043 your .mc file contains a setting for the confLDAP_DEFAULT_SPEC option with
2044 these settings. If this is not the case, the map definitions should be
2045 changed as described above. The "-T<TMPF>" is required in any user
2046 specified map definition to catch temporary errors.
2048 The following possibilities exist as a result of an LDAP lookup on an
2049 address:
2051 mailHost is mailRoutingAddress is Results in
2052 ----------- --------------------- ----------
2053 set to a set mail delivered to
2054 "local" host mailRoutingAddress
2056 set to a not set delivered to
2057 "local" host original address
2059 set to a set mailRoutingAddress
2060 remote host relayed to mailHost
2062 set to a not set original address
2063 remote host relayed to mailHost
2065 not set set mail delivered to
2066 mailRoutingAddress
2068 not set not set delivered to
2069 original address *OR*
2070 bounced as unknown user
2072 The term "local" host above means the host specified is in class {w}. If
2073 the result would mean sending the mail to a different host, that host is
2074 looked up in the mailertable before delivery.
2076 Note that the last case depends on whether the third argument is given
2077 to the FEATURE() command. The default is to deliver the message to the
2078 original address.
2080 The LDAP entries should be set up with an objectClass of
2081 inetLocalMailRecipient and the address be listed in a mailLocalAddress
2082 attribute. If present, there must be only one mailHost attribute and it
2083 must contain a fully qualified host name as its value. Similarly, if
2084 present, there must be only one mailRoutingAddress attribute and it must
2085 contain an RFC 822 compliant address. Some example LDAP records (in LDIF
2086 format):
2088 dn: uid=tom, o=example.com, c=US
2089 objectClass: inetLocalMailRecipient
2090 mailLocalAddress: tom@example.com
2091 mailRoutingAddress: thomas@mailhost.example.com
2093 This would deliver mail for tom@example.com to thomas@mailhost.example.com.
2095 dn: uid=dick, o=example.com, c=US
2096 objectClass: inetLocalMailRecipient
2097 mailLocalAddress: dick@example.com
2098 mailHost: eng.example.com
2100 This would relay mail for dick@example.com to the same address but redirect
2101 the mail to MX records listed for the host eng.example.com (unless the
2102 mailertable overrides).
2104 dn: uid=harry, o=example.com, c=US
2105 objectClass: inetLocalMailRecipient
2106 mailLocalAddress: harry@example.com
2107 mailHost: mktmail.example.com
2108 mailRoutingAddress: harry@mkt.example.com
2110 This would relay mail for harry@example.com to the MX records listed for
2111 the host mktmail.example.com using the new address harry@mkt.example.com
2112 when talking to that host.
2114 dn: uid=virtual.example.com, o=example.com, c=US
2115 objectClass: inetLocalMailRecipient
2116 mailLocalAddress: @virtual.example.com
2117 mailHost: server.example.com
2118 mailRoutingAddress: virtual@example.com
2120 This would send all mail destined for any username @virtual.example.com to
2121 the machine server.example.com's MX servers and deliver to the address
2122 virtual@example.com on that relay machine.
2125 +---------------------------------+
2126 | ANTI-SPAM CONFIGURATION CONTROL |
2127 +---------------------------------+
2129 The primary anti-spam features available in sendmail are:
2131 * Relaying is denied by default.
2132 * Better checking on sender information.
2133 * Access database.
2134 * Header checks.
2136 Relaying (transmission of messages from a site outside your host (class
2137 {w}) to another site except yours) is denied by default. Note that this
2138 changed in sendmail 8.9; previous versions allowed relaying by default.
2139 If you really want to revert to the old behaviour, you will need to use
2140 FEATURE(`promiscuous_relay'). You can allow certain domains to relay
2141 through your server by adding their domain name or IP address to class
2142 {R} using RELAY_DOMAIN() and RELAY_DOMAIN_FILE() or via the access database
2143 (described below). Note that IPv6 addresses must be prefaced with "IPv6:".
2144 The file consists (like any other file based class) of entries listed on
2145 separate lines, e.g.,
2147 sendmail.org
2148 128.32
2149 IPv6:2002:c0a8:02c7
2150 IPv6:2002:c0a8:51d2::23f4
2151 host.mydomain.com
2152 [UNIX:localhost]
2154 Notice: the last entry allows relaying for connections via a UNIX
2155 socket to the MTA/MSP. This might be necessary if your configuration
2156 doesn't allow relaying by other means in that case, e.g., by having
2157 localhost.$m in class {R} (make sure $m is not just a top level
2158 domain).
2160 If you use
2162 FEATURE(`relay_entire_domain')
2164 then any host in any of your local domains (that is, class {m})
2165 will be relayed (that is, you will accept mail either to or from any
2166 host in your domain).
2168 You can also allow relaying based on the MX records of the host
2169 portion of an incoming recipient address by using
2171 FEATURE(`relay_based_on_MX')
2173 For example, if your server receives a recipient of user@domain.com
2174 and domain.com lists your server in its MX records, the mail will be
2175 accepted for relay to domain.com. This feature may cause problems
2176 if MX lookups for the recipient domain are slow or time out. In that
2177 case, mail will be temporarily rejected. It is usually better to
2178 maintain a list of hosts/domains for which the server acts as relay.
2179 Note also that this feature will stop spammers from using your host
2180 to relay spam but it will not stop outsiders from using your server
2181 as a relay for their site (that is, they set up an MX record pointing
2182 to your mail server, and you will relay mail addressed to them
2183 without any prior arrangement). Along the same lines,
2185 FEATURE(`relay_local_from')
2187 will allow relaying if the sender specifies a return path (i.e.
2188 MAIL FROM:<user@domain>) domain which is a local domain. This is a
2189 dangerous feature as it will allow spammers to spam using your mail
2190 server by simply specifying a return address of user@your.domain.com.
2191 It should not be used unless absolutely necessary.
2192 A slightly better solution is
2194 FEATURE(`relay_mail_from')
2196 which allows relaying if the mail sender is listed as RELAY in the
2197 access map. If an optional argument `domain' (this is the literal
2198 word `domain', not a placeholder) is given, the domain portion of
2199 the mail sender is also checked to allowing relaying. This option
2200 only works together with the tag From: for the LHS of the access
2201 map entries. This feature allows spammers to abuse your mail server
2202 by specifying a return address that you enabled in your access file.
2203 This may be harder to figure out for spammers, but it should not
2204 be used unless necessary. Instead use STARTTLS to
2205 allow relaying for roaming users.
2208 If source routing is used in the recipient address (e.g.,
2209 RCPT TO:<user%site.com@othersite.com>), sendmail will check
2210 user@site.com for relaying if othersite.com is an allowed relay host
2211 in either class {R}, class {m} if FEATURE(`relay_entire_domain') is used,
2212 or the access database if FEATURE(`access_db') is used. To prevent
2213 the address from being stripped down, use:
2215 FEATURE(`loose_relay_check')
2217 If you think you need to use this feature, you probably do not. This
2218 should only be used for sites which have no control over the addresses
2219 that they provide a gateway for. Use this FEATURE with caution as it
2220 can allow spammers to relay through your server if not setup properly.
2222 NOTICE: It is possible to relay mail through a system which the anti-relay
2223 rules do not prevent: the case of a system that does use FEATURE(`nouucp',
2224 `nospecial') (system A) and relays local messages to a mail hub (e.g., via
2225 LOCAL_RELAY or LUSER_RELAY) (system B). If system B doesn't use
2226 FEATURE(`nouucp') at all, addresses of the form
2227 <example.net!user@local.host> would be relayed to <user@example.net>.
2228 System A doesn't recognize `!' as an address separator and therefore
2229 forwards it to the mail hub which in turns relays it because it came from
2230 a trusted local host. So if a mailserver allows UUCP (bang-format)
2231 addresses, all systems from which it allows relaying should do the same
2232 or reject those addresses.
2234 As of 8.9, sendmail will refuse mail if the MAIL FROM: parameter has
2235 an unresolvable domain (i.e., one that DNS, your local name service,
2236 or special case rules in ruleset 3 cannot locate). This also applies
2237 to addresses that use domain literals, e.g., <user@[1.2.3.4]>, if the
2238 IP address can't be mapped to a host name. If you want to continue
2239 to accept such domains, e.g., because you are inside a firewall that
2240 has only a limited view of the Internet host name space (note that you
2241 will not be able to return mail to them unless you have some "smart
2242 host" forwarder), use
2244 FEATURE(`accept_unresolvable_domains')
2246 Alternatively, you can allow specific addresses by adding them to
2247 the access map, e.g.,
2249 From:unresolvable.domain OK
2250 From:[1.2.3.4] OK
2251 From:[1.2.4] OK
2253 Notice: domains which are temporarily unresolvable are (temporarily)
2254 rejected with a 451 reply code. If those domains should be accepted
2255 (which is discouraged) then you can use
2257 LOCAL_CONFIG
2258 C{ResOk}TEMP
2260 sendmail will also refuse mail if the MAIL FROM: parameter is not
2261 fully qualified (i.e., contains a domain as well as a user). If you
2262 want to continue to accept such senders, use
2264 FEATURE(`accept_unqualified_senders')
2266 Setting the DaemonPortOptions modifier 'u' overrides the default behavior,
2267 i.e., unqualified addresses are accepted even without this FEATURE. If
2268 this FEATURE is not used, the DaemonPortOptions modifier 'f' can be used
2269 to enforce fully qualified domain names.
2271 An ``access'' database can be created to accept or reject mail from
2272 selected domains. For example, you may choose to reject all mail
2273 originating from known spammers. To enable such a database, use
2275 FEATURE(`access_db')
2277 Notice: the access database is applied to the envelope addresses
2278 and the connection information, not to the header.
2280 The FEATURE macro can accept as second parameter the key file
2281 definition for the database; for example
2283 FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access_map')
2285 Notice: If a second argument is specified it must contain the option
2286 `-T<TMPF>' as shown above. The optional parameters may be
2288 `skip' enables SKIP as value part (see below).
2289 `lookupdotdomain' another way to enable the feature of the
2290 same name (see above).
2291 `relaytofulladdress' enable entries of the form
2292 To:user@example.com RELAY
2293 to allow relaying to just a specific
2294 e-mail address instead of an entire domain.
2296 Remember, since /etc/mail/access is a database, after creating the text
2297 file as described below, you must use makemap to create the database
2298 map. For example:
2300 makemap hash /etc/mail/access < /etc/mail/access
2302 The table itself uses e-mail addresses, domain names, and network
2303 numbers as keys. Note that IPv6 addresses must be prefaced with "IPv6:".
2304 For example,
2306 From:spammer@aol.com REJECT
2307 From:cyberspammer.com REJECT
2308 Connect:cyberspammer.com REJECT
2309 Connect:TLD REJECT
2310 Connect:192.168.212 REJECT
2311 Connect:IPv6:2002:c0a8:02c7 RELAY
2312 Connect:IPv6:2002:c0a8:51d2::23f4 REJECT
2314 would refuse mail from spammer@aol.com, any user from cyberspammer.com
2315 (or any host within the cyberspammer.com domain), any host in the entire
2316 top level domain TLD, 192.168.212.* network, and the IPv6 address
2317 2002:c0a8:51d2::23f4. It would allow relay for the IPv6 network
2318 2002:c0a8:02c7::/48.
2320 Entries in the access map should be tagged according to their type.
2321 Three tags are available:
2323 Connect: connection information (${client_addr}, ${client_name})
2324 From: envelope sender
2325 To: envelope recipient
2327 Notice: untagged entries are deprecated.
2329 If the required item is looked up in a map, it will be tried first
2330 with the corresponding tag in front, then (as fallback to enable
2331 backward compatibility) without any tag, unless the specific feature
2332 requires a tag. For example,
2334 From:spammer@some.dom REJECT
2335 To:friend.domain RELAY
2336 Connect:friend.domain OK
2337 Connect:from.domain RELAY
2338 From:good@another.dom OK
2339 From:another.dom REJECT
2341 This would deny mails from spammer@some.dom but you could still
2342 send mail to that address even if FEATURE(`blacklist_recipients')
2343 is enabled. Your system will allow relaying to friend.domain, but
2344 not from it (unless enabled by other means). Connections from that
2345 domain will be allowed even if it ends up in one of the DNS based
2346 rejection lists. Relaying is enabled from from.domain but not to
2347 it (since relaying is based on the connection information for
2348 outgoing relaying, the tag Connect: must be used; for incoming
2349 relaying, which is based on the recipient address, To: must be
2350 used). The last two entries allow mails from good@another.dom but
2351 reject mail from all other addresses with another.dom as domain
2352 part.
2355 The value part of the map can contain:
2357 OK Accept mail even if other rules in the running
2358 ruleset would reject it, for example, if the domain
2359 name is unresolvable. "Accept" does not mean
2360 "relay", but at most acceptance for local
2361 recipients. That is, OK allows less than RELAY.
2362 RELAY Accept mail addressed to the indicated domain
2363 (or address if `relaytofulladdress' is set) or
2364 received from the indicated domain for relaying
2365 through your SMTP server. RELAY also serves as
2366 an implicit OK for the other checks.
2367 REJECT Reject the sender or recipient with a general
2368 purpose message.
2369 DISCARD Discard the message completely using the
2370 $#discard mailer. If it is used in check_compat,
2371 it affects only the designated recipient, not
2372 the whole message as it does in all other cases.
2373 This should only be used if really necessary.
2374 SKIP This can only be used for host/domain names
2375 and IP addresses/nets. It will abort the current
2376 search for this entry without accepting or rejecting
2377 it but causing the default action.
2378 ### any text where ### is an RFC 821 compliant error code and
2379 "any text" is a message to return for the command.
2380 The entire string should be quoted to avoid
2381 surprises:
2383 "### any text"
2385 Otherwise sendmail formats the text as email
2386 addresses, e.g., it may remove spaces.
2387 This type is deprecated, use one of the two
2388 ERROR: entries below instead.
2389 ERROR:### any text
2390 as above, but useful to mark error messages as such.
2391 If quotes need to be used to avoid modifications
2392 (see above), they should be placed like this:
2394 ERROR:"### any text"
2396 ERROR:D.S.N:### any text
2397 where D.S.N is an RFC 1893 compliant error code
2398 and the rest as above. If quotes need to be used
2399 to avoid modifications, they should be placed
2400 like this:
2402 ERROR:D.S.N:"### any text"
2404 QUARANTINE:any text
2405 Quarantine the message using the given text as the
2406 quarantining reason.
2408 For example:
2410 From:cyberspammer.com ERROR:"550 We don't accept mail from spammers"
2411 From:okay.cyberspammer.com OK
2412 Connect:sendmail.org RELAY
2413 To:sendmail.org RELAY
2414 Connect:128.32 RELAY
2415 Connect:128.32.2 SKIP
2416 Connect:IPv6:1:2:3:4:5:6:7 RELAY
2417 Connect:suspicious.example.com QUARANTINE:Mail from suspicious host
2418 Connect:[127.0.0.3] OK
2419 Connect:[IPv6:1:2:3:4:5:6:7:8] OK
2421 would accept mail from okay.cyberspammer.com, but would reject mail
2422 from all other hosts at cyberspammer.com with the indicated message.
2423 It would allow relaying mail from and to any hosts in the sendmail.org
2424 domain, and allow relaying from the IPv6 1:2:3:4:5:6:7:* network
2425 and from the 128.32.*.* network except for the 128.32.2.* network,
2426 which shows how SKIP is useful to exempt subnets/subdomains. The
2427 last two entries are for checks against ${client_name} if the IP
2428 address doesn't resolve to a hostname (or is considered as "may be
2429 forged"). That is, using square brackets means these are host
2430 names, not network numbers.
2432 Warning: if you change the RFC 821 compliant error code from the default
2433 value of 550, then you should probably also change the RFC 1893 compliant
2434 error code to match it. For example, if you use
2436 To:user@example.com ERROR:450 mailbox full
2438 the error returned would be "450 5.0.0 mailbox full" which is wrong.
2439 Use "ERROR:4.2.2:450 mailbox full" instead.
2441 Note, UUCP users may need to add hostname.UUCP to the access database
2442 or class {R}.
2444 If you also use:
2446 FEATURE(`relay_hosts_only')
2448 then the above example will allow relaying for sendmail.org, but not
2449 hosts within the sendmail.org domain. Note that this will also require
2450 hosts listed in class {R} to be fully qualified host names.
2452 You can also use the access database to block sender addresses based on
2453 the username portion of the address. For example:
2455 From:FREE.STEALTH.MAILER@ ERROR:550 Spam not accepted
2457 Note that you must include the @ after the username to signify that
2458 this database entry is for checking only the username portion of the
2459 sender address.
2461 If you use:
2463 FEATURE(`blacklist_recipients')
2465 then you can add entries to the map for local users, hosts in your
2466 domains, or addresses in your domain which should not receive mail:
2468 To:badlocaluser@ ERROR:550 Mailbox disabled for badlocaluser
2469 To:host.my.TLD ERROR:550 That host does not accept mail
2470 To:user@other.my.TLD ERROR:550 Mailbox disabled for this recipient
2472 This would prevent a recipient of badlocaluser in any of the local
2473 domains (class {w}), any user at host.my.TLD, and the single address
2474 user@other.my.TLD from receiving mail. Please note: a local username
2475 must be now tagged with an @ (this is consistent with the check of
2476 the sender address, and hence it is possible to distinguish between
2477 hostnames and usernames). Enabling this feature will keep you from
2478 sending mails to all addresses that have an error message or REJECT
2479 as value part in the access map. Taking the example from above:
2481 spammer@aol.com REJECT
2482 cyberspammer.com REJECT
2484 Mail can't be sent to spammer@aol.com or anyone at cyberspammer.com.
2485 That's why tagged entries should be used.
2487 There are several DNS based blacklists which can be found by
2488 querying a search engine. These are databases of spammers
2489 maintained in DNS. To use such a database, specify
2491 FEATURE(`dnsbl', `dnsbl.example.com')
2493 This will cause sendmail to reject mail from any site listed in the
2494 DNS based blacklist. You must select a DNS based blacklist domain
2495 to check by specifying an argument to the FEATURE. The default
2496 error message is
2498 Rejected: IP-ADDRESS listed at SERVER
2500 where IP-ADDRESS and SERVER are replaced by the appropriate
2501 information. A second argument can be used to specify a different
2502 text or action. For example,
2504 FEATURE(`dnsbl', `dnsbl.example.com', `quarantine')
2506 would quarantine the message if the client IP address is listed
2507 at `dnsbl.example.com'.
2509 By default, temporary lookup failures are ignored
2510 and hence cause the connection not to be rejected by the DNS based
2511 rejection list. This behavior can be changed by specifying a third
2512 argument, which must be either `t' or a full error message. For
2513 example:
2515 FEATURE(`dnsbl', `dnsbl.example.com', `',
2516 `"451 Temporary lookup failure for " $&{client_addr} " in dnsbl.example.com"')
2518 If `t' is used, the error message is:
2520 451 Temporary lookup failure of IP-ADDRESS at SERVER
2522 where IP-ADDRESS and SERVER are replaced by the appropriate
2523 information.
2525 This FEATURE can be included several times to query different
2526 DNS based rejection lists.
2528 Notice: to avoid checking your own local domains against those
2529 blacklists, use the access_db feature and add:
2531 Connect:10.1 OK
2532 Connect:127.0.0.1 RELAY
2534 to the access map, where 10.1 is your local network. You may
2535 want to use "RELAY" instead of "OK" to allow also relaying
2536 instead of just disabling the DNS lookups in the blacklists.
2539 The features described above make use of the check_relay, check_mail,
2540 and check_rcpt rulesets. Note that check_relay checks the SMTP
2541 client hostname and IP address when the connection is made to your
2542 server. It does not check if a mail message is being relayed to
2543 another server. That check is done in check_rcpt. If you wish to
2544 include your own checks, you can put your checks in the rulesets
2545 Local_check_relay, Local_check_mail, and Local_check_rcpt. For
2546 example if you wanted to block senders with all numeric usernames
2547 (i.e. 2312343@bigisp.com), you would use Local_check_mail and the
2548 regex map:
2550 LOCAL_CONFIG
2551 Kallnumbers regex -a@MATCH ^[0-9]+$
2553 LOCAL_RULESETS
2554 SLocal_check_mail
2555 # check address against various regex checks
2556 R$* $: $>Parse0 $>3 $1
2557 R$+ < @ bigisp.com. > $* $: $(allnumbers $1 $)
2558 R@MATCH $#error $: 553 Header Error
2560 These rules are called with the original arguments of the corresponding
2561 check_* ruleset. If the local ruleset returns $#OK, no further checking
2562 is done by the features described above and the mail is accepted. If
2563 the local ruleset resolves to a mailer (such as $#error or $#discard),
2564 the appropriate action is taken. Other results starting with $# are
2565 interpreted by sendmail and may lead to unspecified behavior. Note: do
2566 NOT create a mailer with the name OK. Return values that do not start
2567 with $# are ignored, i.e., normal processing continues.
2569 Delay all checks
2570 ----------------
2572 By using FEATURE(`delay_checks') the rulesets check_mail and check_relay
2573 will not be called when a client connects or issues a MAIL command,
2574 respectively. Instead, those rulesets will be called by the check_rcpt
2575 ruleset; they will be skipped if a sender has been authenticated using
2576 a "trusted" mechanism, i.e., one that is defined via TRUST_AUTH_MECH().
2577 If check_mail returns an error then the RCPT TO command will be rejected
2578 with that error. If it returns some other result starting with $# then
2579 check_relay will be skipped. If the sender address (or a part of it) is
2580 listed in the access map and it has a RHS of OK or RELAY, then check_relay
2581 will be skipped. This has an interesting side effect: if your domain is
2582 my.domain and you have
2584 my.domain RELAY
2586 in the access map, then any e-mail with a sender address of
2587 <user@my.domain> will not be rejected by check_relay even though
2588 it would match the hostname or IP address. This allows spammers
2589 to get around DNS based blacklist by faking the sender address. To
2590 avoid this problem you have to use tagged entries:
2592 To:my.domain RELAY
2593 Connect:my.domain RELAY
2595 if you need those entries at all (class {R} may take care of them).
2597 FEATURE(`delay_checks') can take an optional argument:
2599 FEATURE(`delay_checks', `friend')
2600 enables spamfriend test
2601 FEATURE(`delay_checks', `hater')
2602 enables spamhater test
2604 If such an argument is given, the recipient will be looked up in the
2605 access map (using the tag Spam:). If the argument is `friend', then
2606 the default behavior is to apply the other rulesets and make a SPAM
2607 friend the exception. The rulesets check_mail and check_relay will be
2608 skipped only if the recipient address is found and has RHS FRIEND. If
2609 the argument is `hater', then the default behavior is to skip the rulesets
2610 check_mail and check_relay and make a SPAM hater the exception. The
2611 other two rulesets will be applied only if the recipient address is
2612 found and has RHS HATER.
2614 This allows for simple exceptions from the tests, e.g., by activating
2615 the friend option and having
2617 Spam:abuse@ FRIEND
2619 in the access map, mail to abuse@localdomain will get through (where
2620 "localdomain" is any domain in class {w}). It is also possible to
2621 specify a full address or an address with +detail:
2623 Spam:abuse@my.domain FRIEND
2624 Spam:me+abuse@ FRIEND
2625 Spam:spam.domain FRIEND
2627 Note: The required tag has been changed in 8.12 from To: to Spam:.
2628 This change is incompatible to previous versions. However, you can
2629 (for now) simply add the new entries to the access map, the old
2630 ones will be ignored. As soon as you removed the old entries from
2631 the access map, specify a third parameter (`n') to this feature and
2632 the backward compatibility rules will not be in the generated .cf
2633 file.
2635 Header Checks
2636 -------------
2638 You can also reject mail on the basis of the contents of headers.
2639 This is done by adding a ruleset call to the 'H' header definition command
2640 in sendmail.cf. For example, this can be used to check the validity of
2641 a Message-ID: header:
2643 LOCAL_CONFIG
2644 HMessage-Id: $>CheckMessageId
2646 LOCAL_RULESETS
2647 SCheckMessageId
2648 R< $+ @ $+ > $@ OK
2649 R$* $#error $: 553 Header Error
2651 The alternative format:
2653 HSubject: $>+CheckSubject
2655 that is, $>+ instead of $>, gives the full Subject: header including
2656 comments to the ruleset (comments in parentheses () are stripped
2657 by default).
2659 A default ruleset for headers which don't have a specific ruleset
2660 defined for them can be given by:
2662 H*: $>CheckHdr
2664 Notice:
2665 1. All rules act on tokens as explained in doc/op/op.{me,ps,txt}.
2666 That may cause problems with simple header checks due to the
2667 tokenization. It might be simpler to use a regex map and apply it
2668 to $&{currHeader}.
2669 2. There are no default rulesets coming with this distribution of
2670 sendmail. You can write your own or search the WWW for examples.
2671 3. When using a default ruleset for headers, the name of the header
2672 currently being checked can be found in the $&{hdr_name} macro.
2674 After all of the headers are read, the check_eoh ruleset will be called for
2675 any final header-related checks. The ruleset is called with the number of
2676 headers and the size of all of the headers in bytes separated by $|. One
2677 example usage is to reject messages which do not have a Message-Id:
2678 header. However, the Message-Id: header is *NOT* a required header and is
2679 not a guaranteed spam indicator. This ruleset is an example and should
2680 probably not be used in production.
2682 LOCAL_CONFIG
2683 Kstorage macro
2684 HMessage-Id: $>CheckMessageId
2686 LOCAL_RULESETS
2687 SCheckMessageId
2688 # Record the presence of the header
2689 R$* $: $(storage {MessageIdCheck} $@ OK $) $1
2690 R< $+ @ $+ > $@ OK
2691 R$* $#error $: 553 Header Error
2693 Scheck_eoh
2694 # Check the macro
2695 R$* $: < $&{MessageIdCheck} >
2696 # Clear the macro for the next message
2697 R$* $: $(storage {MessageIdCheck} $) $1
2698 # Has a Message-Id: header
2699 R< $+ > $@ OK
2700 # Allow missing Message-Id: from local mail
2701 R$* $: < $&{client_name} >
2702 R< > $@ OK
2703 R< $=w > $@ OK
2704 # Otherwise, reject the mail
2705 R$* $#error $: 553 Header Error
2708 +--------------------+
2709 | CONNECTION CONTROL |
2710 +--------------------+
2712 The features ratecontrol and conncontrol allow to establish connection
2713 limits per client IP address or net. These features can limit the
2714 rate of connections (connections per time unit) or the number of
2715 incoming SMTP connections, respectively. If enabled, appropriate
2716 rulesets are called at the end of check_relay, i.e., after DNS
2717 blacklists and generic access_db operations. The features require
2718 FEATURE(`access_db') to be listed earlier in the mc file.
2720 Note: FEATURE(`delay_checks') delays those connection control checks
2721 after a recipient address has been received, hence making these
2722 connection control features less useful. To run the checks as early
2723 as possible, specify the parameter `nodelay', e.g.,
2725 FEATURE(`ratecontrol', `nodelay')
2727 In that case, FEATURE(`delay_checks') has no effect on connection
2728 control (and it must be specified earlier in the mc file).
2730 An optional second argument `terminate' specifies whether the
2731 rulesets should return the error code 421 which will cause
2732 sendmail to terminate the session with that error if it is
2733 returned from check_relay, i.e., not delayed as explained in
2734 the previous paragraph. Example:
2736 FEATURE(`ratecontrol', `nodelay', `terminate')
2739 +----------+
2740 | STARTTLS |
2741 +----------+
2743 In this text, cert will be used as an abbreviation for X.509 certificate,
2744 DN (CN) is the distinguished (common) name of a cert, and CA is a
2745 certification authority, which signs (issues) certs.
2747 For STARTTLS to be offered by sendmail you need to set at least
2748 these variables (the file names and paths are just examples):
2750 define(`confCACERT_PATH', `/etc/mail/certs/')
2751 define(`confCACERT', `/etc/mail/certs/CA.cert.pem')
2752 define(`confSERVER_CERT', `/etc/mail/certs/my.cert.pem')
2753 define(`confSERVER_KEY', `/etc/mail/certs/my.key.pem')
2755 On systems which do not have the compile flag HASURANDOM set (see
2756 sendmail/README) you also must set confRAND_FILE.
2758 See doc/op/op.{me,ps,txt} for more information about these options,
2759 especially the sections ``Certificates for STARTTLS'' and ``PRNG for
2760 STARTTLS''.
2762 Macros related to STARTTLS are:
2764 ${cert_issuer} holds the DN of the CA (the cert issuer).
2765 ${cert_subject} holds the DN of the cert (called the cert subject).
2766 ${cn_issuer} holds the CN of the CA (the cert issuer).
2767 ${cn_subject} holds the CN of the cert (called the cert subject).
2768 ${tls_version} the TLS/SSL version used for the connection, e.g., TLSv1,
2769 TLSv1/SSLv3, SSLv3, SSLv2.
2770 ${cipher} the cipher used for the connection, e.g., EDH-DSS-DES-CBC3-SHA,
2771 EDH-RSA-DES-CBC-SHA, DES-CBC-MD5, DES-CBC3-SHA.
2772 ${cipher_bits} the keylength (in bits) of the symmetric encryption algorithm
2773 used for the connection.
2774 ${verify} holds the result of the verification of the presented cert.
2775 Possible values are:
2776 OK verification succeeded.
2777 NO no cert presented.
2778 NOT no cert requested.
2779 FAIL cert presented but could not be verified,
2780 e.g., the cert of the signing CA is missing.
2781 NONE STARTTLS has not been performed.
2782 TEMP temporary error occurred.
2783 PROTOCOL protocol error occurred (SMTP level).
2784 SOFTWARE STARTTLS handshake failed.
2785 ${server_name} the name of the server of the current outgoing SMTP
2786 connection.
2787 ${server_addr} the address of the server of the current outgoing SMTP
2788 connection.
2790 Relaying
2791 --------
2793 SMTP STARTTLS can allow relaying for remote SMTP clients which have
2794 successfully authenticated themselves. If the verification of the cert
2795 failed (${verify} != OK), relaying is subject to the usual rules.
2796 Otherwise the DN of the issuer is looked up in the access map using the
2797 tag CERTISSUER. If the resulting value is RELAY, relaying is allowed.
2798 If it is SUBJECT, the DN of the cert subject is looked up next in the
2799 access map using the tag CERTSUBJECT. If the value is RELAY, relaying
2800 is allowed.
2802 To make things a bit more flexible (or complicated), the values for
2803 ${cert_issuer} and ${cert_subject} can be optionally modified by regular
2804 expressions defined in the m4 variables _CERT_REGEX_ISSUER_ and
2805 _CERT_REGEX_SUBJECT_, respectively. To avoid problems with those macros in
2806 rulesets and map lookups, they are modified as follows: each non-printable
2807 character and the characters '<', '>', '(', ')', '"', '+', ' ' are replaced
2808 by their HEX value with a leading '+'. For example:
2810 /C=US/ST=California/O=endmail.org/OU=private/CN=Darth Mail (Cert)/Email=
2811 darth+cert@endmail.org
2813 is encoded as:
2815 /C=US/ST=California/O=endmail.org/OU=private/CN=
2816 Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org
2818 (line breaks have been inserted for readability).
2820 The macros which are subject to this encoding are ${cert_subject},
2821 ${cert_issuer}, ${cn_subject}, and ${cn_issuer}.
2823 Examples:
2825 To allow relaying for everyone who can present a cert signed by
2827 /C=US/ST=California/O=endmail.org/OU=private/CN=
2828 Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org
2830 simply use:
2832 CertIssuer:/C=US/ST=California/O=endmail.org/OU=private/CN=
2833 Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org RELAY
2835 To allow relaying only for a subset of machines that have a cert signed by
2837 /C=US/ST=California/O=endmail.org/OU=private/CN=
2838 Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org
2840 use:
2842 CertIssuer:/C=US/ST=California/O=endmail.org/OU=private/CN=
2843 Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org SUBJECT
2844 CertSubject:/C=US/ST=California/O=endmail.org/OU=private/CN=
2845 DeathStar/Email=deathstar@endmail.org RELAY
2847 Notes:
2848 - line breaks have been inserted after "CN=" for readability,
2849 each tagged entry must be one (long) line in the access map.
2850 - if OpenSSL 0.9.7 or newer is used then the "Email=" part of a DN
2851 is replaced by "emailAddress=".
2853 Of course it is also possible to write a simple ruleset that allows
2854 relaying for everyone who can present a cert that can be verified, e.g.,
2856 LOCAL_RULESETS
2857 SLocal_check_rcpt
2858 R$* $: $&{verify}
2859 ROK $# OK
2861 Allowing Connections
2862 --------------------
2864 The rulesets tls_server, tls_client, and tls_rcpt are used to decide whether
2865 an SMTP connection is accepted (or should continue).
2867 tls_server is called when sendmail acts as client after a STARTTLS command
2868 (should) have been issued. The parameter is the value of ${verify}.
2870 tls_client is called when sendmail acts as server, after a STARTTLS command
2871 has been issued, and from check_mail. The parameter is the value of
2872 ${verify} and STARTTLS or MAIL, respectively.
2874 Both rulesets behave the same. If no access map is in use, the connection
2875 will be accepted unless ${verify} is SOFTWARE, in which case the connection
2876 is always aborted. For tls_server/tls_client, ${client_name}/${server_name}
2877 is looked up in the access map using the tag TLS_Srv/TLS_Clt, which is done
2878 with the ruleset LookUpDomain. If no entry is found, ${client_addr}
2879 (${server_addr}) is looked up in the access map (same tag, ruleset
2880 LookUpAddr). If this doesn't result in an entry either, just the tag is
2881 looked up in the access map (included the trailing colon). Notice:
2882 requiring that e-mail is sent to a server only encrypted, e.g., via
2884 TLS_Srv:secure.domain ENCR:112
2886 doesn't necessarily mean that e-mail sent to that domain is encrypted.
2887 If the domain has multiple MX servers, e.g.,
2889 secure.domain. IN MX 10 mail.secure.domain.
2890 secure.domain. IN MX 50 mail.other.domain.
2892 then mail to user@secure.domain may go unencrypted to mail.other.domain.
2893 tls_rcpt can be used to address this problem.
2895 tls_rcpt is called before a RCPT TO: command is sent. The parameter is the
2896 current recipient. This ruleset is only defined if FEATURE(`access_db')
2897 is selected. A recipient address user@domain is looked up in the access
2898 map in four formats: TLS_Rcpt:user@domain, TLS_Rcpt:user@, TLS_Rcpt:domain,
2899 and TLS_Rcpt:; the first match is taken.
2901 The result of the lookups is then used to call the ruleset TLS_connection,
2902 which checks the requirement specified by the RHS in the access map against
2903 the actual parameters of the current TLS connection, esp. ${verify} and
2904 ${cipher_bits}. Legal RHSs in the access map are:
2906 VERIFY verification must have succeeded
2907 VERIFY:bits verification must have succeeded and ${cipher_bits} must
2908 be greater than or equal bits.
2909 ENCR:bits ${cipher_bits} must be greater than or equal bits.
2911 The RHS can optionally be prefixed by TEMP+ or PERM+ to select a temporary
2912 or permanent error. The default is a temporary error code (403 4.7.0)
2913 unless the macro TLS_PERM_ERR is set during generation of the .cf file.
2915 If a certain level of encryption is required, then it might also be
2916 possible that this level is provided by the security layer from a SASL
2917 algorithm, e.g., DIGEST-MD5.
2919 Furthermore, there can be a list of extensions added. Such a list
2920 starts with '+' and the items are separated by '++'. Allowed
2921 extensions are:
2923 CN:name name must match ${cn_subject}
2924 CN ${client_name}/${server_name} must match ${cn_subject}
2925 CS:name name must match ${cert_subject}
2926 CI:name name must match ${cert_issuer}
2928 Example: e-mail sent to secure.example.com should only use an encrypted
2929 connection. E-mail received from hosts within the laptop.example.com domain
2930 should only be accepted if they have been authenticated. The host which
2931 receives e-mail for darth@endmail.org must present a cert that uses the
2932 CN smtp.endmail.org.
2934 TLS_Srv:secure.example.com ENCR:112
2935 TLS_Clt:laptop.example.com PERM+VERIFY:112
2936 TLS_Rcpt:darth@endmail.org ENCR:112+CN:smtp.endmail.org
2939 Disabling STARTTLS And Setting SMTP Server Features
2940 ---------------------------------------------------
2942 By default STARTTLS is used whenever possible. However, there are
2943 some broken MTAs that don't properly implement STARTTLS. To be able
2944 to send to (or receive from) those MTAs, the ruleset try_tls
2945 (srv_features) can be used that work together with the access map.
2946 Entries for the access map must be tagged with Try_TLS (Srv_Features)
2947 and refer to the hostname or IP address of the connecting system.
2948 A default case can be specified by using just the tag. For example,
2949 the following entries in the access map:
2951 Try_TLS:broken.server NO
2952 Srv_Features:my.domain v
2953 Srv_Features: V
2955 will turn off STARTTLS when sending to broken.server (or any host
2956 in that domain), and request a client certificate during the TLS
2957 handshake only for hosts in my.domain. The valid entries on the RHS
2958 for Srv_Features are listed in the Sendmail Installation and
2959 Operations Guide.
2962 Received: Header
2963 ----------------
2965 The Received: header reveals whether STARTTLS has been used. It contains an
2966 extra line:
2968 (version=${tls_version} cipher=${cipher} bits=${cipher_bits} verify=${verify})
2971 +--------------------------------+
2972 | ADDING NEW MAILERS OR RULESETS |
2973 +--------------------------------+
2975 Sometimes you may need to add entirely new mailers or rulesets. They
2976 should be introduced with the constructs MAILER_DEFINITIONS and
2977 LOCAL_RULESETS respectively. For example:
2979 MAILER_DEFINITIONS
2980 Mmymailer, ...
2981 ...
2983 LOCAL_RULESETS
2984 Smyruleset
2985 ...
2987 Local additions for the rulesets srv_features, try_tls, tls_rcpt,
2988 tls_client, and tls_server can be made using LOCAL_SRV_FEATURES,
2989 LOCAL_TRY_TLS, LOCAL_TLS_RCPT, LOCAL_TLS_CLIENT, and LOCAL_TLS_SERVER,
2990 respectively. For example, to add a local ruleset that decides
2991 whether to try STARTTLS in a sendmail client, use:
2993 LOCAL_TRY_TLS
2994 R...
2996 Note: you don't need to add a name for the ruleset, it is implicitly
2997 defined by using the appropriate macro.
3000 +-------------------------+
3001 | ADDING NEW MAIL FILTERS |
3002 +-------------------------+
3004 Sendmail supports mail filters to filter incoming SMTP messages according
3005 to the "Sendmail Mail Filter API" documentation. These filters can be
3006 configured in your mc file using the two commands:
3008 MAIL_FILTER(`name', `equates')
3009 INPUT_MAIL_FILTER(`name', `equates')
3011 The first command, MAIL_FILTER(), simply defines a filter with the given
3012 name and equates. For example:
3014 MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R')
3016 This creates the equivalent sendmail.cf entry:
3018 Xarchive, S=local:/var/run/archivesock, F=R
3020 The INPUT_MAIL_FILTER() command performs the same actions as MAIL_FILTER
3021 but also populates the m4 variable `confINPUT_MAIL_FILTERS' with the name
3022 of the filter such that the filter will actually be called by sendmail.
3024 For example, the two commands:
3026 INPUT_MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R')
3027 INPUT_MAIL_FILTER(`spamcheck', `S=inet:2525@localhost, F=T')
3029 are equivalent to the three commands:
3031 MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R')
3032 MAIL_FILTER(`spamcheck', `S=inet:2525@localhost, F=T')
3033 define(`confINPUT_MAIL_FILTERS', `archive, spamcheck')
3035 In general, INPUT_MAIL_FILTER() should be used unless you need to define
3036 more filters than you want to use for `confINPUT_MAIL_FILTERS'.
3038 Note that setting `confINPUT_MAIL_FILTERS' after any INPUT_MAIL_FILTER()
3039 commands will clear the list created by the prior INPUT_MAIL_FILTER()
3040 commands.
3043 +-------------------------+
3044 | QUEUE GROUP DEFINITIONS |
3045 +-------------------------+
3047 In addition to the queue directory (which is the default queue group
3048 called "mqueue"), sendmail can deal with multiple queue groups, which
3049 are collections of queue directories with the same behaviour. Queue
3050 groups can be defined using the command:
3052 QUEUE_GROUP(`name', `equates')
3054 For details about queue groups, please see doc/op/op.{me,ps,txt}.
3056 +-------------------------------+
3057 | NON-SMTP BASED CONFIGURATIONS |
3058 +-------------------------------+
3060 These configuration files are designed primarily for use by
3061 SMTP-based sites. They may not be well tuned for UUCP-only or
3062 UUCP-primarily nodes (the latter is defined as a small local net
3063 connected to the rest of the world via UUCP). However, there is
3064 one hook to handle some special cases.
3066 You can define a ``smart host'' that understands a richer address syntax
3067 using:
3069 define(`SMART_HOST', `mailer:hostname')
3071 In this case, the ``mailer:'' defaults to "relay". Any messages that
3072 can't be handled using the usual UUCP rules are passed to this host.
3074 If you are on a local SMTP-based net that connects to the outside
3075 world via UUCP, you can use LOCAL_NET_CONFIG to add appropriate rules.
3076 For example:
3078 define(`SMART_HOST', `uucp-new:uunet')
3079 LOCAL_NET_CONFIG
3080 R$* < @ $* .$m. > $* $#smtp $@ $2.$m. $: $1 < @ $2.$m. > $3
3082 This will cause all names that end in your domain name ($m) to be sent
3083 via SMTP; anything else will be sent via uucp-new (smart UUCP) to uunet.
3084 If you have FEATURE(`nocanonify'), you may need to omit the dots after
3085 the $m. If you are running a local DNS inside your domain which is
3086 not otherwise connected to the outside world, you probably want to
3087 use:
3089 define(`SMART_HOST', `smtp:fire.wall.com')
3090 LOCAL_NET_CONFIG
3091 R$* < @ $* . > $* $#smtp $@ $2. $: $1 < @ $2. > $3
3093 That is, send directly only to things you found in your DNS lookup;
3094 anything else goes through SMART_HOST.
3096 You may need to turn off the anti-spam rules in order to accept
3097 UUCP mail with FEATURE(`promiscuous_relay') and
3098 FEATURE(`accept_unresolvable_domains').
3101 +-----------+
3102 | WHO AM I? |
3103 +-----------+
3105 Normally, the $j macro is automatically defined to be your fully
3106 qualified domain name (FQDN). Sendmail does this by getting your
3107 host name using gethostname and then calling gethostbyname on the
3108 result. For example, in some environments gethostname returns
3109 only the root of the host name (such as "foo"); gethostbyname is
3110 supposed to return the FQDN ("foo.bar.com"). In some (fairly rare)
3111 cases, gethostbyname may fail to return the FQDN. In this case
3112 you MUST define confDOMAIN_NAME to be your fully qualified domain
3113 name. This is usually done using:
3115 Dmbar.com
3116 define(`confDOMAIN_NAME', `$w.$m')dnl
3119 +-----------------------------------+
3120 | ACCEPTING MAIL FOR MULTIPLE NAMES |
3121 +-----------------------------------+
3123 If your host is known by several different names, you need to augment
3124 class {w}. This is a list of names by which your host is known, and
3125 anything sent to an address using a host name in this list will be
3126 treated as local mail. You can do this in two ways: either create the
3127 file /etc/mail/local-host-names containing a list of your aliases (one per
3128 line), and use ``FEATURE(`use_cw_file')'' in the .mc file, or add
3129 ``LOCAL_DOMAIN(`alias.host.name')''. Be sure you use the fully-qualified
3130 name of the host, rather than a short name.
3132 If you want to have different address in different domains, take
3133 a look at the virtusertable feature, which is also explained at
3134 http://www.sendmail.org/virtual-hosting.html
3137 +--------------------+
3138 | USING MAILERTABLES |
3139 +--------------------+
3141 To use FEATURE(`mailertable'), you will have to create an external
3142 database containing the routing information for various domains.
3143 For example, a mailertable file in text format might be:
3145 .my.domain xnet:%1.my.domain
3146 uuhost1.my.domain uucp-new:uuhost1
3147 .bitnet smtp:relay.bit.net
3149 This should normally be stored in /etc/mail/mailertable. The actual
3150 database version of the mailertable is built using:
3152 makemap hash /etc/mail/mailertable < /etc/mail/mailertable
3154 The semantics are simple. Any LHS entry that does not begin with
3155 a dot matches the full host name indicated. LHS entries beginning
3156 with a dot match anything ending with that domain name (including
3157 the leading dot) -- that is, they can be thought of as having a
3158 leading ".+" regular expression pattern for a non-empty sequence of
3159 characters. Matching is done in order of most-to-least qualified
3160 -- for example, even though ".my.domain" is listed first in the
3161 above example, an entry of "uuhost1.my.domain" will match the second
3162 entry since it is more explicit. Note: e-mail to "user@my.domain"
3163 does not match any entry in the above table. You need to have
3164 something like:
3166 my.domain esmtp:host.my.domain
3168 The RHS should always be a "mailer:host" pair. The mailer is the
3169 configuration name of a mailer (that is, an M line in the
3170 sendmail.cf file). The "host" will be the hostname passed to
3171 that mailer. In domain-based matches (that is, those with leading
3172 dots) the "%1" may be used to interpolate the wildcarded part of
3173 the host name. For example, the first line above sends everything
3174 addressed to "anything.my.domain" to that same host name, but using
3175 the (presumably experimental) xnet mailer.
3177 In some cases you may want to temporarily turn off MX records,
3178 particularly on gateways. For example, you may want to MX
3179 everything in a domain to one machine that then forwards it
3180 directly. To do this, you might use the DNS configuration:
3182 *.domain. IN MX 0 relay.machine
3184 and on relay.machine use the mailertable:
3186 .domain smtp:[gateway.domain]
3188 The [square brackets] turn off MX records for this host only.
3189 If you didn't do this, the mailertable would use the MX record
3190 again, which would give you an MX loop. Note that the use of
3191 wildcard MX records is almost always a bad idea. Please avoid
3192 using them if possible.
3195 +--------------------------------+
3196 | USING USERDB TO MAP FULL NAMES |
3197 +--------------------------------+
3199 The user database was not originally intended for mapping full names
3200 to login names (e.g., Eric.Allman => eric), but some people are using
3201 it that way. (it is recommended that you set up aliases for this
3202 purpose instead -- since you can specify multiple alias files, this
3203 is fairly easy.) The intent was to locate the default maildrop at
3204 a site, but allow you to override this by sending to a specific host.
3206 If you decide to set up the user database in this fashion, it is
3207 imperative that you not use FEATURE(`stickyhost') -- otherwise,
3208 e-mail sent to Full.Name@local.host.name will be rejected.
3210 To build the internal form of the user database, use:
3212 makemap btree /etc/mail/userdb < /etc/mail/userdb.txt
3214 As a general rule, it is an extremely bad idea to using full names
3215 as e-mail addresses, since they are not in any sense unique. For
3216 example, the UNIX software-development community has at least two
3217 well-known Peter Deutsches, and at one time Bell Labs had two
3218 Stephen R. Bournes with offices along the same hallway. Which one
3219 will be forced to suffer the indignity of being Stephen_R_Bourne_2?
3220 The less famous of the two, or the one that was hired later?
3222 Finger should handle full names (and be fuzzy). Mail should use
3223 handles, and not be fuzzy.
3226 +--------------------------------+
3227 | MISCELLANEOUS SPECIAL FEATURES |
3228 +--------------------------------+
3230 Plussed users
3231 Sometimes it is convenient to merge configuration on a
3232 centralized mail machine, for example, to forward all
3233 root mail to a mail server. In this case it might be
3234 useful to be able to treat the root addresses as a class
3235 of addresses with subtle differences. You can do this
3236 using plussed users. For example, a client might include
3237 the alias:
3239 root: root+client1@server
3241 On the server, this will match an alias for "root+client1".
3242 If that is not found, the alias "root+*" will be tried,
3243 then "root".
3246 +----------------+
3247 | SECURITY NOTES |
3248 +----------------+
3250 A lot of sendmail security comes down to you. Sendmail 8 is much
3251 more careful about checking for security problems than previous
3252 versions, but there are some things that you still need to watch
3253 for. In particular:
3255 * Make sure the aliases file is not writable except by trusted
3256 system personnel. This includes both the text and database
3257 version.
3259 * Make sure that other files that sendmail reads, such as the
3260 mailertable, are only writable by trusted system personnel.
3262 * The queue directory should not be world writable PARTICULARLY
3263 if your system allows "file giveaways" (that is, if a non-root
3264 user can chown any file they own to any other user).
3266 * If your system allows file giveaways, DO NOT create a publically
3267 writable directory for forward files. This will allow anyone
3268 to steal anyone else's e-mail. Instead, create a script that
3269 copies the .forward file from users' home directories once a
3270 night (if you want the non-NFS-mounted forward directory).
3272 * If your system allows file giveaways, you'll find that
3273 sendmail is much less trusting of :include: files -- in
3274 particular, you'll have to have /SENDMAIL/ANY/SHELL/ in
3275 /etc/shells before they will be trusted (that is, before
3276 files and programs listed in them will be honored).
3278 In general, file giveaways are a mistake -- if you can turn them
3279 off, do so.
3282 +--------------------------------+
3283 | TWEAKING CONFIGURATION OPTIONS |
3284 +--------------------------------+
3286 There are a large number of configuration options that don't normally
3287 need to be changed. However, if you feel you need to tweak them,
3288 you can define the following M4 variables. Note that some of these
3289 variables require formats that are defined in RFC 2821 or RFC 2822.
3290 Before changing them you need to make sure you do not violate those
3291 (and other relevant) RFCs.
3293 This list is shown in four columns: the name you define, the default
3294 value for that definition, the option or macro that is affected
3295 (either Ox for an option or Dx for a macro), and a brief description.
3297 Some options are likely to be deprecated in future versions -- that is,
3298 the option is only included to provide back-compatibility. These are
3299 marked with "*".
3301 Remember that these options are M4 variables, and hence may need to
3302 be quoted. In particular, arguments with commas will usually have to
3303 be ``double quoted, like this phrase'' to avoid having the comma
3304 confuse things. This is common for alias file definitions and for
3305 the read timeout.
3307 M4 Variable Name Configuration [Default] & Description
3308 ================ ============= =======================
3309 confMAILER_NAME $n macro [MAILER-DAEMON] The sender name used
3310 for internally generated outgoing
3311 messages.
3312 confDOMAIN_NAME $j macro If defined, sets $j. This should
3313 only be done if your system cannot
3314 determine your local domain name,
3315 and then it should be set to
3316 $w.Foo.COM, where Foo.COM is your
3317 domain name.
3318 confCF_VERSION $Z macro If defined, this is appended to the
3319 configuration version name.
3320 confLDAP_CLUSTER ${sendmailMTACluster} macro
3321 If defined, this is the LDAP
3322 cluster to use for LDAP searches
3323 as described above in ``USING LDAP
3324 FOR ALIASES, MAPS, AND CLASSES''.
3325 confFROM_HEADER From: [$?x$x <$g>$|$g$.] The format of an
3326 internally generated From: address.
3327 confRECEIVED_HEADER Received:
3328 [$?sfrom $s $.$?_($?s$|from $.$_)
3329 $.$?{auth_type}(authenticated)
3330 $.by $j ($v/$Z)$?r with $r$. id $i$?u
3331 for $u; $|;
3332 $.$b]
3333 The format of the Received: header
3334 in messages passed through this host.
3335 It is unwise to try to change this.
3336 confMESSAGEID_HEADER Message-Id: [<$t.$i@$j>] The format of an
3337 internally generated Message-Id:
3338 header.
3339 confCW_FILE Fw class [/etc/mail/local-host-names] Name
3340 of file used to get the local
3341 additions to class {w} (local host
3342 names).
3343 confCT_FILE Ft class [/etc/mail/trusted-users] Name of
3344 file used to get the local additions
3345 to class {t} (trusted users).
3346 confCR_FILE FR class [/etc/mail/relay-domains] Name of
3347 file used to get the local additions
3348 to class {R} (hosts allowed to relay).
3349 confTRUSTED_USERS Ct class [no default] Names of users to add to
3350 the list of trusted users. This list
3351 always includes root, uucp, and daemon.
3352 See also FEATURE(`use_ct_file').
3353 confTRUSTED_USER TrustedUser [no default] Trusted user for file
3354 ownership and starting the daemon.
3355 Not to be confused with
3356 confTRUSTED_USERS (see above).
3357 confSMTP_MAILER - [esmtp] The mailer name used when
3358 SMTP connectivity is required.
3359 One of "smtp", "smtp8",
3360 "esmtp", or "dsmtp".
3361 confUUCP_MAILER - [uucp-old] The mailer to be used by
3362 default for bang-format recipient
3363 addresses. See also discussion of
3364 class {U}, class {Y}, and class {Z}
3365 in the MAILER(`uucp') section.
3366 confLOCAL_MAILER - [local] The mailer name used when
3367 local connectivity is required.
3368 Almost always "local".
3369 confRELAY_MAILER - [relay] The default mailer name used
3370 for relaying any mail (e.g., to a
3371 BITNET_RELAY, a SMART_HOST, or
3372 whatever). This can reasonably be
3373 "uucp-new" if you are on a
3374 UUCP-connected site.
3375 confSEVEN_BIT_INPUT SevenBitInput [False] Force input to seven bits?
3376 confEIGHT_BIT_HANDLING EightBitMode [pass8] 8-bit data handling
3377 confALIAS_WAIT AliasWait [10m] Time to wait for alias file
3378 rebuild until you get bored and
3379 decide that the apparently pending
3380 rebuild failed.
3381 confMIN_FREE_BLOCKS MinFreeBlocks [100] Minimum number of free blocks on
3382 queue filesystem to accept SMTP mail.
3383 (Prior to 8.7 this was minfree/maxsize,
3384 where minfree was the number of free
3385 blocks and maxsize was the maximum
3386 message size. Use confMAX_MESSAGE_SIZE
3387 for the second value now.)
3388 confMAX_MESSAGE_SIZE MaxMessageSize [infinite] The maximum size of messages
3389 that will be accepted (in bytes).
3390 confBLANK_SUB BlankSub [.] Blank (space) substitution
3391 character.
3392 confCON_EXPENSIVE HoldExpensive [False] Avoid connecting immediately
3393 to mailers marked expensive.
3394 confCHECKPOINT_INTERVAL CheckpointInterval
3395 [10] Checkpoint queue files every N
3396 recipients.
3397 confDELIVERY_MODE DeliveryMode [background] Default delivery mode.
3398 confERROR_MODE ErrorMode [print] Error message mode.
3399 confERROR_MESSAGE ErrorHeader [undefined] Error message header/file.
3400 confSAVE_FROM_LINES SaveFromLine Save extra leading From_ lines.
3401 confTEMP_FILE_MODE TempFileMode [0600] Temporary file mode.
3402 confMATCH_GECOS MatchGECOS [False] Match GECOS field.
3403 confMAX_HOP MaxHopCount [25] Maximum hop count.
3404 confIGNORE_DOTS* IgnoreDots [False; always False in -bs or -bd
3405 mode] Ignore dot as terminator for
3406 incoming messages?
3407 confBIND_OPTS ResolverOptions [undefined] Default options for DNS
3408 resolver.
3409 confMIME_FORMAT_ERRORS* SendMimeErrors [True] Send error messages as MIME-
3410 encapsulated messages per RFC 1344.
3411 confFORWARD_PATH ForwardPath [$z/.forward.$w:$z/.forward]
3412 The colon-separated list of places to
3413 search for .forward files. N.B.: see
3414 the Security Notes section.
3415 confMCI_CACHE_SIZE ConnectionCacheSize
3416 [2] Size of open connection cache.
3417 confMCI_CACHE_TIMEOUT ConnectionCacheTimeout
3418 [5m] Open connection cache timeout.
3419 confHOST_STATUS_DIRECTORY HostStatusDirectory
3420 [undefined] If set, host status is kept
3421 on disk between sendmail runs in the
3422 named directory tree. This need not be
3423 a full pathname, in which case it is
3424 interpreted relative to the queue
3425 directory.
3426 confSINGLE_THREAD_DELIVERY SingleThreadDelivery
3427 [False] If this option and the
3428 HostStatusDirectory option are both
3429 set, single thread deliveries to other
3430 hosts. That is, don't allow any two
3431 sendmails on this host to connect
3432 simultaneously to any other single
3433 host. This can slow down delivery in
3434 some cases, in particular since a
3435 cached but otherwise idle connection
3436 to a host will prevent other sendmails
3437 from connecting to the other host.
3438 confUSE_ERRORS_TO* UseErrorsTo [False] Use the Errors-To: header to
3439 deliver error messages. This should
3440 not be necessary because of general
3441 acceptance of the envelope/header
3442 distinction.
3443 confLOG_LEVEL LogLevel [9] Log level.
3444 confME_TOO MeToo [True] Include sender in group
3445 expansions. This option is
3446 deprecated and will be removed from
3447 a future version.
3448 confCHECK_ALIASES CheckAliases [False] Check RHS of aliases when
3449 running newaliases. Since this does
3450 DNS lookups on every address, it can
3451 slow down the alias rebuild process
3452 considerably on large alias files.
3453 confOLD_STYLE_HEADERS* OldStyleHeaders [True] Assume that headers without
3454 special chars are old style.
3455 confPRIVACY_FLAGS PrivacyOptions [authwarnings] Privacy flags.
3456 confCOPY_ERRORS_TO PostmasterCopy [undefined] Address for additional
3457 copies of all error messages.
3458 confQUEUE_FACTOR QueueFactor [600000] Slope of queue-only function.
3459 confQUEUE_FILE_MODE QueueFileMode [undefined] Default permissions for
3460 queue files (octal). If not set,
3461 sendmail uses 0600 unless its real
3462 and effective uid are different in
3463 which case it uses 0644.
3464 confDONT_PRUNE_ROUTES DontPruneRoutes [False] Don't prune down route-addr
3465 syntax addresses to the minimum
3466 possible.
3467 confSAFE_QUEUE* SuperSafe [True] Commit all messages to disk
3468 before forking.
3469 confTO_INITIAL Timeout.initial [5m] The timeout waiting for a response
3470 on the initial connect.
3471 confTO_CONNECT Timeout.connect [0] The timeout waiting for an initial
3472 connect() to complete. This can only
3473 shorten connection timeouts; the kernel
3474 silently enforces an absolute maximum
3475 (which varies depending on the system).
3476 confTO_ICONNECT Timeout.iconnect
3477 [undefined] Like Timeout.connect, but
3478 applies only to the very first attempt
3479 to connect to a host in a message.
3480 This allows a single very fast pass
3481 followed by more careful delivery
3482 attempts in the future.
3483 confTO_ACONNECT Timeout.aconnect
3484 [0] The overall timeout waiting for
3485 all connection for a single delivery
3486 attempt to succeed. If 0, no overall
3487 limit is applied.
3488 confTO_HELO Timeout.helo [5m] The timeout waiting for a response
3489 to a HELO or EHLO command.
3490 confTO_MAIL Timeout.mail [10m] The timeout waiting for a
3491 response to the MAIL command.
3492 confTO_RCPT Timeout.rcpt [1h] The timeout waiting for a response
3493 to the RCPT command.
3494 confTO_DATAINIT Timeout.datainit
3495 [5m] The timeout waiting for a 354
3496 response from the DATA command.
3497 confTO_DATABLOCK Timeout.datablock
3498 [1h] The timeout waiting for a block
3499 during DATA phase.
3500 confTO_DATAFINAL Timeout.datafinal
3501 [1h] The timeout waiting for a response
3502 to the final "." that terminates a
3503 message.
3504 confTO_RSET Timeout.rset [5m] The timeout waiting for a response
3505 to the RSET command.
3506 confTO_QUIT Timeout.quit [2m] The timeout waiting for a response
3507 to the QUIT command.
3508 confTO_MISC Timeout.misc [2m] The timeout waiting for a response
3509 to other SMTP commands.
3510 confTO_COMMAND Timeout.command [1h] In server SMTP, the timeout
3511 waiting for a command to be issued.
3512 confTO_IDENT Timeout.ident [5s] The timeout waiting for a
3513 response to an IDENT query.
3514 confTO_FILEOPEN Timeout.fileopen
3515 [60s] The timeout waiting for a file
3516 (e.g., :include: file) to be opened.
3517 confTO_LHLO Timeout.lhlo [2m] The timeout waiting for a response
3518 to an LMTP LHLO command.
3519 confTO_STARTTLS Timeout.starttls
3520 [1h] The timeout waiting for a
3521 response to an SMTP STARTTLS command.
3522 confTO_CONTROL Timeout.control
3523 [2m] The timeout for a complete
3524 control socket transaction to complete.
3525 confTO_QUEUERETURN Timeout.queuereturn
3526 [5d] The timeout before a message is
3527 returned as undeliverable.
3528 confTO_QUEUERETURN_NORMAL
3529 Timeout.queuereturn.normal
3530 [undefined] As above, for normal
3531 priority messages.
3532 confTO_QUEUERETURN_URGENT
3533 Timeout.queuereturn.urgent
3534 [undefined] As above, for urgent
3535 priority messages.
3536 confTO_QUEUERETURN_NONURGENT
3537 Timeout.queuereturn.non-urgent
3538 [undefined] As above, for non-urgent
3539 (low) priority messages.
3540 confTO_QUEUERETURN_DSN
3541 Timeout.queuereturn.dsn
3542 [undefined] As above, for delivery
3543 status notification messages.
3544 confTO_QUEUEWARN Timeout.queuewarn
3545 [4h] The timeout before a warning
3546 message is sent to the sender telling
3547 them that the message has been
3548 deferred.
3549 confTO_QUEUEWARN_NORMAL Timeout.queuewarn.normal
3550 [undefined] As above, for normal
3551 priority messages.
3552 confTO_QUEUEWARN_URGENT Timeout.queuewarn.urgent
3553 [undefined] As above, for urgent
3554 priority messages.
3555 confTO_QUEUEWARN_NONURGENT
3556 Timeout.queuewarn.non-urgent
3557 [undefined] As above, for non-urgent
3558 (low) priority messages.
3559 confTO_QUEUEWARN_DSN
3560 Timeout.queuewarn.dsn
3561 [undefined] As above, for delivery
3562 status notification messages.
3563 confTO_HOSTSTATUS Timeout.hoststatus
3564 [30m] How long information about host
3565 statuses will be maintained before it
3566 is considered stale and the host should
3567 be retried. This applies both within
3568 a single queue run and to persistent
3569 information (see below).
3570 confTO_RESOLVER_RETRANS Timeout.resolver.retrans
3571 [varies] Sets the resolver's
3572 retransmission time interval (in
3573 seconds). Sets both
3574 Timeout.resolver.retrans.first and
3575 Timeout.resolver.retrans.normal.
3576 confTO_RESOLVER_RETRANS_FIRST Timeout.resolver.retrans.first
3577 [varies] Sets the resolver's
3578 retransmission time interval (in
3579 seconds) for the first attempt to
3580 deliver a message.
3581 confTO_RESOLVER_RETRANS_NORMAL Timeout.resolver.retrans.normal
3582 [varies] Sets the resolver's
3583 retransmission time interval (in
3584 seconds) for all resolver lookups
3585 except the first delivery attempt.
3586 confTO_RESOLVER_RETRY Timeout.resolver.retry
3587 [varies] Sets the number of times
3588 to retransmit a resolver query.
3589 Sets both
3590 Timeout.resolver.retry.first and
3591 Timeout.resolver.retry.normal.
3592 confTO_RESOLVER_RETRY_FIRST Timeout.resolver.retry.first
3593 [varies] Sets the number of times
3594 to retransmit a resolver query for
3595 the first attempt to deliver a
3596 message.
3597 confTO_RESOLVER_RETRY_NORMAL Timeout.resolver.retry.normal
3598 [varies] Sets the number of times
3599 to retransmit a resolver query for
3600 all resolver lookups except the
3601 first delivery attempt.
3602 confTIME_ZONE TimeZoneSpec [USE_SYSTEM] Time zone info -- can be
3603 USE_SYSTEM to use the system's idea,
3604 USE_TZ to use the user's TZ envariable,
3605 or something else to force that value.
3606 confDEF_USER_ID DefaultUser [1:1] Default user id.
3607 confUSERDB_SPEC UserDatabaseSpec
3608 [undefined] User database
3609 specification.
3610 confFALLBACK_MX FallbackMXhost [undefined] Fallback MX host.
3611 confFALLBACK_SMARTHOST FallbackSmartHost
3612 [undefined] Fallback smart host.
3613 confTRY_NULL_MX_LIST TryNullMXList [False] If this host is the best MX
3614 for a host and other arrangements
3615 haven't been made, try connecting
3616 to the host directly; normally this
3617 would be a config error.
3618 confQUEUE_LA QueueLA [varies] Load average at which
3619 queue-only function kicks in.
3620 Default values is (8 * numproc)
3621 where numproc is the number of
3622 processors online (if that can be
3623 determined).
3624 confREFUSE_LA RefuseLA [varies] Load average at which
3625 incoming SMTP connections are
3626 refused. Default values is (12 *
3627 numproc) where numproc is the
3628 number of processors online (if
3629 that can be determined).
3630 confREJECT_LOG_INTERVAL RejectLogInterval [3h] Log interval when
3631 refusing connections for this long.
3632 confDELAY_LA DelayLA [0] Load average at which sendmail
3633 will sleep for one second on most
3634 SMTP commands and before accepting
3635 connections. 0 means no limit.
3636 confMAX_ALIAS_RECURSION MaxAliasRecursion
3637 [10] Maximum depth of alias recursion.
3638 confMAX_DAEMON_CHILDREN MaxDaemonChildren
3639 [undefined] The maximum number of
3640 children the daemon will permit. After
3641 this number, connections will be
3642 rejected. If not set or <= 0, there is
3643 no limit.
3644 confMAX_HEADERS_LENGTH MaxHeadersLength
3645 [32768] Maximum length of the sum
3646 of all headers.
3647 confMAX_MIME_HEADER_LENGTH MaxMimeHeaderLength
3648 [undefined] Maximum length of
3649 certain MIME header field values.
3650 confCONNECTION_RATE_THROTTLE ConnectionRateThrottle
3651 [undefined] The maximum number of
3652 connections permitted per second per
3653 daemon. After this many connections
3654 are accepted, further connections
3655 will be delayed. If not set or <= 0,
3656 there is no limit.
3657 confCONNECTION_RATE_WINDOW_SIZE ConnectionRateWindowSize
3658 [60s] Define the length of the
3659 interval for which the number of
3660 incoming connections is maintained.
3661 confWORK_RECIPIENT_FACTOR
3662 RecipientFactor [30000] Cost of each recipient.
3663 confSEPARATE_PROC ForkEachJob [False] Run all deliveries in a
3664 separate process.
3665 confWORK_CLASS_FACTOR ClassFactor [1800] Priority multiplier for class.
3666 confWORK_TIME_FACTOR RetryFactor [90000] Cost of each delivery attempt.
3667 confQUEUE_SORT_ORDER QueueSortOrder [Priority] Queue sort algorithm:
3668 Priority, Host, Filename, Random,
3669 Modification, or Time.
3670 confMIN_QUEUE_AGE MinQueueAge [0] The minimum amount of time a job
3671 must sit in the queue between queue
3672 runs. This allows you to set the
3673 queue run interval low for better
3674 responsiveness without trying all
3675 jobs in each run.
3676 confDEF_CHAR_SET DefaultCharSet [unknown-8bit] When converting
3677 unlabeled 8 bit input to MIME, the
3678 character set to use by default.
3679 confSERVICE_SWITCH_FILE ServiceSwitchFile
3680 [/etc/mail/service.switch] The file
3681 to use for the service switch on
3682 systems that do not have a
3683 system-defined switch.
3684 confHOSTS_FILE HostsFile [/etc/hosts] The file to use when doing
3685 "file" type access of hosts names.
3686 confDIAL_DELAY DialDelay [0s] If a connection fails, wait this
3687 long and try again. Zero means "don't
3688 retry". This is to allow "dial on
3689 demand" connections to have enough time
3690 to complete a connection.
3691 confNO_RCPT_ACTION NoRecipientAction
3692 [none] What to do if there are no legal
3693 recipient fields (To:, Cc: or Bcc:)
3694 in the message. Legal values can
3695 be "none" to just leave the
3696 nonconforming message as is, "add-to"
3697 to add a To: header with all the
3698 known recipients (which may expose
3699 blind recipients), "add-apparently-to"
3700 to do the same but use Apparently-To:
3701 instead of To: (strongly discouraged
3702 in accordance with IETF standards),
3703 "add-bcc" to add an empty Bcc:
3704 header, or "add-to-undisclosed" to
3705 add the header
3706 ``To: undisclosed-recipients:;''.
3707 confSAFE_FILE_ENV SafeFileEnvironment
3708 [undefined] If set, sendmail will do a
3709 chroot() into this directory before
3710 writing files.
3711 confCOLON_OK_IN_ADDR ColonOkInAddr [True unless Configuration Level > 6]
3712 If set, colons are treated as a regular
3713 character in addresses. If not set,
3714 they are treated as the introducer to
3715 the RFC 822 "group" syntax. Colons are
3716 handled properly in route-addrs. This
3717 option defaults on for V5 and lower
3718 configuration files.
3719 confMAX_QUEUE_RUN_SIZE MaxQueueRunSize [0] If set, limit the maximum size of
3720 any given queue run to this number of
3721 entries. Essentially, this will stop
3722 reading each queue directory after this
3723 number of entries are reached; it does
3724 _not_ pick the highest priority jobs,
3725 so this should be as large as your
3726 system can tolerate. If not set, there
3727 is no limit.
3728 confMAX_QUEUE_CHILDREN MaxQueueChildren
3729 [undefined] Limits the maximum number
3730 of concurrent queue runners active.
3731 This is to keep system resources used
3732 within a reasonable limit. Relates to
3733 Queue Groups and ForkEachJob.
3734 confMAX_RUNNERS_PER_QUEUE MaxRunnersPerQueue
3735 [1] Only active when MaxQueueChildren
3736 defined. Controls the maximum number
3737 of queue runners (aka queue children)
3738 active at the same time in a work
3739 group. See also MaxQueueChildren.
3740 confDONT_EXPAND_CNAMES DontExpandCnames
3741 [False] If set, $[ ... $] lookups that
3742 do DNS based lookups do not expand
3743 CNAME records. This currently violates
3744 the published standards, but the IETF
3745 seems to be moving toward legalizing
3746 this. For example, if "FTP.Foo.ORG"
3747 is a CNAME for "Cruft.Foo.ORG", then
3748 with this option set a lookup of
3749 "FTP" will return "FTP.Foo.ORG"; if
3750 clear it returns "Cruft.FOO.ORG". N.B.
3751 you may not see any effect until your
3752 downstream neighbors stop doing CNAME
3753 lookups as well.
3754 confFROM_LINE UnixFromLine [From $g $d] The From_ line used
3755 when sending to files or programs.
3756 confSINGLE_LINE_FROM_HEADER SingleLineFromHeader
3757 [False] From: lines that have
3758 embedded newlines are unwrapped
3759 onto one line.
3760 confALLOW_BOGUS_HELO AllowBogusHELO [False] Allow HELO SMTP command that
3761 does not include a host name.
3762 confMUST_QUOTE_CHARS MustQuoteChars [.'] Characters to be quoted in a full
3763 name phrase (@,;:\()[] are automatic).
3764 confOPERATORS OperatorChars [.:%@!^/[]+] Address operator
3765 characters.
3766 confSMTP_LOGIN_MSG SmtpGreetingMessage
3767 [$j Sendmail $v/$Z; $b]
3768 The initial (spontaneous) SMTP
3769 greeting message. The word "ESMTP"
3770 will be inserted between the first and
3771 second words to convince other
3772 sendmails to try to speak ESMTP.
3773 confDONT_INIT_GROUPS DontInitGroups [False] If set, the initgroups(3)
3774 routine will never be invoked. You
3775 might want to do this if you are
3776 running NIS and you have a large group
3777 map, since this call does a sequential
3778 scan of the map; in a large site this
3779 can cause your ypserv to run
3780 essentially full time. If you set
3781 this, agents run on behalf of users
3782 will only have their primary
3783 (/etc/passwd) group permissions.
3784 confUNSAFE_GROUP_WRITES UnsafeGroupWrites
3785 [True] If set, group-writable
3786 :include: and .forward files are
3787 considered "unsafe", that is, programs
3788 and files cannot be directly referenced
3789 from such files. World-writable files
3790 are always considered unsafe.
3791 Notice: this option is deprecated and
3792 will be removed in future versions;
3793 Set GroupWritableForwardFileSafe
3794 and GroupWritableIncludeFileSafe in
3795 DontBlameSendmail if required.
3796 confCONNECT_ONLY_TO ConnectOnlyTo [undefined] override connection
3797 address (for testing).
3798 confCONTROL_SOCKET_NAME ControlSocketName
3799 [undefined] Control socket for daemon
3800 management.
3801 confDOUBLE_BOUNCE_ADDRESS DoubleBounceAddress
3802 [postmaster] If an error occurs when
3803 sending an error message, send that
3804 "double bounce" error message to this
3805 address. If it expands to an empty
3806 string, double bounces are dropped.
3807 confSOFT_BOUNCE SoftBounce [False] If set, issue temporary errors
3808 (4xy) instead of permanent errors
3809 (5xy). This can be useful during
3810 testing of a new configuration to
3811 avoid erroneous bouncing of mails.
3812 confDEAD_LETTER_DROP DeadLetterDrop [undefined] Filename to save bounce
3813 messages which could not be returned
3814 to the user or sent to postmaster.
3815 If not set, the queue file will
3816 be renamed.
3817 confRRT_IMPLIES_DSN RrtImpliesDsn [False] Return-Receipt-To: header
3818 implies DSN request.
3819 confRUN_AS_USER RunAsUser [undefined] If set, become this user
3820 when reading and delivering mail.
3821 Causes all file reads (e.g., .forward
3822 and :include: files) to be done as
3823 this user. Also, all programs will
3824 be run as this user, and all output
3825 files will be written as this user.
3826 confMAX_RCPTS_PER_MESSAGE MaxRecipientsPerMessage
3827 [infinite] If set, allow no more than
3828 the specified number of recipients in
3829 an SMTP envelope. Further recipients
3830 receive a 452 error code (i.e., they
3831 are deferred for the next delivery
3832 attempt).
3833 confBAD_RCPT_THROTTLE BadRcptThrottle [infinite] If set and the specified
3834 number of recipients in a single SMTP
3835 transaction have been rejected, sleep
3836 for one second after each subsequent
3837 RCPT command in that transaction.
3838 confDONT_PROBE_INTERFACES DontProbeInterfaces
3839 [False] If set, sendmail will _not_
3840 insert the names and addresses of any
3841 local interfaces into class {w}
3842 (list of known "equivalent" addresses).
3843 If you set this, you must also include
3844 some support for these addresses (e.g.,
3845 in a mailertable entry) -- otherwise,
3846 mail to addresses in this list will
3847 bounce with a configuration error.
3848 If set to "loopback" (without
3849 quotes), sendmail will skip
3850 loopback interfaces (e.g., "lo0").
3851 confPID_FILE PidFile [system dependent] Location of pid
3852 file.
3853 confPROCESS_TITLE_PREFIX ProcessTitlePrefix
3854 [undefined] Prefix string for the
3855 process title shown on 'ps' listings.
3856 confDONT_BLAME_SENDMAIL DontBlameSendmail
3857 [safe] Override sendmail's file
3858 safety checks. This will definitely
3859 compromise system security and should
3860 not be used unless absolutely
3861 necessary.
3862 confREJECT_MSG - [550 Access denied] The message
3863 given if the access database contains
3864 REJECT in the value portion.
3865 confRELAY_MSG - [550 Relaying denied] The message
3866 given if an unauthorized relaying
3867 attempt is rejected.
3868 confDF_BUFFER_SIZE DataFileBufferSize
3869 [4096] The maximum size of a
3870 memory-buffered data (df) file
3871 before a disk-based file is used.
3872 confXF_BUFFER_SIZE XScriptFileBufferSize
3873 [4096] The maximum size of a
3874 memory-buffered transcript (xf)
3875 file before a disk-based file is
3876 used.
3877 confTLS_SRV_OPTIONS TLSSrvOptions If this option is 'V' no client
3878 verification is performed, i.e.,
3879 the server doesn't ask for a
3880 certificate.
3881 confLDAP_DEFAULT_SPEC LDAPDefaultSpec [undefined] Default map
3882 specification for LDAP maps. The
3883 value should only contain LDAP
3884 specific settings such as "-h host
3885 -p port -d bindDN", etc. The
3886 settings will be used for all LDAP
3887 maps unless they are specified in
3888 the individual map specification
3889 ('K' command).
3890 confCACERT_PATH CACertPath [undefined] Path to directory
3891 with certs of CAs.
3892 confCACERT CACertFile [undefined] File containing one CA
3893 cert.
3894 confSERVER_CERT ServerCertFile [undefined] File containing the
3895 cert of the server, i.e., this cert
3896 is used when sendmail acts as
3897 server.
3898 confSERVER_KEY ServerKeyFile [undefined] File containing the
3899 private key belonging to the server
3900 cert.
3901 confCLIENT_CERT ClientCertFile [undefined] File containing the
3902 cert of the client, i.e., this cert
3903 is used when sendmail acts as
3904 client.
3905 confCLIENT_KEY ClientKeyFile [undefined] File containing the
3906 private key belonging to the client
3907 cert.
3908 confCRL CRLFile [undefined] File containing certificate
3909 revocation status, useful for X.509v3
3910 authentication. Note that CRL requires
3911 at least OpenSSL version 0.9.7.
3912 confDH_PARAMETERS DHParameters [undefined] File containing the
3913 DH parameters.
3914 confRAND_FILE RandFile [undefined] File containing random
3915 data (use prefix file:) or the
3916 name of the UNIX socket if EGD is
3917 used (use prefix egd:). STARTTLS
3918 requires this option if the compile
3919 flag HASURANDOM is not set (see
3920 sendmail/README).
3921 confNICE_QUEUE_RUN NiceQueueRun [undefined] If set, the priority of
3922 queue runners is set the given value
3923 (nice(3)).
3924 confDIRECT_SUBMISSION_MODIFIERS DirectSubmissionModifiers
3925 [undefined] Defines {daemon_flags}
3926 for direct submissions.
3927 confUSE_MSP UseMSP [undefined] Use as mail submission
3928 program.
3929 confDELIVER_BY_MIN DeliverByMin [0] Minimum time for Deliver By
3930 SMTP Service Extension (RFC 2852).
3931 confREQUIRES_DIR_FSYNC RequiresDirfsync [true] RequiresDirfsync can
3932 be used to turn off the compile time
3933 flag REQUIRES_DIR_FSYNC at runtime.
3934 See sendmail/README for details.
3935 confSHARED_MEMORY_KEY SharedMemoryKey [0] Key for shared memory.
3936 confSHARED_MEMORY_KEY_FILE
3937 SharedMemoryKeyFile
3938 [undefined] File where the
3939 automatically selected key for
3940 shared memory is stored.
3941 confFAST_SPLIT FastSplit [1] If set to a value greater than
3942 zero, the initial MX lookups on
3943 addresses is suppressed when they
3944 are sorted which may result in
3945 faster envelope splitting. If the
3946 mail is submitted directly from the
3947 command line, then the value also
3948 limits the number of processes to
3949 deliver the envelopes.
3950 confMAILBOX_DATABASE MailboxDatabase [pw] Type of lookup to find
3951 information about local mailboxes.
3952 confDEQUOTE_OPTS - [empty] Additional options for the
3953 dequote map.
3954 confMAX_NOOP_COMMANDS MaxNOOPCommands [20] Maximum number of "useless"
3955 commands before the SMTP server
3956 will slow down responding.
3957 confHELO_NAME HeloName If defined, use as name for EHLO/HELO
3958 command (instead of $j).
3959 confINPUT_MAIL_FILTERS InputMailFilters
3960 A comma separated list of filters
3961 which determines which filters and
3962 the invocation sequence are
3963 contacted for incoming SMTP
3964 messages. If none are set, no
3965 filters will be contacted.
3966 confMILTER_LOG_LEVEL Milter.LogLevel [9] Log level for input mail filter
3967 actions, defaults to LogLevel.
3968 confMILTER_MACROS_CONNECT Milter.macros.connect
3969 [j, _, {daemon_name}, {if_name},
3970 {if_addr}] Macros to transmit to
3971 milters when a session connection
3972 starts.
3973 confMILTER_MACROS_HELO Milter.macros.helo
3974 [{tls_version}, {cipher},
3975 {cipher_bits}, {cert_subject},
3976 {cert_issuer}] Macros to transmit to
3977 milters after HELO/EHLO command.
3978 confMILTER_MACROS_ENVFROM Milter.macros.envfrom
3979 [i, {auth_type}, {auth_authen},
3980 {auth_ssf}, {auth_author},
3981 {mail_mailer}, {mail_host},
3982 {mail_addr}] Macros to transmit to
3983 milters after MAIL FROM command.
3984 confMILTER_MACROS_ENVRCPT Milter.macros.envrcpt
3985 [{rcpt_mailer}, {rcpt_host},
3986 {rcpt_addr}] Macros to transmit to
3987 milters after RCPT TO command.
3988 confMILTER_MACROS_EOM Milter.macros.eom
3989 [{msg_id}] Macros to transmit to
3990 milters after the terminating
3991 DATA '.' is received.
3992 confMILTER_MACROS_EOH Milter.macros.eoh
3993 Macros to transmit to milters
3994 after the end of headers.
3995 confMILTER_MACROS_DATA Milter.macros.data
3996 Macros to transmit to milters
3997 after DATA command is received.
4000 See also the description of OSTYPE for some parameters that can be
4001 tweaked (generally pathnames to mailers).
4003 ClientPortOptions and DaemonPortOptions are special cases since multiple
4004 clients/daemons can be defined. This can be done via
4006 CLIENT_OPTIONS(`field1=value1,field2=value2,...')
4007 DAEMON_OPTIONS(`field1=value1,field2=value2,...')
4009 Note that multiple CLIENT_OPTIONS() commands (and therefore multiple
4010 ClientPortOptions settings) are allowed in order to give settings for each
4011 protocol family (e.g., one for Family=inet and one for Family=inet6). A
4012 restriction placed on one family only affects outgoing connections on that
4013 particular family.
4015 If DAEMON_OPTIONS is not used, then the default is
4017 DAEMON_OPTIONS(`Port=smtp, Name=MTA')
4018 DAEMON_OPTIONS(`Port=587, Name=MSA, M=E')
4020 If you use one DAEMON_OPTIONS macro, it will alter the parameters
4021 of the first of these. The second will still be defaulted; it
4022 represents a "Message Submission Agent" (MSA) as defined by RFC
4023 2476 (see below). To turn off the default definition for the MSA,
4024 use FEATURE(`no_default_msa') (see also FEATURES). If you use
4025 additional DAEMON_OPTIONS macros, they will add additional daemons.
4027 Example 1: To change the port for the SMTP listener, while
4028 still using the MSA default, use
4029 DAEMON_OPTIONS(`Port=925, Name=MTA')
4031 Example 2: To change the port for the MSA daemon, while still
4032 using the default SMTP port, use
4033 FEATURE(`no_default_msa')
4034 DAEMON_OPTIONS(`Name=MTA')
4035 DAEMON_OPTIONS(`Port=987, Name=MSA, M=E')
4037 Note that if the first of those DAEMON_OPTIONS lines were omitted, then
4038 there would be no listener on the standard SMTP port.
4040 Example 3: To listen on both IPv4 and IPv6 interfaces, use
4042 DAEMON_OPTIONS(`Name=MTA-v4, Family=inet')
4043 DAEMON_OPTIONS(`Name=MTA-v6, Family=inet6')
4045 A "Message Submission Agent" still uses all of the same rulesets for
4046 processing the message (and therefore still allows message rejection via
4047 the check_* rulesets). In accordance with the RFC, the MSA will ensure
4048 that all domains in envelope addresses are fully qualified if the message
4049 is relayed to another MTA. It will also enforce the normal address syntax
4050 rules and log error messages. Additionally, by using the M=a modifier you
4051 can require authentication before messages are accepted by the MSA.
4052 Notice: Do NOT use the 'a' modifier on a public accessible MTA! Finally,
4053 the M=E modifier shown above disables ETRN as required by RFC 2476.
4055 Mail filters can be defined using the INPUT_MAIL_FILTER() and MAIL_FILTER()
4056 commands:
4058 INPUT_MAIL_FILTER(`sample', `S=local:/var/run/f1.sock')
4059 MAIL_FILTER(`myfilter', `S=inet:3333@localhost')
4061 The INPUT_MAIL_FILTER() command causes the filter(s) to be called in the
4062 same order they were specified by also setting confINPUT_MAIL_FILTERS. A
4063 filter can be defined without adding it to the input filter list by using
4064 MAIL_FILTER() instead of INPUT_MAIL_FILTER() in your .mc file.
4065 Alternatively, you can reset the list of filters and their order by setting
4066 confINPUT_MAIL_FILTERS option after all INPUT_MAIL_FILTER() commands in
4067 your .mc file.
4070 +----------------------------+
4071 | MESSAGE SUBMISSION PROGRAM |
4072 +----------------------------+
4074 This section contains a list of caveats and
4075 a few hints how for those who want to tweak the default configuration
4076 for it (which is installed as submit.cf).
4078 Notice: do not add options/features to submit.mc unless you are
4079 absolutely sure you need them. Options you may want to change
4080 include:
4082 - confTRUSTED_USERS, FEATURE(`use_ct_file'), and confCT_FILE for
4083 avoiding X-Authentication warnings.
4084 - confTIME_ZONE to change it from the default `USE_TZ'.
4085 - confDELIVERY_MODE is set to interactive in msp.m4 instead
4086 of the default background mode.
4087 - FEATURE(stickyhost) and LOCAL_RELAY to send unqualified addresses
4088 to the LOCAL_RELAY instead of the default relay.
4090 The MSP performs hostname canonicalization by default. Mail may end
4091 up for various DNS related reasons in the MSP queue. This problem
4092 can be minimized by using
4094 FEATURE(`nocanonify', `canonify_hosts')
4095 define(`confDIRECT_SUBMISSION_MODIFIERS', `C')
4097 See the discussion about nocanonify for possible side effects.
4099 Some things are not intended to work with the MSP. These include
4100 features that influence the delivery process (e.g., mailertable,
4101 aliases), or those that are only important for a SMTP server (e.g.,
4102 virtusertable, DaemonPortOptions, multiple queues). Moreover,
4103 relaxing certain restrictions (RestrictQueueRun, permissions on
4104 queue directory) or adding features (e.g., enabling prog/file mailer)
4105 can cause security problems.
4107 Other things don't work well with the MSP and require tweaking or
4108 workarounds.
4110 The file and the map created by makemap should be owned by smmsp,
4111 its group should be smmsp, and it should have mode 640.
4113 feature/msp.m4 defines almost all settings for the MSP. Most of
4114 those should not be changed at all. Some of the features and options
4115 can be overridden if really necessary. It is a bit tricky to do
4116 this, because it depends on the actual way the option is defined
4117 in feature/msp.m4. If it is directly defined (i.e., define()) then
4118 the modified value must be defined after
4120 FEATURE(`msp')
4122 If it is conditionally defined (i.e., ifdef()) then the desired
4123 value must be defined before the FEATURE line in the .mc file.
4124 To see how the options are defined read feature/msp.m4.
4127 +--------------------------+
4128 | FORMAT OF FILES AND MAPS |
4129 +--------------------------+
4131 Files that define classes, i.e., F{classname}, consist of lines
4132 each of which contains a single element of the class. For example,
4133 /etc/mail/local-host-names may have the following content:
4135 my.domain
4136 another.domain
4138 Maps must be created using makemap(8) , e.g.,
4140 makemap hash MAP < MAP
4142 In general, a text file from which a map is created contains lines
4143 of the form
4145 key value
4147 where 'key' and 'value' are also called LHS and RHS, respectively.
4148 By default, the delimiter between LHS and RHS is a non-empty sequence
4149 of white space characters.
4152 +------------------+
4153 | DIRECTORY LAYOUT |
4154 +------------------+
4156 Within this directory are several subdirectories, to wit:
4158 m4 General support routines. These are typically
4159 very important and should not be changed without
4160 very careful consideration.
4162 cf The configuration files themselves. They have
4163 ".mc" suffixes, and must be run through m4 to
4164 become complete. The resulting output should
4165 have a ".cf" suffix.
4167 ostype Definitions describing a particular operating
4168 system type. These should always be referenced
4169 using the OSTYPE macro in the .mc file. Examples
4170 include "bsd4.3", "bsd4.4", "sunos3.5", and
4171 "sunos4.1".
4173 domain Definitions describing a particular domain, referenced
4174 using the DOMAIN macro in the .mc file. These are
4175 site dependent; for example, "CS.Berkeley.EDU.m4"
4176 describes hosts in the CS.Berkeley.EDU subdomain.
4178 mailer Descriptions of mailers. These are referenced using
4179 the MAILER macro in the .mc file.
4181 sh Shell files used when building the .cf file from the
4182 .mc file in the cf subdirectory.
4184 feature These hold special orthogonal features that you might
4185 want to include. They should be referenced using
4186 the FEATURE macro.
4188 hack Local hacks. These can be referenced using the HACK
4189 macro. They shouldn't be of more than voyeuristic
4190 interest outside the .Berkeley.EDU domain, but who knows?
4192 siteconfig Site configuration -- e.g., tables of locally connected
4193 UUCP sites.
4196 +------------------------+
4197 | ADMINISTRATIVE DETAILS |
4198 +------------------------+
4200 The following sections detail usage of certain internal parts of the
4201 sendmail.cf file. Read them carefully if you are trying to modify
4202 the current model. If you find the above descriptions adequate, these
4203 should be {boring, confusing, tedious, ridiculous} (pick one or more).
4205 RULESETS (* means built in to sendmail)
4207 0 * Parsing
4208 1 * Sender rewriting
4209 2 * Recipient rewriting
4210 3 * Canonicalization
4211 4 * Post cleanup
4212 5 * Local address rewrite (after aliasing)
4213 1x mailer rules (sender qualification)
4214 2x mailer rules (recipient qualification)
4215 3x mailer rules (sender header qualification)
4216 4x mailer rules (recipient header qualification)
4217 5x mailer subroutines (general)
4218 6x mailer subroutines (general)
4219 7x mailer subroutines (general)
4220 8x reserved
4221 90 Mailertable host stripping
4222 96 Bottom half of Ruleset 3 (ruleset 6 in old sendmail)
4223 97 Hook for recursive ruleset 0 call (ruleset 7 in old sendmail)
4224 98 Local part of ruleset 0 (ruleset 8 in old sendmail)
4227 MAILERS
4229 0 local, prog local and program mailers
4230 1 [e]smtp, relay SMTP channel
4231 2 uucp-* UNIX-to-UNIX Copy Program
4232 3 netnews Network News delivery
4233 4 fax Sam Leffler's HylaFAX software
4234 5 mail11 DECnet mailer
4237 MACROS
4239 A
4240 B Bitnet Relay
4241 C DECnet Relay
4242 D The local domain -- usually not needed
4243 E reserved for X.400 Relay
4244 F FAX Relay
4245 G
4246 H mail Hub (for mail clusters)
4247 I
4248 J
4249 K
4250 L Luser Relay
4251 M Masquerade (who you claim to be)
4252 N
4253 O
4254 P
4255 Q
4256 R Relay (for unqualified names)
4257 S Smart Host
4258 T
4259 U my UUCP name (if you have a UUCP connection)
4260 V UUCP Relay (class {V} hosts)
4261 W UUCP Relay (class {W} hosts)
4262 X UUCP Relay (class {X} hosts)
4263 Y UUCP Relay (all other hosts)
4264 Z Version number
4267 CLASSES
4269 A
4270 B domains that are candidates for bestmx lookup
4271 C
4272 D
4273 E addresses that should not seem to come from $M
4274 F hosts this system forward for
4275 G domains that should be looked up in genericstable
4276 H
4277 I
4278 J
4279 K
4280 L addresses that should not be forwarded to $R
4281 M domains that should be mapped to $M
4282 N host/domains that should not be mapped to $M
4283 O operators that indicate network operations (cannot be in local names)
4284 P top level pseudo-domains: BITNET, DECNET, FAX, UUCP, etc.
4285 Q
4286 R domains this system is willing to relay (pass anti-spam filters)
4287 S
4288 T
4289 U locally connected UUCP hosts
4290 V UUCP hosts connected to relay $V
4291 W UUCP hosts connected to relay $W
4292 X UUCP hosts connected to relay $X
4293 Y locally connected smart UUCP hosts
4294 Z locally connected domain-ized UUCP hosts
4295 . the class containing only a dot
4296 [ the class containing only a left bracket
4299 M4 DIVERSIONS
4301 1 Local host detection and resolution
4302 2 Local Ruleset 3 additions
4303 3 Local Ruleset 0 additions
4304 4 UUCP Ruleset 0 additions
4305 5 locally interpreted names (overrides $R)
4306 6 local configuration (at top of file)
4307 7 mailer definitions
4308 8 DNS based blacklists
4309 9 special local rulesets (1 and 2)
4311 $Revision: 8.727 $, Last updated $Date: 2009/05/07 23:46:17 $