aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGregory Neil Shapiro <gshapiro@FreeBSD.org>2000-08-12 21:55:49 +0000
committerGregory Neil Shapiro <gshapiro@FreeBSD.org>2000-08-12 21:55:49 +0000
commit06f25ae9f1d6020a600a10f713046203d1a82570 (patch)
tree6d207932926718f38869bd08959330c09f4f3e0d
parentb518ca7de5820956700c15009494373b46ec0dbd (diff)
downloadsrc-06f25ae9f1d6020a600a10f713046203d1a82570.tar.gz
src-06f25ae9f1d6020a600a10f713046203d1a82570.zip
Import of sendmail version 8.11.0 into vendor branch SENDMAIL with
release tag v8_11_0. Obtained from: ftp://ftp.sendmail.org/pub/sendmail/
Notes
Notes: svn path=/vendor/sendmail/dist/; revision=64562
-rwxr-xr-xcontrib/sendmail/Build13
-rw-r--r--contrib/sendmail/FAQ2
-rw-r--r--contrib/sendmail/INSTALL33
-rw-r--r--contrib/sendmail/KNOWNBUGS42
-rw-r--r--contrib/sendmail/LICENSE24
-rw-r--r--contrib/sendmail/Makefile25
-rw-r--r--contrib/sendmail/PGPKEYS392
-rw-r--r--contrib/sendmail/README213
-rw-r--r--contrib/sendmail/RELEASE_NOTES2926
-rw-r--r--contrib/sendmail/cf/README1798
-rwxr-xr-xcontrib/sendmail/cf/cf/Build7
-rw-r--r--contrib/sendmail/cf/cf/Makefile53
-rw-r--r--contrib/sendmail/cf/cf/chez.cs.mc5
-rw-r--r--contrib/sendmail/cf/cf/clientproto.mc10
-rw-r--r--contrib/sendmail/cf/cf/cs-hpux10.mc5
-rw-r--r--contrib/sendmail/cf/cf/cs-hpux9.mc5
-rw-r--r--contrib/sendmail/cf/cf/cs-osf1.mc5
-rw-r--r--contrib/sendmail/cf/cf/cs-solaris2.mc5
-rw-r--r--contrib/sendmail/cf/cf/cs-sunos4.1.mc5
-rw-r--r--contrib/sendmail/cf/cf/cs-ultrix4.mc5
-rw-r--r--contrib/sendmail/cf/cf/cyrusproto.mc29
-rw-r--r--contrib/sendmail/cf/cf/generic-bsd4.4.mc5
-rw-r--r--contrib/sendmail/cf/cf/generic-hpux10.mc5
-rw-r--r--contrib/sendmail/cf/cf/generic-hpux9.mc5
-rw-r--r--contrib/sendmail/cf/cf/generic-linux.mc27
-rw-r--r--contrib/sendmail/cf/cf/generic-nextstep3.3.mc5
-rw-r--r--contrib/sendmail/cf/cf/generic-osf1.mc5
-rw-r--r--contrib/sendmail/cf/cf/generic-solaris2.mc5
-rw-r--r--contrib/sendmail/cf/cf/generic-sunos4.1.mc5
-rw-r--r--contrib/sendmail/cf/cf/generic-ultrix4.mc5
-rw-r--r--contrib/sendmail/cf/cf/huginn.cs.mc5
-rw-r--r--contrib/sendmail/cf/cf/knecht.mc14
-rw-r--r--contrib/sendmail/cf/cf/mail.cs.mc5
-rw-r--r--contrib/sendmail/cf/cf/mail.eecs.mc5
-rw-r--r--contrib/sendmail/cf/cf/mailspool.cs.mc5
-rw-r--r--contrib/sendmail/cf/cf/python.cs.mc5
-rw-r--r--contrib/sendmail/cf/cf/s2k-osf1.mc5
-rw-r--r--contrib/sendmail/cf/cf/s2k-ultrix4.mc5
-rw-r--r--contrib/sendmail/cf/cf/tcpproto.mc5
-rw-r--r--contrib/sendmail/cf/cf/ucbarpa.mc5
-rw-r--r--contrib/sendmail/cf/cf/ucbvax.mc5
-rw-r--r--contrib/sendmail/cf/cf/uucpproto.mc5
-rw-r--r--contrib/sendmail/cf/cf/vangogh.cs.mc5
-rw-r--r--contrib/sendmail/cf/domain/Berkeley.EDU.m45
-rw-r--r--contrib/sendmail/cf/domain/CS.Berkeley.EDU.m45
-rw-r--r--contrib/sendmail/cf/domain/EECS.Berkeley.EDU.m45
-rw-r--r--contrib/sendmail/cf/domain/S2K.Berkeley.EDU.m45
-rw-r--r--contrib/sendmail/cf/domain/berkeley-only.m45
-rw-r--r--contrib/sendmail/cf/domain/generic.m411
-rw-r--r--contrib/sendmail/cf/feature/accept_unqualified_senders.m45
-rw-r--r--contrib/sendmail/cf/feature/accept_unresolvable_domains.m45
-rw-r--r--contrib/sendmail/cf/feature/access_db.m417
-rw-r--r--contrib/sendmail/cf/feature/allmasquerade.m46
-rw-r--r--contrib/sendmail/cf/feature/always_add_domain.m45
-rw-r--r--contrib/sendmail/cf/feature/bestmx_is_local.m416
-rw-r--r--contrib/sendmail/cf/feature/bitdomain.m417
-rw-r--r--contrib/sendmail/cf/feature/blacklist_recipients.m47
-rw-r--r--contrib/sendmail/cf/feature/delay_checks.m422
-rw-r--r--contrib/sendmail/cf/feature/dnsbl.m425
-rw-r--r--contrib/sendmail/cf/feature/domaintable.m416
-rw-r--r--contrib/sendmail/cf/feature/generics_entire_domain.m416
-rw-r--r--contrib/sendmail/cf/feature/genericstable.m417
-rw-r--r--contrib/sendmail/cf/feature/ldap_routing.m434
-rw-r--r--contrib/sendmail/cf/feature/limited_masquerade.m45
-rw-r--r--contrib/sendmail/cf/feature/local_lmtp.m414
-rw-r--r--contrib/sendmail/cf/feature/local_procmail.m417
-rw-r--r--contrib/sendmail/cf/feature/loose_relay_check.m45
-rw-r--r--contrib/sendmail/cf/feature/mailertable.m417
-rw-r--r--contrib/sendmail/cf/feature/masquerade_entire_domain.m45
-rw-r--r--contrib/sendmail/cf/feature/masquerade_envelope.m45
-rw-r--r--contrib/sendmail/cf/feature/no_default_msa.m416
-rw-r--r--contrib/sendmail/cf/feature/nocanonify.m410
-rw-r--r--contrib/sendmail/cf/feature/nodns.m47
-rw-r--r--contrib/sendmail/cf/feature/notsticky.m45
-rw-r--r--contrib/sendmail/cf/feature/nouucp.m415
-rw-r--r--contrib/sendmail/cf/feature/nullclient.m449
-rw-r--r--contrib/sendmail/cf/feature/promiscuous_relay.m45
-rw-r--r--contrib/sendmail/cf/feature/rbl.m47
-rw-r--r--contrib/sendmail/cf/feature/redirect.m414
-rw-r--r--contrib/sendmail/cf/feature/relay_based_on_MX.m410
-rw-r--r--contrib/sendmail/cf/feature/relay_entire_domain.m45
-rw-r--r--contrib/sendmail/cf/feature/relay_hosts_only.m45
-rw-r--r--contrib/sendmail/cf/feature/relay_local_from.m45
-rw-r--r--contrib/sendmail/cf/feature/relay_mail_from.m420
-rw-r--r--contrib/sendmail/cf/feature/smrsh.m411
-rw-r--r--contrib/sendmail/cf/feature/stickyhost.m45
-rw-r--r--contrib/sendmail/cf/feature/use_ct_file.m45
-rw-r--r--contrib/sendmail/cf/feature/use_cw_file.m45
-rw-r--r--contrib/sendmail/cf/feature/uucpdomain.m417
-rw-r--r--contrib/sendmail/cf/feature/virtuser_entire_domain.m416
-rw-r--r--contrib/sendmail/cf/feature/virtusertable.m417
-rw-r--r--contrib/sendmail/cf/hack/cssubdomain.m45
-rw-r--r--contrib/sendmail/cf/m4/cf.m45
-rw-r--r--contrib/sendmail/cf/m4/cfhead.m4149
-rw-r--r--contrib/sendmail/cf/m4/proto.m41563
-rw-r--r--contrib/sendmail/cf/m4/version.m47
-rw-r--r--contrib/sendmail/cf/mailer/cyrus.m436
-rw-r--r--contrib/sendmail/cf/mailer/fax.m48
-rw-r--r--contrib/sendmail/cf/mailer/local.m461
-rw-r--r--contrib/sendmail/cf/mailer/mail11.m420
-rw-r--r--contrib/sendmail/cf/mailer/phquery.m413
-rw-r--r--contrib/sendmail/cf/mailer/pop.m413
-rw-r--r--contrib/sendmail/cf/mailer/procmail.m416
-rw-r--r--contrib/sendmail/cf/mailer/qpage.m430
-rw-r--r--contrib/sendmail/cf/mailer/smtp.m4122
-rw-r--r--contrib/sendmail/cf/mailer/usenet.m412
-rw-r--r--contrib/sendmail/cf/mailer/uucp.m490
-rw-r--r--contrib/sendmail/cf/ostype/aix2.m47
-rw-r--r--contrib/sendmail/cf/ostype/aix3.m47
-rw-r--r--contrib/sendmail/cf/ostype/aix4.m47
-rw-r--r--contrib/sendmail/cf/ostype/altos.m49
-rw-r--r--contrib/sendmail/cf/ostype/amdahl-uts.m411
-rw-r--r--contrib/sendmail/cf/ostype/aux.m49
-rw-r--r--contrib/sendmail/cf/ostype/bsd4.3.m45
-rw-r--r--contrib/sendmail/cf/ostype/bsd4.4.m48
-rw-r--r--contrib/sendmail/cf/ostype/bsdi.m417
-rw-r--r--contrib/sendmail/cf/ostype/bsdi1.0.m48
-rw-r--r--contrib/sendmail/cf/ostype/bsdi2.0.m48
-rw-r--r--contrib/sendmail/cf/ostype/darwin.m417
-rw-r--r--contrib/sendmail/cf/ostype/dgux.m47
-rw-r--r--contrib/sendmail/cf/ostype/domainos.m47
-rw-r--r--contrib/sendmail/cf/ostype/dynix3.2.m46
-rw-r--r--contrib/sendmail/cf/ostype/gnu.m421
-rw-r--r--contrib/sendmail/cf/ostype/hpux10.m410
-rw-r--r--contrib/sendmail/cf/ostype/hpux11.m423
-rw-r--r--contrib/sendmail/cf/ostype/hpux9.m49
-rw-r--r--contrib/sendmail/cf/ostype/irix4.m49
-rw-r--r--contrib/sendmail/cf/ostype/irix5.m411
-rw-r--r--contrib/sendmail/cf/ostype/irix6.m413
-rw-r--r--contrib/sendmail/cf/ostype/isc4.1.m410
-rw-r--r--contrib/sendmail/cf/ostype/linux.m410
-rw-r--r--contrib/sendmail/cf/ostype/maxion.m410
-rw-r--r--contrib/sendmail/cf/ostype/mklinux.m410
-rw-r--r--contrib/sendmail/cf/ostype/nextstep.m410
-rw-r--r--contrib/sendmail/cf/ostype/openbsd.m417
-rw-r--r--contrib/sendmail/cf/ostype/osf1.m410
-rw-r--r--contrib/sendmail/cf/ostype/powerux.m410
-rw-r--r--contrib/sendmail/cf/ostype/ptx2.m410
-rw-r--r--contrib/sendmail/cf/ostype/qnx.m48
-rw-r--r--contrib/sendmail/cf/ostype/riscos4.5.m47
-rw-r--r--contrib/sendmail/cf/ostype/sco-uw-2.1.m410
-rw-r--r--contrib/sendmail/cf/ostype/sco3.2.m49
-rw-r--r--contrib/sendmail/cf/ostype/sinix.m49
-rw-r--r--contrib/sendmail/cf/ostype/solaris2.m418
-rw-r--r--contrib/sendmail/cf/ostype/solaris2.ml.m411
-rw-r--r--contrib/sendmail/cf/ostype/solaris2.pre5.m426
-rw-r--r--contrib/sendmail/cf/ostype/sunos3.5.m45
-rw-r--r--contrib/sendmail/cf/ostype/sunos4.1.m45
-rw-r--r--contrib/sendmail/cf/ostype/svr4.m49
-rw-r--r--contrib/sendmail/cf/ostype/ultrix4.m45
-rw-r--r--contrib/sendmail/cf/ostype/unixware7.m413
-rw-r--r--contrib/sendmail/cf/ostype/unknown.m45
-rw-r--r--contrib/sendmail/cf/ostype/uxpds.m49
-rw-r--r--contrib/sendmail/cf/sh/makeinfo.sh5
-rw-r--r--contrib/sendmail/contrib/README4
-rw-r--r--contrib/sendmail/contrib/bitdomain.c14
-rwxr-xr-xcontrib/sendmail/contrib/bounce-resender.pl282
-rw-r--r--contrib/sendmail/contrib/bsdi.mc2
-rwxr-xr-xcontrib/sendmail/contrib/cidrexpand137
-rw-r--r--contrib/sendmail/contrib/domainmap.m490
-rwxr-xr-xcontrib/sendmail/contrib/etrn.pl51
-rwxr-xr-xcontrib/sendmail/contrib/expn.pl2
-rw-r--r--contrib/sendmail/contrib/link_hash.sh36
-rw-r--r--contrib/sendmail/contrib/movemail.conf35
-rwxr-xr-xcontrib/sendmail/contrib/movemail.pl106
-rwxr-xr-xcontrib/sendmail/contrib/passwd-to-alias.pl13
-rw-r--r--contrib/sendmail/contrib/qtool.8206
-rwxr-xr-xcontrib/sendmail/contrib/qtool.pl1190
-rw-r--r--contrib/sendmail/contrib/re-mqueue.pl87
-rwxr-xr-xcontrib/sendmail/contrib/smcontrol.pl6
-rw-r--r--contrib/sendmail/doc/op/Makefile22
-rw-r--r--contrib/sendmail/doc/op/op.me1663
-rw-r--r--contrib/sendmail/include/libmilter/mfapi.h408
-rw-r--r--contrib/sendmail/include/libmilter/milter.h107
-rw-r--r--contrib/sendmail/include/libsmdb/smdb.h379
-rw-r--r--contrib/sendmail/include/sendmail/cdefs.h103
-rw-r--r--contrib/sendmail/include/sendmail/errstring.h73
-rw-r--r--contrib/sendmail/include/sendmail/mailstats.h38
-rw-r--r--contrib/sendmail/include/sendmail/pathnames.h36
-rw-r--r--contrib/sendmail/include/sendmail/sendmail.h177
-rw-r--r--contrib/sendmail/include/sendmail/useful.h63
-rwxr-xr-xcontrib/sendmail/libmilter/Build13
-rw-r--r--contrib/sendmail/libmilter/Makefile17
-rw-r--r--contrib/sendmail/libmilter/Makefile.m415
-rw-r--r--contrib/sendmail/libmilter/README408
-rw-r--r--contrib/sendmail/libmilter/comm.c261
-rw-r--r--contrib/sendmail/libmilter/engine.c1117
-rw-r--r--contrib/sendmail/libmilter/handler.c61
-rw-r--r--contrib/sendmail/libmilter/libmilter.h100
-rw-r--r--contrib/sendmail/libmilter/listener.c581
-rw-r--r--contrib/sendmail/libmilter/main.c132
-rw-r--r--contrib/sendmail/libmilter/signal.c219
-rw-r--r--contrib/sendmail/libmilter/sm_gethost.c99
-rw-r--r--contrib/sendmail/libmilter/smfi.c400
-rwxr-xr-xcontrib/sendmail/libsmdb/Build13
-rw-r--r--contrib/sendmail/libsmdb/Makefile17
-rw-r--r--contrib/sendmail/libsmdb/Makefile.m413
-rw-r--r--contrib/sendmail/libsmdb/smdb.c412
-rw-r--r--contrib/sendmail/libsmdb/smdb1.c507
-rw-r--r--contrib/sendmail/libsmdb/smdb2.c646
-rw-r--r--contrib/sendmail/libsmdb/smndbm.c579
-rwxr-xr-xcontrib/sendmail/libsmutil/Build13
-rw-r--r--contrib/sendmail/libsmutil/Makefile17
-rw-r--r--contrib/sendmail/libsmutil/Makefile.m413
-rw-r--r--contrib/sendmail/libsmutil/debug.c40
-rw-r--r--contrib/sendmail/libsmutil/errstring.c206
-rw-r--r--contrib/sendmail/libsmutil/lockfile.c83
-rw-r--r--contrib/sendmail/libsmutil/safefile.c949
-rw-r--r--contrib/sendmail/libsmutil/snprintf.c430
-rw-r--r--contrib/sendmail/libsmutil/strl.c91
-rwxr-xr-xcontrib/sendmail/mail.local/Build508
-rw-r--r--contrib/sendmail/mail.local/Makefile19
-rw-r--r--contrib/sendmail/mail.local/Makefile.m4109
-rw-r--r--contrib/sendmail/mail.local/README33
-rw-r--r--contrib/sendmail/mail.local/mail.local.8126
-rw-r--r--contrib/sendmail/mail.local/mail.local.c1531
-rwxr-xr-xcontrib/sendmail/mailstats/Build508
-rw-r--r--contrib/sendmail/mailstats/Makefile17
-rw-r--r--contrib/sendmail/mailstats/Makefile.m4107
-rw-r--r--contrib/sendmail/mailstats/mailstats.8147
-rw-r--r--contrib/sendmail/mailstats/mailstats.c144
-rwxr-xr-xcontrib/sendmail/makemap/Build508
-rw-r--r--contrib/sendmail/makemap/Makefile17
-rw-r--r--contrib/sendmail/makemap/Makefile.m4130
-rw-r--r--contrib/sendmail/makemap/makemap.8214
-rw-r--r--contrib/sendmail/makemap/makemap.c1035
-rwxr-xr-xcontrib/sendmail/praliases/Build508
-rw-r--r--contrib/sendmail/praliases/Makefile17
-rw-r--r--contrib/sendmail/praliases/Makefile.m4115
-rw-r--r--contrib/sendmail/praliases/praliases.880
-rw-r--r--contrib/sendmail/praliases/praliases.c483
-rwxr-xr-xcontrib/sendmail/rmail/Build508
-rw-r--r--contrib/sendmail/rmail/Makefile19
-rw-r--r--contrib/sendmail/rmail/Makefile.m4111
-rw-r--r--contrib/sendmail/rmail/rmail.878
-rw-r--r--contrib/sendmail/rmail/rmail.c332
-rwxr-xr-xcontrib/sendmail/smrsh/Build508
-rw-r--r--contrib/sendmail/smrsh/Makefile17
-rw-r--r--contrib/sendmail/smrsh/Makefile.m4106
-rw-r--r--contrib/sendmail/smrsh/README96
-rw-r--r--contrib/sendmail/smrsh/smrsh.812
-rw-r--r--contrib/sendmail/smrsh/smrsh.c330
-rwxr-xr-xcontrib/sendmail/src/Build508
-rw-r--r--contrib/sendmail/src/Makefile17
-rw-r--r--contrib/sendmail/src/Makefile.m4179
-rw-r--r--contrib/sendmail/src/README462
-rw-r--r--contrib/sendmail/src/TRACEFLAGS12
-rw-r--r--contrib/sendmail/src/alias.c284
-rw-r--r--contrib/sendmail/src/aliases1
-rw-r--r--contrib/sendmail/src/aliases.5163
-rw-r--r--contrib/sendmail/src/arpadate.c23
-rw-r--r--contrib/sendmail/src/bf.h26
-rw-r--r--contrib/sendmail/src/bf_portable.c482
-rw-r--r--contrib/sendmail/src/bf_portable.h46
-rw-r--r--contrib/sendmail/src/bf_torek.c784
-rw-r--r--contrib/sendmail/src/bf_torek.h42
-rw-r--r--contrib/sendmail/src/clock.c99
-rw-r--r--contrib/sendmail/src/collect.c293
-rw-r--r--contrib/sendmail/src/conf.c2628
-rw-r--r--contrib/sendmail/src/conf.h1368
-rw-r--r--contrib/sendmail/src/control.c180
-rw-r--r--contrib/sendmail/src/convtime.c28
-rw-r--r--contrib/sendmail/src/daemon.c2401
-rw-r--r--contrib/sendmail/src/deliver.c2662
-rw-r--r--contrib/sendmail/src/domain.c352
-rw-r--r--contrib/sendmail/src/envelope.c271
-rw-r--r--contrib/sendmail/src/err.c438
-rw-r--r--contrib/sendmail/src/headers.c494
-rw-r--r--contrib/sendmail/src/helpfile136
-rw-r--r--contrib/sendmail/src/macro.c65
-rw-r--r--contrib/sendmail/src/mailq.198
-rw-r--r--contrib/sendmail/src/main.c1198
-rwxr-xr-xcontrib/sendmail/src/makesendmail508
-rw-r--r--contrib/sendmail/src/map.c3784
-rw-r--r--contrib/sendmail/src/mci.c360
-rw-r--r--contrib/sendmail/src/milter.c3402
-rw-r--r--contrib/sendmail/src/mime.c145
-rw-r--r--contrib/sendmail/src/newaliases.158
-rw-r--r--contrib/sendmail/src/parseaddr.c853
-rw-r--r--contrib/sendmail/src/queue.c1904
-rw-r--r--contrib/sendmail/src/readcf.c1508
-rw-r--r--contrib/sendmail/src/recipient.c761
-rw-r--r--contrib/sendmail/src/savemail.c484
-rw-r--r--contrib/sendmail/src/sendmail.8937
-rw-r--r--contrib/sendmail/src/sendmail.h2062
-rw-r--r--contrib/sendmail/src/sfsasl.c367
-rw-r--r--contrib/sendmail/src/sfsasl.h60
-rw-r--r--contrib/sendmail/src/shmticklib.c84
-rw-r--r--contrib/sendmail/src/srvrsmtp.c3206
-rw-r--r--contrib/sendmail/src/stab.c161
-rw-r--r--contrib/sendmail/src/stats.c93
-rw-r--r--contrib/sendmail/src/statusd_shm.h43
-rw-r--r--contrib/sendmail/src/sysexits.c94
-rw-r--r--contrib/sendmail/src/timers.c229
-rw-r--r--contrib/sendmail/src/timers.h33
-rw-r--r--contrib/sendmail/src/trace.c15
-rw-r--r--contrib/sendmail/src/udb.c635
-rw-r--r--contrib/sendmail/src/usersmtp.c1553
-rw-r--r--contrib/sendmail/src/util.c565
-rw-r--r--contrib/sendmail/src/version.c9
-rw-r--r--contrib/sendmail/test/Results2
-rw-r--r--contrib/sendmail/test/t_exclopen.c38
-rw-r--r--contrib/sendmail/test/t_pathconf.c19
-rw-r--r--contrib/sendmail/test/t_seteuid.c30
-rw-r--r--contrib/sendmail/test/t_setreuid.c30
-rw-r--r--contrib/sendmail/test/t_setuid.c101
-rw-r--r--contrib/sendmail/test/t_snprintf.c24
-rwxr-xr-xcontrib/sendmail/vacation/Build13
-rw-r--r--contrib/sendmail/vacation/Makefile17
-rw-r--r--contrib/sendmail/vacation/Makefile.m419
-rw-r--r--contrib/sendmail/vacation/vacation.1200
-rw-r--r--contrib/sendmail/vacation/vacation.c1015
312 files changed, 52126 insertions, 19224 deletions
diff --git a/contrib/sendmail/Build b/contrib/sendmail/Build
new file mode 100755
index 000000000000..44e74c51f3cb
--- /dev/null
+++ b/contrib/sendmail/Build
@@ -0,0 +1,13 @@
+#!/bin/sh
+
+# Copyright (c) 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+#
+# $Id: Build,v 8.3 1999/09/23 21:31:12 ca Exp $
+
+exec make OPTIONS="$*"
diff --git a/contrib/sendmail/FAQ b/contrib/sendmail/FAQ
index b4cb2e6d1773..f8c2e8409ceb 100644
--- a/contrib/sendmail/FAQ
+++ b/contrib/sendmail/FAQ
@@ -4,3 +4,5 @@ available at http://www.sendmail.org/faq/ .
A plain-text version of the questions only, with URLs referring to
the answers, is posted to comp.mail.sendmail on the 10th and 25th
of each month.
+
+$Revision: 8.24 $, Last updated $Date: 1999/02/07 03:21:03 $
diff --git a/contrib/sendmail/INSTALL b/contrib/sendmail/INSTALL
new file mode 100644
index 000000000000..90c919a752b8
--- /dev/null
+++ b/contrib/sendmail/INSTALL
@@ -0,0 +1,33 @@
+
+ Installing sendmail
+
+Note: as of sendmail 8.9, a new build architecture is in place that allows
+you to use the "Build" shell script in any of the program directories.
+On many environments this will do everything for you, no fuss, no muss.
+
+1. Read all the README files noted in the INTRODUCTION section of the README
+ file in this top-level directory.
+
+2. Create any necessary site configuration build files, as noted in
+ devtools/Site/README.
+
+3. In the sendmail/ directory, run "sh Build" (see sendmail/README for
+ details).
+
+4. Change to the cf/cf/ directory (that's not a typo): Copy whichever .mc
+ file best matches your environment to config.mc, where config can be any
+ name. Next, tailor it as explained in cf/README. Then run
+ "sh Build config.cf".
+
+5. Back up your current /etc/mail/sendmail.cf and the sendmail binary (whose
+ location varies from operating system to operating system, but is usually
+ in /usr/sbin or /usr/lib).
+
+6. Install config.cf as /etc/mail/sendmail.cf and install the sendmail binary
+ built in step 3 by cd-ing back to sendmail/ and running "sh Build install".
+
+7. For each of the associated sendmail utilities (makemap, mailstats, etc.),
+ read the README in the utility's directory. When you are ready to install
+ it, back up your installed version and type "sh Build install".
+
+$Revision: 8.3.16.1 $, Last updated $Date: 2000/05/09 20:20:44 $
diff --git a/contrib/sendmail/KNOWNBUGS b/contrib/sendmail/KNOWNBUGS
index 85409a00fb31..05d0ea176830 100644
--- a/contrib/sendmail/KNOWNBUGS
+++ b/contrib/sendmail/KNOWNBUGS
@@ -1,12 +1,12 @@
K N O W N B U G S I N S E N D M A I L
- (for 8.9.0)
+ (for 8.9.3)
The following are bugs or deficiencies in sendmail that I am aware of
but which have not been fixed in the current release. You probably
-want to get the most up to date version of this from ftp.sendmail.org
+want to get the most up to date version of this from ftp.sendmail.org
in /pub/sendmail/KNOWNBUGS. For descriptions of bugs that have been
fixed, see the file RELEASE_NOTES (in the root directory of the sendmail
distribution).
@@ -35,11 +35,6 @@ This list is not guaranteed to be complete.
This macro will probably be removed entirely in a future release;
I don't believe there are any mailers left that require it.
-* If you EXPN a list or user that has a program mailer, the output of
- EXPN will include ``@local.host.name''. You can't actually mail to
- this address. It's not clear what the right behavior is in this
- circumstance.
-
* \231 considered harmful.
Header addresses that have the \231 character (and possibly others
@@ -134,10 +129,10 @@ This list is not guaranteed to be complete.
* MIME encoded full name phrases in the From: header
- If a full name phrase includes characters from MustQuoteChars, sendmail
- will quote the entire full name phrase. If MustQuoteChars includes
- characters which are not special characters according to STD 11 (RFC
- 822), this quotation can interfere with MIME encoded full name phrases.
+ If a full name phrase includes characters from MustQuoteChars, sendmail
+ will quote the entire full name phrase. If MustQuoteChars includes
+ characters which are not special characters according to STD 11 (RFC
+ 822), this quotation can interfere with MIME encoded full name phrases.
By default, sendmail includes the single quote character (') in
MustQuoteChars even though it is not listed as a special character in
STD 11.
@@ -157,7 +152,7 @@ This list is not guaranteed to be complete.
In the case where the sender is using su to act as root, the file
safety checks prevent sendmail from saving the dead.letter file
because the sender's uid and the current real uid do not match.
-
+
* Berkeley DB 2.X race condition with fcntl() locking
There is a race condition for Berkeley DB 2.X databases on
@@ -173,6 +168,9 @@ This list is not guaranteed to be complete.
you can use makemap to build a map with a new name and then
"mv" the new db file to replace the old one.
+ Sleepycat Software has added code to avoid this race condition to
+ Berkeley DB versions after 2.7.5.
+
* File open timeouts not available on hard mounted NFS file systems
Since SIGALRM does not interrupt an RPC call for hard mounted
@@ -182,4 +180,22 @@ This list is not guaranteed to be complete.
local mail delivery and NFS hard mounted home directories should be
avoided, as attempts to open the forward files could hang.
-(Version 8.36, last updated 2/4/1999)
+* Race condition for delivery to setuid files
+
+ Sendmail will deliver to a fail if the file is owned by the DefaultUser
+ or has the setuid bit set. Unfortunately, some systems clear that bit
+ when a file is modified. Sendmail compensates by resetting the file mode
+ back to it's original settings. Unfortunately, there's still a
+ permission failure race as sendmail checks the permissions before locking
+ the file. This is unavoidable as sendmail must verify the file is safe
+ to open before opening it. A file can not be locked until it is open.
+
+* Potential denial of service attack with AutoRebuildAliases
+
+ There is a potential for a denial of service attack if the
+ AutoRebuildAliases option is set as a user can kill the sendmail process
+ while it is rebuilding the aliases file leaving it in an inconsistent
+ state. This option and it's use is deprecated and will be removed from a
+ future version of sendmail.
+
+$Revision: 8.43 $, Last updated $Date: 1999/11/17 18:56:09 $
diff --git a/contrib/sendmail/LICENSE b/contrib/sendmail/LICENSE
index d0ff63a9cb13..f7078650adca 100644
--- a/contrib/sendmail/LICENSE
+++ b/contrib/sendmail/LICENSE
@@ -1,8 +1,8 @@
SENDMAIL LICENSE
The following license terms and conditions apply, unless a different
-license is obtained from Sendmail, Inc., 1401 Park Avenue, Emeryville, CA
-94608, or by electronic mail at license@sendmail.com.
+license is obtained from Sendmail, Inc., 6425 Christie Ave, Fourth Floor,
+Emeryville, CA 94608, or by electronic mail at license@sendmail.com.
License Terms:
@@ -21,13 +21,8 @@ each of the following conditions is met:
years at the cost of materials and delivery. Such redistributions
must allow further use, modification, and redistribution of the Source
Code under substantially the same terms as this license. For the
- purposes of redistribution "Source Code" means the complete source
- code of sendmail including all modifications.
-
- Other forms of redistribution are allowed only under a separate royalty-
- free agreement permitting such redistribution subject to standard
- commercial terms and conditions. A copy of such agreement may be
- obtained from Sendmail, Inc. at the above address.
+ purposes of redistribution "Source Code" means the complete compilable
+ and linkable source code of sendmail including all modifications.
2. Redistributions of source code must retain the copyright notices as they
appear in each source code file, these license terms, and the
@@ -38,7 +33,7 @@ each of the following conditions is met:
forth as paragraph 6 below, in the documentation and/or other materials
provided with the distribution. For the purposes of binary distribution
the "Copyright Notice" refers to the following language:
- "Copyright (c) 1998 Sendmail, Inc. All rights reserved."
+ "Copyright (c) 1998-2000 Sendmail, Inc. All rights reserved."
4. Neither the name of Sendmail, Inc. nor the University of California nor
the names of their contributors may be used to endorse or promote
@@ -64,12 +59,7 @@ each of the following conditions is met:
disclaimer in the documentation and/or other materials provided
with the distribution.
- (iii) All advertising materials mentioning features or use of this
- software must display the following acknowledgement: "This
- product includes software developed by the University of
- California, Berkeley and its contributors."
-
- (iv) Neither the name of the University nor the names of its
+ (iii) Neither the name of the University nor the names of its
contributors may be used to endorse or promote products derived
from this software without specific prior written permission.
@@ -86,4 +76,4 @@ each of the following conditions is met:
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
-(Version 8.6, last updated 6/24/1998)
+$Revision: 8.9 $, Last updated $Date: 2000/03/03 19:24:11 $
diff --git a/contrib/sendmail/Makefile b/contrib/sendmail/Makefile
index 98ad6e5b8f4e..547e46deea9e 100644
--- a/contrib/sendmail/Makefile
+++ b/contrib/sendmail/Makefile
@@ -1,25 +1,40 @@
-# @(#)Makefile.dist 8.2 (Berkeley) 2/17/1998
+# $Id: Makefile.dist,v 8.9 1999/09/27 21:39:11 gshapiro Exp $
SHELL= /bin/sh
-SUBDIRS= src mail.local mailstats makemap praliases rmail smrsh
+SUBDIRS= libsmutil libsmdb sendmail mail.local mailstats makemap \
+ praliases rmail smrsh vacation
BUILD= ./Build
OPTIONS= $(CONFIG) $(FLAGS)
-all clean install:: FRC
+all: FRC
+ @for x in $(SUBDIRS); \
+ do \
+ (cd $$x; echo Making $@ in:; pwd; \
+ $(SHELL) $(BUILD) $(OPTIONS)); \
+ done
+
+clean: FRC
+ @for x in $(SUBDIRS); \
+ do \
+ (cd $$x; echo Making $@ in:; pwd; \
+ $(SHELL) $(BUILD) $(OPTIONS) $@); \
+ done
+
+install: FRC
@for x in $(SUBDIRS); \
do \
(cd $$x; echo Making $@ in:; pwd; \
$(SHELL) $(BUILD) $(OPTIONS) $@); \
done
-fresh:: FRC
+fresh: FRC
@for x in $(SUBDIRS); \
do \
(cd $$x; echo Making $@ in:; pwd; \
$(SHELL) $(BUILD) $(OPTIONS) -c); \
done
-$(SUBDIRS):: FRC
+$(SUBDIRS): FRC
@cd $@; pwd; \
$(SHELL) $(BUILD) $(OPTIONS)
diff --git a/contrib/sendmail/PGPKEYS b/contrib/sendmail/PGPKEYS
new file mode 100644
index 000000000000..c0db3d74d4fa
--- /dev/null
+++ b/contrib/sendmail/PGPKEYS
@@ -0,0 +1,392 @@
+This file contains the PGP keys used to sign the various versions of
+sendmail. You can add them to your PGP keyring using:
+
+PGP 2.X: pgp -ka PGPKEYS
+PGP 5.X: pgpk -a PGPKEYS
+
+Other versions of PGP may require you to separate each key into a
+separate file and add them one at a time.
+
+Type Bits KeyID Created Expires Algorithm Use
+pub 1024 0x16F4CCE9 1999-06-23 ---------- RSA Sign & Encrypt
+f16 Fingerprint16 = 18 A4 51 78 CA 72 D4 A7 ED 80 BA 8A C4 98 71 1D
+uid Sendmail Security <sendmail-security@sendmail.org>
+
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: PGPfreeware 5.0 for non-commercial use
+
+mQCNAzdxaGsAAAEEALq7JPrdyXCm3DdJEKR9miP8/B9vrferOBoNimPFceDEqCpm
+0RiJtnGhUJwt/HZZhiGDWPYTIa7VajfxiEzJ7LZH+/uXgQFVN27fPwoNKCI+7sr3
+FnRs3Xapojn3d3LZSHagTh+VTuG5LxbP/m//sj2Rw1MMPw1b7sApykAW9MzpAAUR
+tDJTZW5kbWFpbCBTZWN1cml0eSA8c2VuZG1haWwtc2VjdXJpdHlAc2VuZG1haWwu
+b3JnPokAlQMFEDdxaGvAKcpAFvTM6QEB1bsD/jj+vTodXqoJphCrBLwFmwymopZp
+/HHu8o8FURlL6jQ6ihCruCw6PxNMzSdgmnOgyXxyRZIVO1pUyWf/RnS/r09tPLlq
+nZxdAPquhB2pkawvFp+Y///lb92SgfbS3/dtSDDAJ8FO+CDUKS5dKuZ6vSDU6ezH
+BDYjhd6pPYVd5hz3iQCVAwUQN3Fv9XxLZ22gDhVjAQH4BQQAuCNG977A4v0xjQi8
+AJsJmlS5mKMqn/Lw+sl1h4yQwF2vzNDdxhNWjZVziK3lUIUPh86u8m5CSdN2BB1Y
+1RawLvyfpl4b9KtyXxF4fh2BYmygJ4iG+WxhpaT5RS0eFvsSefO7/w13bx5U0Z7A
+YfHMt7+CKHm7bAx3l17g3I9aCMCJAJUDBRA3cXDdzx61AyIyegEBAeZmA/4zCJxF
+aathJ0soRJOcyRDzHKbAqlShF+Mx0tzcwbE3hAZrIqJ3TRK2MbrsBNnkFHPuPF0e
+eKr7TQsXOa+ig57wlHsCOc/fd9jLITjSYKxrQuZz3CrNefPKvv6v6Ctc6TT4GwhC
+zHglLC9Bfy9zgbv2wHswRvQBmRlCaERH3HLb1okAlQMFEDd41z8j5GLUv3ukIQEB
+9WcD/iFFF2kfSTyD+IfcLl4WCaYSeD/q/fAplpOOZWnC9PB1x3YrMHn/H8zd3S5B
+05D8+MR/QL8n8/5P+pyHa4VNRbeX8g8E34ocZf48y6FeqGi8qmcTBJDgqUTO5yMu
+t+b57G2pAIzasGcoZDqC3aJnFKwPjGRxnUFJaxlogrbUYCNOiQCVAwUQN3jwKW9S
+k9ijm6ZVAQEtugP/ewRrMCdhCbWsSUOrYn1a/pfN2KiJbhs0YyOyWbU6RvJiSFY1
+0BNAxYTbymHDOn2UhUhCrUpqatmgCuxmUsoH2Y4AAFC/94/oltwDUfnw6muqqn2K
+7AelRBbJ5wUs65pHu8kfzVB5wJh8eDacKFkK0lqgtRQCE0suhqCSFUfvtzuJAJUD
+BRA3fTCCXx7Ib4gMnlUBAWddA/oD0RKLIkLspmJC3ccmkncviMSv0rME4vY0NIfm
+IC0zsYITlU/E6H/CqVmU4Hmr5hmr5GUNNtrVZ0oLH1PUjobmZcTITJZbQSS2nY02
+N6JZT5BSAwQBfUfSMwURISRQBUOfi1kLqYk3f6UTee37/+Ig2kb388T6ClcXCv82
+FrZuwIkAPwMFEDd9MMTU3njYeCkb2BEC7QAAn2sVWl+Q9a+4a34v827M0O6HpMrL
+AJ9bLmUFO/+pyIRb3brK/v1RtERawIkAlQMFEDd9O7oA8tkJ67sbQQEBipcD/2rE
+vofXLeEeujkhI13qbDL5dEqPHY19eboF29xBCY1kR9Xqbu6G4Q8pgIHUDg/TRK+w
+RdBUjQlDspQEhrM3XEtZ+QJalfk2IoV1Z9uuQM8voYPINnpPe7Q/seibHirMdp4f
+J/xLPs3d5gApNtarxwdFOBY3YkHkkoqza1BxmB2YiQA/AwUQN32KFYMCoaE+3wLq
+EQK1IwCfR+jVCbESixyB0XR6zDsGf8n4GPoAoM3OjreUcSFSl/4kgaV8DbPNLTVn
+iQCVAwUQN32XGgD83u1ILnWNAQGa+AP+KUsOgU8tvJwSiulcU/pXS2gS1N6W54B5
+C3JKioPdgH6lKNO1cOoV6c1ZoG7SFlvsHm2DjRherLEwRhBWkmHlyjLpKW6mYXZ/
+MGLrf74UeTG4bKb0R4As8mLG0z2vqlPNtfyt+8SUoQ2JT0MFRc2FGQChxizenGZS
+B7T1MccjIM+JAHUDBRA3fa3dcslC2OpaI3kBAQhhAv9BkSO1zWkxiWc7uLQjO9lf
++YhF9f/SX7/6Od6hKo/YRubK8fcozKXlJ64CJ+iGSMrRIZGXKBIyXyRx5Qed14jK
+fGCYzqGv1IpMHIWJPLxJl5Xyi9jIna8yTc6FRWm8aYCJAD8DBRA3gbAczsKIjL9q
+TKERAhdDAJwKqcVkm9TBCmutXxwVTcffjINlBgCgrMqc6UOHlUtZps33xWZLgZh4
+awiJAJUDBRA3g9C+TCpm+b/C9j0BAaJMBACskZxjnZbvDgm0qdvESy5+jcluxTh5
+fUeHDpnkfOP0AUAe8Ykwt8syWOQZ+3Midez8JqTAu+uvNbUckuR5XL8nMYpN06og
+jg1TCgjLito6IptqYUZgWFvGDCdDgC+m8vw7pUbqh59mDTe0X5Q/x9Cu5JxfhxnX
+TNBQ+pI8lLAmsYkAlQMFEDeD0Jt3HZKuiXLHwQEBMZoD/2FaLFJ03tEAfNQhLmSg
+unWVakXz8udE+pY7IWi6LJGu5iwtIDJ/r0nCrJ6/aqzu9JLpGhfTnhPPCXlz4Nfh
+riRz12cv2Rlg+gI3Y0Fiju5eo5TWnu+qB36vQsv73xpfQ7oCmoVY2ZntQVBaf8dy
+FrAdFBf1y33xWo58zRsg2u2h
+=g1qL
+-----END PGP PUBLIC KEY BLOCK-----
+
+Type Bits KeyID Created Expires Algorithm Use
+pub 1024 0xA39BA655 1999-01-04 ---------- RSA Sign & Encrypt
+f16 Fingerprint16 = 25 73 4C 8E 94 B1 E8 EA EA 9B A4 D6 00 51 C3 71
+uid Sendmail Signing Key/1999 <sendmail@Sendmail.ORG>
+
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: 2.6.3a
+
+mQCNAzaRMIoAAAEEAMWVJpGkwKWD6GFDUHtV6AUDzwSAXiWc6UinY7EpCLwFdYu9
+Le06VwQt8H9Xtb/2jrXDV61Wu0IDJub6g7PZxWxU8WHVnMX4aBT5WOCBpwFRme3u
+idwCAbHuEJs12FQ3Tf+4CZ3R9uxlAovRaY6g3fJ7gtAc9HAjMW9Sk9ijm6ZVAAUR
+tDFTZW5kbWFpbCBTaWduaW5nIEtleS8xOTk5IDxzZW5kbWFpbEBTZW5kbWFpbC5P
+Ukc+iQCVAwUQNpEwi29Sk9ijm6ZVAQF3LQQAgpuD3UA69w5FjCAfY1iYBsaGJ31V
+1IyFQbo5fAnVo8PMQzioqbsn2U1y1rRkf//gt8T5oVo6Q3e5oWQF/vcruEP2WUSZ
+1BkV7zDWLsa6octYIEt4Rdr6gBxokzP0/Z7Ck0WOfSxEAGXbHZ6NpbcfNdIZAxhZ
+WPqcem3zEwoK/l2JAJUDBRA2kTK271iWZNQy4Z0BAQltA/9b1Xtp6Sqr8LtBAUax
+ziRYYmlIENgkYJGPrF5iB17d1M+aMyJ1IzdjKHaoa2+WpWYhzT7RalcxkrvXZEN7
+hTC5XqsmkGXeg2oiwJPCVTUoJY0goJKiMXI/zYcLGAxTnYr3rUevr+vOQyXPx6Ld
+AUCXcsD8LFQWR9iQTgTOBVSOhYkAlQMFEDaRMloj5GLUv3ukIQEBjh4D/RbqKENF
+51C6DrwE5IJrpIZ227mQwFzu3olcF3v0sOoHv9Iqw0iebEM8D9z2t6XiGNSgfmQy
+EUhQ2gTLfbkz9lSUjUaH+ziN10SXSd0x63n2xqrk9XaG8YCWJOcMe+N5Gh7UGniS
+UD9XQNBLoqnOL1FpScAC3F+KsH4kCKLQD1KJiQCVAwUQNpEwwXxLZ22gDhVjAQEC
+GAP8Cle48mxG5TcrAglAXs25YBLhHK21tnSWrd8j0PdID7+9AKongjZOKxyAnFkZ
+RNXDArmG+FVA0DAJatiFXikqpgyHAM/QKSCSjBEOru3Og+3qV/oFQjAVPfLQbFPb
+6i1TIWzvYTp9L4TlzqUM3OF51Mx07W1S+qCciozA/0GqFGiJAJUDBRA2kTthAPLZ
+Ceu7G0EBARPzBACbuAlTHMobN3Lw3YvsOUgwWHFLqKXLNTu59ozZUL4da/E+Aszj
+MgE8343pV9Nwm/aHGXRNiAEOftrb+DdU1jcaFgwsrWnXK9NmnpAYbMkoOb8Om1Nx
+E/5u0dIxypXO8ziyQIfkElsOVzhPzct9wZKh4qt2uLGcVWXeFnf23VRb4IkAlAMF
+EDaRU60Gfl7Yv7VlaQEB46QD+IGxaViR7rQv6r1sAZJzxC6vMpMK5tgk/47gC6jm
+8STb2DYvz/5KNYTkUDRB/85Uy8jY8jabkalWBNN6z/Cpod9ysSjSOKNBQ+6MMhXc
+qXWKakxZIa0rIVNEYaRTAbVU4J1aXRdh7BtC2nEqf3SQD3c9HDLA3p1W8g8ZyHwr
+QXqJAJUDBRA2kVJAXx7Ib4gMnlUBAX7IA/4mKF8EGahmbNXA8wcH4K2r6LzRLXsE
+f444U7hWQRW1fCxDJz4DOodUO3aENzzWjfxL8BtoosuDTJeKGXoa+5S9bCmtaksm
+86G20UuDx/vt1Ol+hZFW8q+bSS2bsAKLvXZVDnURtDu6nzdNR6Lt61ahsUDo4nLw
+iiKUZeMdE2S+H4kAdQMFEDaRV+is4VzBBNt7HQEBLbMC/2wuZQqaLrLUm5raynph
+rllKT+mQQSTedTACKjnpT4LE65YYGGFDrIMS151lQ1OVvu0DpGzmQ5b9kFNGp0GZ
+giXndPbvmwPpOn4ONmCo/zZFWryNQKuqPn2EN4rPhngjRokAPwMFEDaRbhPU3njY
+eCkb2BECLnMAn3t8IsH2yr+vd+1IWstXMCUwzBZnAKCtq5l+00/EYeH8PXhrhIIS
+9EquTokAdQMFEDaRvApyyULY6lojeQEBQa8DALEmw8SIvCjwo55yu9p26czt/ohn
+D1IdJPepf1H5X+QY99kUpsxb+Csnz5VSfNz7dSJxvhwsB0gJityk/YX8uOcEfvsK
+NsABSN/fcLCnzlwO0SNGDPJc4KHTFXHfVy4SgA==
+=f3oA
+-----END PGP PUBLIC KEY BLOCK-----
+
+Type Bits KeyID Created Expires Algorithm Use
+pub 1024 0xD432E19D 1998-03-14 ---------- RSA Sign & Encrypt
+f16 Fingerprint16 = F9 32 40 A1 3B 3A B6 DE B2 98 6A 70 AF 54 9D 26
+uid Sendmail Signing Key/1998 <sendmail@Sendmail.ORG>
+
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: PGP for Personal Privacy 5.0
+
+mQCNAzUKkdIAAAEEAKvdxY+iy7eLqxP5StbpZuxYNPWLye98bXA8oKwrEm1vy7Xq
+LBg3uNXjlMtwcNW/r+oFu5A++2R+1qC7w/0867C+52D2zkfGRH3hn9Lh6YaA5uIP
+LPbMGB3Tepbtj/lAtOJb7JKdybF7fkxkEUmwhuA5kAo1rKKWNu9YlmTUMuGdAAUT
+tDFTZW5kbWFpbCBTaWduaW5nIEtleS8xOTk4IDxzZW5kbWFpbEBTZW5kbWFpbC5P
+Ukc+iQCVAwUQNQqUqXxLZ22gDhVjAQHaYQQAiFITCRAEKhLlgjcFlehTDmVMFb92
+1jiclN6377xe+A2zEtq4p3R8IwwiVTGeBzs0Zmnrlo+fAdVFYBjIYCtwKVTwd72U
+v6kxX40CjNkx6q264hUjILOumQ2P85/Aqg7wmnK9vM85CkmhKwu7b1OHsY+EFAlo
+U9CWyVjwSQqzHnaJAJUDBRA1CpJ4I+Ri1L97pCEBAcRtA/0czuj3hK7YiVL3zZaV
+EUnqw30auexjm0D+LhPpsHN7OM3im3z4+/4Pv2O2CH7nZhAsgRN9N+qdf3fCVGHq
+Y/ULkdsxKNbPEjSEWI+dqUWj6EyMSewKvBo7Zvljii6tBsM48ohtkWTo4B1/SuJb
+FM5TgXu2PMTgWHsT2DFb82wb/YkAlQMFEDUKkmfBnB0lEtNGHQEBmCwEALZgc6V1
+mvRL/dqtGwdt38Uuw430cdM1Nk0FlkQsGXVWY49A1yrLAcuPQi8wzx4GS0LhtIeo
+vmrQ91DBaKxvxkboqM4orYf7PB5exSS9RQlTN2ezaf6IT9hVJHtXoYxU51Iny7hp
+r5t8L7od0gue9SNsLWjW9PZH1eKz83/g5VJZiQCVAwUQNQqSVu9YlmTUMuGdAQEv
+nwP9GvBao9wPX0r1aplZgkUItDwWGBbF8qQLgX5rM8b8IAxvHboIp8fbCkzhVxI7
+v0IdYc0u1hrY3YfCNNbELu09JEcvtsl3hhmXnalOxCEdjoMUiHSb5f04sTBNOhD6
+IWQqixDizoVzW5XljHBvgxWJhBus/dPJ6hdZPahioVd0oLiJAJUDBRA1CqZRAPLZ
+Ceu7G0EBAYlJBACumnB7zeAOpuj0y9h0Cgh0DleNWnqpHzTus4lbt3vw/cMpKmXt
+nGxMb4HE9rp6CHuuy3NumH9JHa9lwgb0T6bc0Zbc+LX1j0tKMC4BIsfEbFiOMSXU
+P+meyMUGY67VysVEeTqCgG4FqK7yOhnJsxjwDxJTIlrMoYwSSmsF4/R8Y4kAlQMF
+EDULPLgGfl7Yv7VlaQEBWZ0EALAGPhQbVEPTp2Hfm76ZRWjYJ8iDn98znfsHRYhS
+A/yIXF17eDtSkYU/ANOPNT8g5fOCWKjfLTJX4Al78rbHeGeKS+eO21WQCh8AF7Bv
+vZZWJZ0CyNnO++hzyamsOG1Z5Lrt/WQQPK4Jv5ZyqK3f2nGDufHuyQuIXxsdd+BX
+oqp3iQEVAwUQNQwe/ReiaPz3pQGjAQFowAgAk2fARyp4iyRl89ZZHGY09HpRbwQS
+4jeDIEkBPBpSCBXIELgR7UonSoTwHD0nGHuwgdil5Zjl3PAlQJdo47Sh+hLCMoN/
+mg0aI0vSnOxnnVgIcAigzlEAe03R12frWp32SjXJE1GdeFQWlzkk/6BoujKybvI1
+oRr8OeAb8WzwmUr0c4VITEdb/J5c85yriHIuWpqYWIq5gb7evdj6JTKXly3gFp9R
+bwwd2tjlHYu6O7dHuEsmm4n4iK3rEglILvWIoS4kVV80v6IUE3xgLAVf7tnF5iNc
+nXcA386xUBB17zNvJDiUrciX17TuZsIVvIQnB519NN/ZVr1KpHSbLgMyZokBFQMF
+EDUMH1shtWni44zO8QEBGOEH+gKn6blq8L2AJ7Q2Pcw26Do4J9xlRPFKrDgAgy6y
+U9x509y4BeAZ6yn9RV0iGwhgzbdd57QrUpgcYNKGXSC/tJZZj2h3CZ06m1zaGtJ0
+ig0dN7MU9gqZZMLy9f1EZmCwXeZHXL8t8lUMv8KEoq8+vvghCRvDNUgyQpkwcIOh
+rSu9yJ+OeJ8SpucL0ebJE3MmP2JYmqBCBg3pbr8bWvzjZ2Ny40OiyRnuXFP/jC2f
+ll6oMi8rOpWhjTTuHyrWEG9AxI8xeI5WsEOrJHH6stlmXJM1NtlJQ0D3qCdLn81M
+vitLgTPb/xUepRkFdBhZESG5BPDwT5hm1w7m7yhVohcH8AOJAJUDBRA1C3M0THwE
+EmD/AfUBAbzlA/9nDPPyBD9T1ygEHBsS2ZztO7enSk9DaYmt2jsqQ413UnpbhybR
+zZiuHXpqgG1p5GkYjP2Cw1DtT/dHu2nrD6Mf9j/4QYaRi0sdWLMTKVFPDlT+j1G0
+Ag7/yCMhPv2xr3JOLPppCFiYPkdqRfmKnCWdCtrXmBvu4EiLTj1IXtc1WIkAlQMF
+EDUMLbdfHshviAyeVQEBQOUD/0QsDaDnzgcQHbtvJvDM0x+JYuejbvQEXh6k/cDP
+dLIC8XLZMd0uuAWE12SL1pm6J0q6+csKELascFKyOWTRoNrkWC5m1ltgRuyfXq3z
+Ur9SfL0KlfWFLXRsmGRd5V37u5H9kRjeTRlyiOeAcAMzaLunI9dK8sWet4p03GLy
+GOHQiQCVAwUQNQrIVW2DN4pRurLtAQG7gQP6AxTbsJ3Az+bwEgymYYo7EWADJGoB
+e1r48/0YjocxddhcXJSGL5dRNqY8NURSyvw/dDtjH81mVIbRlZR0QS4D2Jp94Q5/
+mrWyqBW6Ah1EFtihncY3o/g1sxEC0hIj0/CklQmNttxeIGt1rRVyKxHa0tYkDtNW
+w+y5xZQSkE0yin2JAJUDBRA1CrJtdMsnjUUcGpkBAQ11A/4rp8Oy2cVbkrHHIxxM
+2dML/tqNOgOGaB5tEISgtpv9xy1sVuEEA5T6rQJefeC0K00M3Mb3Sy4uumSaX3Io
+yTQr3XD3FZ4Q0n0AWR0ppRBvepqINfn/yeNF7268SDIMstQjlD9GzyCobqrR+VLT
+pxF7wXqyHcLyfqQjRiM9ZNTzAokAlQMFEDUKyAd3HZKuiXLHwQEB0+cEAJ308jCg
+rgWPcSstZH8Q8AoQajdxYMqImoQaqxC8zWjX7BK57pEFLelI3uXqkeEyqIGH0Yqc
+SvHQSSe2vLe3DohfGraCL2VK+b3Dw9IOaff4+ZFlxLVsqNiq13Z6aqRuKJ5uNjhI
+0q9PPBZ8xzOMGfa3cMmW18INJvrVyTu3ENXUiQCVAgUQNQqcZHfUAfkkYu7tAQFr
+tAQA45cSUfYgq3d0RGx3RLUL0H+Bku5xMH2YuRJfpEI/Oc0Z1l/G7AfoR0pTqo9p
+uCu21glCUWm4TvUEaGJjT7q2pmcoLO3LCavNVAZHNTPQvjJgu/Z8+290yR9Ln/f8
+4F1/zcRe4Gakq2weDM+h3gH914vXW7FoGJePc1X+azQ7pYCJARUDBRA1DBz15mc5
+PORZW/UBATL3B/0aknENUHmJ6+axITL1ZODUe/KqFmLRgvCl2g///FtMHlMCUyWy
+q+MkyiHyjbgh1eN6gsCHUSHiROQdXMRRSxZm4FVsjznisjybCqzd93lBQQyKJ6XX
+KWu9SjJq/b6yg83byTgHZRW6kwjmDal97kVyHtV1WZBGDJ+v9nCY2tSvqujtNQbJ
+LWrHp447BSIXBBpMkF/J+cbl7yZLiUN8I1SnLYYttmKOtfD33eL41oKT2LK+j8sI
+kCd4XbcGoMJ+DExDVhFeiwwXWzomvTP42Wv0b8DYI+xeuE+AyARxJ5AVbGUBl4sZ
+qVuNMDZWhc0GLpT10RUeJ5HJVAGIWB2fLIsE
+=ljft
+-----END PGP PUBLIC KEY BLOCK-----
+
+Type Bits KeyID Created Expires Algorithm Use
+pub 1024 0x12D3461D 1997-05-07 ---------- RSA Sign & Encrypt
+f16 Fingerprint16 = CA AE F2 94 3B 1D 41 3C 94 7B 72 5F AE 0B 6A 11
+uid Sendmail Signing Key/1997 <sendmail@Sendmail.ORG>
+
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: PGP for Personal Privacy 5.0
+
+mQCNAzNwqnIAAAEEAL1KqbRgVm9kp9OHLkKGb1tbT8rwEIeeh8KKSKJyDFiV6lZG
+wbEa8OC5vokXvjsJtJvvhMfrG5OYc1Q1sLzPXXBYzenzXFrPaXDO8F9DE8B5VTuy
+yY7g3LVr0VZYfi+ZsNdOFGNLdwLz6a8GHBHdmAn6z+FKjMSbdMGcHSUS00YdAAUR
+tDFTZW5kbWFpbCBTaWduaW5nIEtleS8xOTk3IDxzZW5kbWFpbEBTZW5kbWFpbC5P
+Ukc+iQCVAwUQM3D1KcGcHSUS00YdAQGKTgP9E9r2jv1hB+q5yvJKyTWHiIS8oU5W
+eLzdoFlRJUw74M5WBh0/AkcTMfv0BpCDMxu4zskDJ7L+urFRIsf9op5w6YjdsM15
+AvuCtWqgExRkdoac9WRCFNZ77WPQ4ul018k9EIpurIPaojLs5j2Q0+9vOXrtJmXj
+S72Ol9nQFU/hl46JAHUDBRAzcoIxrOFcwQTbex0BAXvAAv4yS5fkL38pJTUJrijI
+XhaHLV1Rq3XfTdQ2HuMG+rF9nxdBCz3a/YCWJSPvE11sINDTSni43BwbsXWqaxvs
+UKD2fqgXB88zueY7rOt8rqi+PRMZ95QUFTgUP0kAN2+U2SmJAJUDBRAzcYIwAPLZ
+Ceu7G0EBAdysBAClk5f+3LazjkjGZiEVRPBKyUYJDqx0j9phgVkqWRje9ot/ya4z
+N+Zm8e+MGyIk6BfMi1QluMJUqPGY1p/mvLPMkiKhwYXHG3kymto8CMSF415mLxIP
+/6P3SwCyRzJeEcBxKgXlwDwelj2joa1fWZH+rC1ZuZ5FCaiiyKvjSCqb5okAlQMF
+EDNx7IPhx4Y6UUEd4QEBrfED/0tP5eMU4G4CDEAyV6susGl8WUSJCkfGjK8Z22V1
+vM4TLiVLSf7cec5tE6iau8IzumBgRV2kQWOz0+q1VBOStUOJQCGfwC81ou+74eTt
+ThL8m9oJ44Y0JrQpztW7iBqU0KYsAgf95BtArvTqKqG2kLTlBVbjwb6PBqkyzm3C
+6ZbMiQCVAwUQM3Gq0iluPWNaXACpAQFikwQAxYQKEPFIzF/5SyMiktsuNNLMYolh
+UsNEUpU63+Yxhr9ofK7dMZFwaTHaEnCZ/zhjRRA6R+BjBOmnkD/W7fG/i94naJRV
+rMejqJhfZhHYqbMN07yxGdjV47neghSoN4zddZdfLq4gEPD+MN3rVTDnO+xpHzLP
+4jxqAda/0eKSFQyJAHUDBRAzcZsLcslC2OpaI3kBAX9cAv9K9QaxgI8kjyVJkVxY
+KJuYE9PPXgjmQvqx7gS+HFm97ZTROEYhhNek7EFD+XJpVQ62KlQxNUaWe4VnNmZN
+2QQyvRhNvE0bPC+rBKoi6np6Vha0NqWDA80xos3oswpj/+iJAJUDBRAzcRiTBn5e
+2L+1ZWkBAY5YBACLvAw9AoqvMqnUVR4aXSkzK+s5aQG9hDDHac2FWsG66HLhh+Ux
+HI5Cvnke7CF+qglNzDU7HpoIdDFovRgQkfGnB/I7Cy6ax1aRJpLc+JNXkwbDDcZw
+9sXnMMymNl4xn0vUOyrnT2GIwLwFL/t5JIUqovm3mZ2SpL3FxKNWyxgDX4kAlQMF
+EDNw+VVfHshviAyeVQEBrtsD/AtwAvvAduNZMFL9du224fvVZ16of9P5vLVB6tF3
+WKvo39FsFjOLr1xgZn5TWc09i1sVK6swi8O+IgcNLq7CLxRYaXpTjObbphktDVnU
+2uWwc3wHzFA7nNAT9ACEa7gDc1GxFrJQ6QyjJVK4f2n3EyJxc9E1rBIoCSNnmBHh
+vqJViQCVAwUQM3D6ZHcdkq6JcsfBAQGNFQP8CeATNOacSrL+x7JaFf2AlANLwZAo
+G68VE/JMcUgGBCZdo6cptg1uBFgzWaOVq+aQU7AKkwLmbyMvCX04PS0tswnkSl5w
+DTLgSmmOH5elIWWrv5J9MXrlsniIzc1MSokENMOaKIEWuC4yCgE00nBj8q2GfDRh
+J816g1ndGU9zErmJAJUDBRAzcZZKH9vgQ8ZSyXEBAT6zBACDaXRCrBqqCmjIZ/xN
+EQcXQF6VKoDFfMUXSgvRaJP0LRuBmbRuWQRZe+OIGA7vKWtvPti40bm3O4b8rESG
+MMAxARn2PS7VPfOhrRNaVGV/s3NX8GkrPxYD+MuFVHoI3QKiKa/fzxDYMX3rTh6X
+4ISe4cS5O/J6VCEKIjPvoVVFF4kAlQMFEDNxljgoffu9cgNgzQEBEyoD/3Ca0oBU
+AuCJUsrPyFYVr5r9FYOWtvOZ/b8IynIXjxD2Lin9AlX2ijLFDJR0lbDoBVPM4IVt
+4rb/yr9D71LU3plxKn+G9JdFpNK9IWJGqsn8iRmbnoERbbVzvZHVx6qA4qvRTt8s
+TJYN+ueKng42DVvZVZQLWZv9mdDUKH9i7r7/iQCVAwUQM3EH4IY/IR3IPsbJAQG+
+pgP7B8mo+OP0lN6KRK83pje5wctThDHF7OMW9tSKXMqGUMEa8+GWrOrazyT+5R30
+cOHUnz3iNkjHaO2/3jLZ7VZTrewYGD7VSg5d5RW9PMCSm+MaJiHLVWKxS3exHHWK
+b62c3mao1zRz5Oj468cRXnHABNaLt3CmMVvKUpAi3d/W7V2JARUDBRAzcQGwIbVp
+4uOMzvEBAZc6B/0eqipGA88c3bxT0NXZoQtePdVen6Ub3BJiR72E3YA2kZx4Bi1B
+pcJIAw/HhRx9vkc3EmwJkPCn1o1pnYnuMZTgGYH3KAV6WFsT/Yqp0KaHYLzHLCJP
+CVKI29DClbI+LOw3sHWuG9ZHK/y26ue3Bd16dJzs7Wa3ryyqeZGi3gWijHbtVcgA
+laNicb0QuWcMXsNYy2E62kP7tZIRR88cv3KVOlbEB/qEOZ8tYbk5UaI6ccZfIO2c
+Oyo2xakKmw92DyqRdbNKbf6yFZLPYJbGZHsJeI89m+MyU+av7iIhh/ky1mSrZW63
+dPnQvE6sw2BpFS6L3hmtArLHWJKBSm8N3vobiQCVAwUQM3D5Rb3aj9Y/6n39AQGw
+owP+Iu/HfZLks9GdaTXata1YEwC42GJFxB3+8Pgy+ZOimffkF/CFlYWBthD9Zwqb
+NEQanNqQGLOtHgCX4JFLia+FktAX2hy92ciTcSFG9sVsaEHrWnjQRfh4OhqJa/D6
+rtud9sPWjx7TY2s+8BDZxjgNnq+gTCDnhRKvpsLHl9BogAyJAJUDBRAzcPU2I+Ri
+1L97pCEBAYxXA/0cleagkyPhJZoZ2PfqtB3iN9/OcFLZCC4HDTdtpdOundLMTZe3
+WtjCdETnLCXQGOMghdf9fnuU6Em5xPDnXRi+xvMo1/WN+m5n/xfui6qZtUBrZp2D
+35OUFjD6Wr2DGthKb1263P0pbdcCUAZkvqgTHasJfMeSDZR9bAcz77o7YYkAlQMF
+EDUKj4B8S2dtoA4VYwEBHSkEAMOsCwolhlXpbhG1tz35lxdMa/dBCB+JokHvGH5B
+JZNEARGpjlA7Q6oEYGtpTuIwj2lRqgiS7d3M/qCKL0HlrlMDOcBbNdjC6JZuVgnA
+LEG2m+r6YZlLratpkK9rI/SeSpwz2AfmrC89PI+C9Pcysj+EH4hV8WyETjcNA0le
+5UANiQA/AwUQNNg0q1F+HqlP3KvBEQIVngCguFDiBO3ZJR9RN9L0Vmg+/yMX7KMA
+n2tSLsf98uStHSQOzboE0KgghjybiQCVAwUQM8wrnM7nzgldNyzFAQFfGAP8DWSO
+R5ELTdPUugVgB26FStcadMS44is1JWwRT8NkRiewBP1cvVwS3c6zS75qdXNoAz3g
+UklXw90/CeviKHNA1wHOupsMCxwPqy91Uo5SOT49vTOuHZ5HQxY17WfTgFXUUFx7
+RQTB+ga9BpGedHq0Fm5kfvH4L4Fdn1vOpEmsakg=
+=9d88
+-----END PGP PUBLIC KEY BLOCK-----
+
+Type Bits KeyID Created Expires Algorithm Use
+pub 1024 0xBF7BA421 1995-02-23 ---------- RSA Sign & Encrypt
+f16 Fingerprint16 = C0 28 E6 7B 13 5B 29 02 6F 7E 43 3A 48 4F 45 29
+uid Eric P. Allman <eric@Sendmail.ORG>
+
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: PGP for Personal Privacy 5.0
+
+mQCNAy9MzZsAAAEEAK3o3N9W8Ynb47vNtIqUvdjYYl/nEt/hddhumsDNqt/icanP
+7x9VTS1bCfKmAEQ86DSkWRWZmhIpExbcqmuRtixn/RfDHzJ4hU/wAd6kAzUTVIfY
+wLC5NinszKoaqlBWlQkWKW/2GbryLmYIRhIDOKkIBxSgskpShSPkYtS/e6QhAAUR
+tCVFcmljIFAuIEFsbG1hbiA8ZXJpY0BJblJlZmVyZW5jZS5DT00+iQCVAwUQMv+v
+Pr3aj9Y/6n39AQF3hAQApIJUr5W7b1wvi+WVGVc9iWtmKB3U/O7iddjeqeOWCx+P
+6XgD94rkSanFbfCT4Sq8HQNbtTDtBVYFU0SD6GTH5SZ93FUQ6h0OAW5cueHGnfH6
+s+a2N87pPVKxh/brycLvr08to2TvRTbxbebPkF6UWOlurdPI1Ga4kgLZF0Ppwd6J
+AJUDBRAyWFEdXuWsrmbLc90BAaE6BACqO5uGZQ1rLrFxOi9ljDghYmDRLFI0x1ls
+NWh//FAGduRs3N+NemP715N/8vH4n+nY0u0xfPDMi5UklmD1l4EHJlHxNvrXNnQl
+I7gLkkKxvCly/hjbKiMciDtpnUYGa8dgSy/nru6J8QSpOhXbs+UeMsY8xtPYTZqp
+e5fNjWhVJrQjRXJpYyBQLiBBbGxtYW4gPGVyaWNAUmVmZXJlbmNlLkNPTT6JAJUD
+BRAyHkUOgEp1EPeh9ysBAZxGBACWWXNNwG/3fWmGFhDi0eFVSQXbIPK9nOk6/kSM
+5hKqESarPrLsVNapNu5s2BSac4qi6xrrV+4SCEcEkkfESbG/3nXx6ieuxswLim03
+BTHvsceFjjPUN9X+Hny0LEbHbcwACHPq+yGgQ9kEYLmzMM6/9kaIy+56Iy/PbAyT
+ARKGOrQgRXJpYyBQLiBBbGxtYW4gPGVyaWNAVXNlbml4Lk9SRz60IkVyaWMgUC4g
+QWxsbWFuIDxlcmljQFNlbmRtYWlsLk9SRz6JAD8DBRA0qiAaXtpa2zmNWFARAkMb
+AJ9sSKb6Aj1fwF8QyDH5rArzoWOXYgCgj0OcgAVTjMHV1BaAKDvq+dfASKG0JUVy
+aWMgUC4gQWxsbWFuIDxlcmljQENTLkJlcmtlbGV5LkVEVT6JANUDBRAxPmCOSSSp
+RrHt/oUBAVdpBf9fXDKX23m0mI35fy8GkH2n6p+2j+r5fTCsJr0ShtXA1E8BS3XR
+Z9wPPbi925UoT0uBc8bAZhSwMMX19hVKyvo8tjmy3nRhhjfOZKTprjAGHDOQnfce
+UY2URhmM2ELkKioY3jVYnoTSiL5tLXDUfii/frwEG7ZY31LW1YErCKMl4lqlZucK
+XF7n7gijTPebGAYckU2XP1y0n5YZrNq4WQBv+6wgDD4wqtDiyCG1/O2jh7eJ1UDF
+3FvDOEfdcgKoID2JAJUDBRAvbcy3g3t4fqRAn2UBAW2nBACXg7tSyMU+Jj9NBrjg
+DLnYEoKWV0F++dWHqM0WisDOCwU+v51BUP/VJdqEwWc6CdUrbNbTHCVCG/3D0set
+DuvmkxBKpBsljN7gxDTfUEMciCrdtlEh/jJ5YZ1ofSujxIHjYZ6OJg/4x9AgdJ5O
+EsDUvK2fEI3+dFGRYrw2XUOqeokAVQMFEC9SbfUeUtMXXNLGGQEBz58B/AuGcYU/
+mNixrR5QYndJVmarw/0ewfRJMXzYXCn+9TFYy8gul9K6Mu3/zv3Z2BzB92sdsbVC
+rXlcazNrR/gedMGJAJUDBRAvUm2lI+Ri1L97pCEBAdDhA/9YP8KoUDp/YmSekMBU
+4myhSpFsCW5Fs6I07Cwn84Q/hkZ9myG+rGxUltBry2Z7CMcwQABa9D254FjV/BR6
+eVIgADSBIR2U3DSrEgSP0qGdT5yFCrbP5HOge59/b/0CknBlDvBLLD3HW+OrwOaQ
+cF/4gBUnbMJ01gZEY36IFgXsvokAdQMFEC/gXgxqmwnIWCbPjQEBQwIDAJRi8+tW
+be7gQpW5ZSriDbss6J3/dd/WDspD4WnwnoiNMFKzVDVRbZGAMjsSqsLCJSywdIus
+P7eLs0kayCx0ov7UcF/O6N0MYw/jy6NkFtiSND6TqtJ7Pc2SZcjetbpIkA==
+=StEG
+-----END PGP PUBLIC KEY BLOCK-----
+
+Type Bits KeyID Created Expires Algorithm Use
+sec+ 1024 0xA00E1563 1998-03-07 ---------- RSA Sign & Encrypt
+f16 Fingerprint16 = 66 39 58 9A 83 5F 52 26 88 E4 59 36 5A 94 D9 48
+uid Gregory Neil Shapiro <gshapiro@sendmail.org>
+uid Gregory Neil Shapiro <gshapiro@sendmail.com>
+
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: PGP for Personal Privacy 5.0
+
+mQCNAzUB04kAAAEEANHOOWZH9BdsPi8071kHB49qWAWL7OjoUk2NpItw5D9o/sRa
+jZbBwtvPSjx+/cC1Nka+apIuXGccjBzpu71DJFLxIYEk+MW33bSgymI19utPS1b7
+yHetCa6T3ggBsdSH3+gLbyK0bt+suRxxiAC6719HqHvUxuGWnHxLZ22gDhVjAAUR
+tCxHcmVnb3J5IE5laWwgU2hhcGlybyA8Z3NoYXBpcm9Ac2VuZG1haWwub3JnPokA
+lQMFEDUB04l8S2dtoA4VYwEBL7gEAIcDsmzwlzI5+KYILkeUmoOWeoOunDZ7ZRv9
+KvATWccEJdcdjGk4VPKtAGYWgPJBweLAaeZBHo5+cB/w4Ho+sPavHJoaXqk20u5T
+AtIv/DUKcPcE6MVvOYuWUsnHGuWDeSke/KKA1uRw7KEn8vDlBYktUres8ifHLGy0
+JM+aEs26iQCVAwUQNQnbcr3aj9Y/6n39AQGzkgQAhcwsoDO9Rl2oQSUYZpvcxUHF
+rroqSQFejRRfTCT2a3ejQDckeFTqT2VcLGv+QH+7sQFnRAlJrTWU6U/BoLsf3qnu
+dSijd2DiiCTQ5F88SBQjlRyxvXpQXOWGlmemmkV6kry/px4MaFAyF/35HCo0Rzd9
+S0brLFgrCiTzAS7/wRCJAJUDBRA1Cd2jI+Ri1L97pCEBAYw4BACh5m75gsGcClEX
+LUcxIOaANG2YNSr9r1lmHxcDq0V3Gpv02IauADL1+DX6o3sD+dX+WJxyAM7F8QBC
+up2ZtADL1uxiGz+AarDT4qzXyUeQnB47tkhPTnlcO60srtgkRKNex+lAuzzbWSAT
+vZpS4C90ZJASwMGr+M73V/66cwKA/4kAlQMFEDUVydtfHshviAyeVQEBwUMD/AoR
+E9p0DSgbPpSdojFok7BEe8fHLwJR31fBWetLOk5nsHuAHWBCasO9bmjgG8vls8YS
+iTkoJAMxXN03i1bRNL5X3F5Ex1HzrkjEsn51Fcx4Jyp3blXlf4yOBN2t+2DM8DfR
+vy1yVrvKtZ1TEhjM0zoG1DqjN8zf/hG23t+1rGZ3iQEVAwUQNRXjouNaWM2W6V8r
+AQEHowf/ZTBh0jzRC+oJHb/uewa/vnufEFeWoGZt5U9KZoKooUcZZ82RyZhzJzC2
+/5zQQQI9vY+Gh/bL+o7Eaj8+FlbXN9N31E/BhxTtR/v2FTr0HHn/kXKriG/Wjwpr
+Rj2hF9fu5HTVD0Bp3A/uQ4bUO9xT7edKGtQWgXEN77/xbD+LGrZ8CTFSohA+WIyr
+tgwL214ASBDv8j++V4lpTkzyJSjuFTL019hsjkeE4FvCXbELfvsVX0SOZK9Q45I+
+sgvsAZ0BBpasfaY47WShYGhTvvp2r/Z8xgy2erw4vhKz3jJCVmkK1cmAM0IvhwFn
+LSYfxI/T/1zEUj+56XTMc4C3dltXfYkAlQMFEDUV9Q08YShHTKshIQEBY7cD/2Rw
+Bu6ZJAoJaGKzbBOwEQG2JV3/o5W0Z/Tfy9x3kUDecgqEKN2M0b9zCkzCprotGNhJ
+3KXvva3XL2H9AlJd5aorcmvNSph38rPlP35Tt3xWXMBrB1CNR79WMZU+Wx1TlJMf
+i8EFURUkjD9WXRsn5P9ncPPKBGcCJ3MfA4LQvvvqiQCVAwUQNRZkreTJ6ktPts0d
+AQGsMwP/beohoVn7bcp9kkYW0d3mAlbZyrDzbi6Q+C0lS9s67g4k/QzWLY8vZAYc
+ywC2KDQjoc1mnw1bJ+S6u5WmMTnfrmXs8vUMpmM3no+ZIlk8FB6tdkKcIu3yuAd9
+CFz62uxnekRRCoIFnWadeZSyxOmdxtO99MUaM9D8Ob1fOH6vPWOJAJUDBRA1GUPT
+vFYqkcU0pUkBAXQVA/42rM5+DyOA2VoCCkYa0VgIuA5ECROFnwigcY8mxQx9D/Xv
+30Z0ePR4Bigur/eXqCC0Tt0cy213SUpED38xsXtmchK2lpCH5RlIwbr2SZKNWGSZ
+jGlSCRbLT2xo+WYxvXcUL0q4NYgG5gXG4lXUf8yyuo/MztQlBkPsoO2SLLX3MIkA
+dQMFEDVqLI6s4VzBBNt7HQEB/asC/igF9ebzNWnIlug1gienj8d31znRL1YKcn0h
+e5b5N2XPIXQ3cOBQxlufuHVZKL0Cir5MSozxnEsavqKSGhGQuEnvv6lbYh0/OJgo
+eB40EDPnPGjv6kcexzOB4rUOYr46w4kAlQMFEDVq3TUpbj1jWlwAqQEBqKQEAL9n
+C6RFsBFabbAw0ScsmW9ir/0Zz28pBmxMkUY8RL9Kk6jEkwCa3phztMao3qGajqXd
+iw5hzfAOdY+eWPXq/sqE2f81uU2TaFCsVq++rAcDqxhZ1p47xfGcBtVBTpgAl+9s
+8h33IsggglCumuhBkyCwOBFZ2JiN+BUAv6LbUvBWiQCVAwUQNYgrcJqnRzvJFyx1
+AQGiCgP+LLh7c6FxqVQbgm3qpwgReYryaQQx8sdksX1gZ6jIEC5gYTDh+vHmUJdi
+16I7Pz02e9R2yOsKU6e+zhCTauHtSM0CGYn9OdLx96WpJv6nul/KI8eztyV6Dl4k
+T8rFbuo0qs8Ib9exDmkdRh78Ihbask69R1w/OwLIlKesOiLo04eJAJUDBRA1x/fK
+P2UweumbYhUBAZCzA/0UQ5AB890HbWnvVHP9PdDT8KpIQYg7wm5aStpinY2/jfwA
+zl+kvaAwL6nTsTJiWNLfZj4rLn0JsG8176/lyl4Lk6QLkbGyBD+/u8tD6yL0NzYW
+lLIBwhxL8W8Fw889OKci72b6rrTcQNNEw2eZiSeTGJBQdZ4quDQZOthwtMEEe4kA
+lQMFEDXQKC8offu9cgNgzQEBXYAEAJSZ+CEGKswFmmQqO2t0WaO9SKZxxXtnGe/Z
++M8emTESQecZ5oC4Sc+M9c6YE8jSH5CgDD4R5EHKeWXsVfFMV8wetcjgB9AicCnl
+ki2hVT38Rf+b1go4lbKpPjKf+V32Xs/s/kblZ3SX11aOF7pkQCV2W1ebkZ+Tnim2
+Ec+pwLKytCxHcmVnb3J5IE5laWwgU2hhcGlybyA8Z3NoYXBpcm9Ac2VuZG1haWwu
+Y29tPokAlQMFEDUUq258S2dtoA4VYwEBrTQD/A8sNe02YWwDwQx1sHMoDeCN3hjV
+9lCdWlPa1Aj4Wsw4Jgf3Q1x+n2lmAUtov20tXVxtXohCjC0dNNyGZlIOKOXN/R8g
+6g3KkdAhENarH9Fibw/XaXC/VTnvvv5QQWNT3VGUDp9lMj/rUu8LjrxNwANWcSfU
+5mjUg0d0CFmYTqxqiQCVAwUQNRSr6L3aj9Y/6n39AQH0rAP/U8iMjZuwXGr280uC
+FtEpEkSqlNvxFW+C4K+89jluK2o+6zhUu/N73nJM7HHt7kA40FaH9TJfxnTR3VDR
+KbkpmZ1zPfrkgf+fE/rQgKn8enk8fWCMBdEDTjiCjXIoNNLK1Pyv0/x0yWt+n8kY
+RaS4GV/d5nilK7lFx/uISOZmQ3uJARUDBRA1FePa41pYzZbpXysBAYYMCACIMf6P
+Og0RgQS1QVpFrlUR2zQCEIv/ioWNGdXD43FDWkuyPmOGjOY8jpIYi7I2HBLtpbXR
+WNl00ignGWcMhGzdZqK+K55cyDTIC14vGFc7SUKMcQUOEVfyMtytMYvNr+95EBGM
+qlfUYxhoqfkguC3ZCmZvu2exdGndSXuxDA8d0KcjxDRAuIqfh7gekQTEkILf5Xkf
+nSwsEdFwthW/vAWXYSNNF/L8Q5SXVi35ez0qqMJTa1rSzoRGkBKcxplJZ7YQfnBu
+zp25LaeiF66UT9/6tAggKOfkqD/r7UwfVHYGK86HuzAdfepOv+hIrhouZZiXhkFQ
+4ypAkFgaXj1AOgFTiQCVAwUQNRZkweTJ6ktPts0dAQHMqgP8DwJsWJUP7yELDOxc
+x8Zh2EY78w1J94CTcYQPqF8+xaVpFdAt1tw1P6/KW0kjq2arfMW+xleXRhvchB/l
+8kzjmocDIQx6C7x0rf4rwG7ZxulZgqI1NrB8EnIPzPBBeBP4aKdtGOg8S8585iH4
+zrWpW6Z/KOXQcDGge34pdN7JV9uJAJUDBRA1FmuyPGEoR0yrISEBAcsCBAChTZnQ
+nS6PYAYp8OOB7/0evMSug+0PSGkxEzYZVcr/WUgijfsZ+DfVOYtXwKvuL3O+yUeK
+oP3Uqs9wKMTr8tVIv8geoFYoxLuHD3P4EOYxjOI8Yk9/bNRT4E0NoEJQi58OIzwz
+ORBztEhCFLWz/SCBpoXfMpLmplmxEUcHkj0ryokAlQMFEDUZQ9+8ViqRxTSlSQEB
+mKgD/ibbOd/iRJ+cvaGSzns0hsz4nSFJdn2C09Bz4OPlIF6uslaeG7GR/fm7p8Qg
+PPd5907mvMRStaK+gYLv3h50Nz9ckUvPB3erW/Xy7txCk1idI21b2QaAbmAYQ1r1
+HrFQXogDY/Pblj2pMYXC0sX4efQSbc5OTRr6W6ijqxRXNJQkiQCVAwUQNR+ubCPk
+YtS/e6QhAQHiiwQAl9sGXG/TxwGyacjrgG6wTAz/PYhh+0CGDFjyC0wPXQjE/ICI
+6/kjl6fYNhFQdRNPYhfY48TWk9iqIiInpylk5ieLzJD62yrUlXCZH5xx/MA3PzD5
+xczRO74R+4lVxuI/zGXdQMGm+P0ydzAma3gOhyN+85XzzFy/QOtPMihffLeJAHUD
+BRA1aizMrOFcwQTbex0BAZP8Av0d+FY9zxS1okG2rXQFubkDoBREChWnKMSO+y+F
+Kj2rDExoSt7EXn44DQWd8a3nz45u2Csr/JsntN9zr2OjOA3AUEsXyHmHHjDRQlaj
+a5G7aHDRz4zaCDrxGiIMO5d1AfqJAJUDBRA1auWNKW49Y1pcAKkBActRA/4nLsGd
++N2OAiRhJvCZzLu6xhUEjMHwYJvxtYzcp2R3dFczbtgWKl8BGkeA91Gwm2ESu650
+WOyT5f9GC1T+zSZc8j0voZJOEMBxefrCA4jlwRA51CplYm7nbBaHk1OVER7zUYCB
+olZLkgqCjUA39HvMZ/WhQoIAXpKMpU2zSCtTPYkAlQMFEDWILQyap0c7yRcsdQEB
+TEQEAIElJUWiqoKT9X7TnHHlIHTSDhqVbsQdNjhB9g/hs5Rpl/pgDRCX1o32C2JT
+b1OkjlWMd2RtKFcSCSYTqDKwmnxQfxvo/SgM0Gv3V5dpTlNc35g0gksgJGiozEIO
+/6Hn6GHjrRh4fpRmv8ySHfzeJJq6+JttLy8uRmvywC4FSfp/iQCVAwUQNcf3kD9l
+MHrpm2IVAQGu2AP+MjnlXXhtUH+i1V82j/Az5N+qwWKJbbQK2Qd95oE43BI8ES+8
+0MAuP58oA9XikkcFX6Lqunvv2FRC5hsi+SsSXx67poMsQzk71mqxDR+dY+iCw36O
+BLK2NtITxxAIKQwj79xNqzgsfm3cpti32t+C/kGkYbONonZHz5uhAG+N0jQ=
+=idnw
+-----END PGP PUBLIC KEY BLOCK-----
+
+$Revision: 8.5 $, Last updated $Date: 1999/11/23 19:08:03 $
diff --git a/contrib/sendmail/README b/contrib/sendmail/README
index c7ff734b9251..a05adc0fcd91 100644
--- a/contrib/sendmail/README
+++ b/contrib/sendmail/README
@@ -1,25 +1,34 @@
-/*-
- * @(#)README 8.51 (Berkeley) 1/25/1999
- */
SENDMAIL RELEASE 8
This directory has the latest sendmail(TM) software from Sendmail, Inc.
-See doc/changes/changes.me for a summary of changes since 5.67.
Report any bugs to sendmail-bugs@sendmail.ORG
-There is a web site at http://WWW.Sendmail.ORG -- see that site for
+There is a web site at http://WWW.Sendmail.ORG/ -- see that site for
the latest updates.
-******************************************************************
-** A new Build architecture is in place that allows you to **
-** use the "Build" shell script in any of the program **
-** directories. On many environments this will do everything **
-** for you, no fuss, no muss. See src/README for more details **
-** of compilation. See cf/README for details about building **
-** a runtime configuration file. **
-******************************************************************
++--------------+
+| INTRODUCTION |
++--------------+
+
+0. The vast majority of queries to <sendmail-questions@sendmail.org>
+ are answered in the README files noted below.
+
+1. Read this README file, especially this introduction, and the DIRECTORY
+ PERMISSIONS sections.
+
+2. Read sendmail/README, especially:
+ a. the introduction
+ b. the BUILDING SENDMAIL section
+ c. the relevant part(s) of the OPERATING SYSTEM AND COMPILE QUIRKS section
+
+ You may also find these useful:
+
+ d. devtools/README
+ e. devtools/Site/README
+
+3. Read cf/README.
Sendmail is a trademark of Sendmail, Inc.
@@ -30,25 +39,24 @@ Sendmail is a trademark of Sendmail, Inc.
Sendmail often gets blamed for many problems that are actually the
result of other problems, such as overly permissive modes on directories.
For this reason, sendmail checks the modes on system directories and
-files to determine if can have been trusted. For sendmail to run
-without complaining, you MUST execute the following command:
+files to determine if they can be trusted. For sendmail to run without
+complaining, you MUST execute the following command:
chmod go-w / /etc /etc/mail /usr /var /var/spool /var/spool/mqueue
chown root / /etc /etc/mail /usr /var /var/spool /var/spool/mqueue
You will probably have to tweak this for your environment (for example,
some systems put the spool directory into /usr/spool instead of
-/var/spool and use /etc/mail for aliases file instead of /etc). If you
-set the RunAsUser option in your sendmail.cf, the /var/spool/mqueue
-directory will have to be owned by the RunAsUser user. As a general rule,
-after you have compiled sendmail, run the command
+/var/spool). If you set the RunAsUser option in your sendmail.cf, the
+/var/spool/mqueue directory will have to be owned by the RunAsUser user.
+As a general rule, after you have compiled sendmail, run the command
sendmail -v -bi
to initialize the alias database. If it gives messages such as
WARNING: writable directory /etc
- WARNING: writable directory /usr/spool/mqueue
+ WARNING: writable directory /var/spool/mqueue
then the directories listed have inappropriate write permissions and
should be secured to avoid various possible security attacks.
@@ -81,8 +89,8 @@ the items in the file to be marked as safe for file and program
delivery.
Other files affected by this strengthened security include class
-files (i.e. Fw /etc/sendmail.cw), persistent host status files, and
-the files specified by the ErrorHeader and HelpFile options. Similar
+files (i.e. Fw /etc/mail/local-host-names), persistent host status files,
+and the files specified by the ErrorHeader and HelpFile options. Similar
DontBlameSendmail flags are available for the class, ErrorHeader, and
HelpFile files.
@@ -92,73 +100,22 @@ a "chmod go-w $FILE" on each. Also, do a "chmod go-w $DIR" for
each directory in the file's path.
-+--------------+
-| MANUAL PAGES |
-+--------------+
-
-The sendmail manual pages use contemporary Berkeley troff macros. If
-your system does not process these manual pages, you can pick up the
-new macros in a BSD Net/2 FTP site (e.g. on FTP.UU.NET, the files
-/systems/unix/bsd-sources/share/tmac/*).
-
-The strip.sed file is only used in installation.
-
-After installation, edit tmac.doc and tmac.andoc to reflect the
-installation path of the tmac files. Those files contain pointers to
-/usr/share/tmac/, and those pointers are not changed by the `make
-install` process. There's also a bug in those files -- make the
-following patch:
-
-*** tmac.an~ Tue Jul 12 14:29:09 1994
---- tmac.an Fri Jul 15 13:17:54 1994
-***************
-*** 50,55 ****
- .de TH
- .rn TH xX
- .so /usr/share/lib/tmac/tmac.an.old
-! .TH \\$1 \\$2 \\$3 \\$4 \\$5 \\$6 \\$7 \\$8
- .rm xX
- ..
---- 50,55 ----
- .de TH
- .rn TH xX
- .so /usr/share/lib/tmac/tmac.an.old
-! .TH "\\$1" "\\$2" "\\$3" "\\$4" "\\$5" "\\$6" "\\$7" "\\$8"
- .rm xX
- ..
-
-Rename the existing tmac.an to be tmac.an.old, and rename tmac.andoc
-to be tmac.an.
-
-tmac.an will choose between tmac.an.old, your old macros, or tmac.doc,
-which are the new macros, so that both the new man pages and the
-existing man pages will be translated properly.
-
-I'm also told that the groff distribution from MIT has a tmac.doc
-macro set that is compatible with these macros.
-
-
+-----------------------+
| RELATED DOCUMENTATION |
+-----------------------+
There are other files you should read. Rooted in this directory are:
- doc/changes/changes.ps
- Describes changes between Release 5 and Release 8 of sendmail.
- There are some things that may behave somewhat differently.
- For example, the rules governing when :include: files will
- be read have been tightened up for security reasons.
FAQ
Answers to Frequently Asked Questions.
+ INSTALL
+ Installation instructions for building and installing sendmail.
KNOWNBUGS
- Known bugs in the current release. I try to keep this up
- to date -- get the latest version from FTP.Sendmail.ORG
- in /ucb/sendmail/KNOWNBUGS.
+ Known bugs in the current release.
RELEASE_NOTES
A detailed description of the changes in each version. This
is quite long, but informative.
- src/README
+ sendmail/README
Details on compiling and installing sendmail.
cf/README
Details on configuring sendmail.
@@ -180,15 +137,8 @@ There are other files you should read. Rooted in this directory are:
+--------------+
There are several related RFCs that you may wish to read -- they are
-available via anonymous FTP to several sites, including:
-
- ftp://nic.ddn.mil/rfc/
- ftp://nis.nsf.net/documents/rfc/
- ftp://nisc.jvnc.net/rfc/
- ftp://venera.isi.edu/in-notes/
- ftp://wuarchive.wustl.edu/doc/rfc/
-
-For a list of the primary repositories see:
+available via anonymous FTP to several sites. For a list of the
+primary repositories see:
http://www.isi.edu/in-notes/rfc-retrieval.txt
@@ -233,7 +183,11 @@ Important RFCs for electronic mail are:
RFC1894 An Extensible Message Format for Delivery Status
Notifications
RFC1985 SMTP Service Extension for Remote Message Queue Starting
- RFC2033 Local Mail Transfer Protocol
+ RFC2033 Local Mail Transfer Protocol (LMTP)
+ RFC2034 SMTP Service Extension for Returning Enhanced Error Codes
+ RFC2476 Message Submission
+ RFC2487 SMTP Service Extension for Secure SMTP over TLS
+ RFC2554 SMTP Service Extension for Authentication
Other standards that may be of interest (but which are less directly
relevant to sendmail) are:
@@ -246,6 +200,27 @@ MB, MR, or MG DNS resource records, as defined (as experiments) in
RFC1035.
++---------+
+| WARNING |
++---------+
+
+Since sendmail 8.11 and later includes hooks to cryptography, the
+following information from OpenSSL applies to sendmail as well.
+
+PLEASE REMEMBER THAT EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY
+SOFTWARE, PROVIDING CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING
+TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME
+PARTS OF THE WORLD. SO, WHEN YOU IMPORT THIS PACKAGE TO YOUR
+COUNTRY, RE-DISTRIBUTE IT FROM THERE OR EVEN JUST EMAIL TECHNICAL
+SUGGESTIONS OR EVEN SOURCE PATCHES TO THE AUTHOR OR OTHER PEOPLE
+YOU ARE STRONGLY ADVISED TO PAY CLOSE ATTENTION TO ANY EXPORT/IMPORT
+AND/OR USE LAWS WHICH APPLY TO YOU. THE AUTHORS ARE NOT LIABLE FOR
+ANY VIOLATIONS YOU MAKE HERE. SO BE CAREFUL, IT IS YOUR RESPONSIBILITY.
+
+If you use OpenSSL then make sure you read their README file which
+contains information about patents etc.
+
+
+-------------------+
| DATABASE ROUTINES |
+-------------------+
@@ -263,12 +238,12 @@ you will need to provide that directory when building:
Build -I/path/to/include/directory
If you are using Berkeley DB versions 1.85 or 1.86, you are *strongly*
-urged to upgrade to DB version 2, available from http://www.sleepycat.com/.
-Berkeley DB versions 1.85 and 1.86 are known to be broken in various nasty
-ways (see http://www.sleepycat.com/db.185.html), and can cause sendmail
-to dump core. In addition, the newest versions of gcc and the Solaris
-compilers perform optimizations in those versions that may cause fairly
-random core dumps.
+urged to upgrade to DB version 2 or later, available from
+http://www.sleepycat.com/. Berkeley DB versions 1.85 and 1.86 are known to
+be broken in various nasty ways (see http://www.sleepycat.com/db.185.html),
+and can cause sendmail to dump core. In addition, the newest versions of
+gcc and the Solaris compilers perform optimizations in those versions that
+may cause fairly random core dumps.
If you have no choice but to use Berkeley DB 1.85 or 1.86, and you are
using both Berkeley DB and files in the UNIX ndbm format, remove ndbm.h
@@ -285,10 +260,10 @@ If you are using Berkeley DB version 2.3.15 or greater, no changes are
necessary.
The underlying database file formats changed between Berkeley DB versions
-1.85 and 1.86, and again between DB 1.86 and version 2.0. If you are
-upgrading from one of those versions, you must recreate your database
-file(s). Do this by rebuilding all maps with makemap and rebuilding the
-alias file with newaliases.
+1.85 and 1.86, again between DB 1.86 and version 2.0, and finally between
+DB 2.X and 3.X. If you are upgrading from one of those versions, you must
+recreate your database file(s). Do this by rebuilding all maps with
+makemap and rebuilding the alias file with newaliases.
+--------------------+
@@ -331,17 +306,16 @@ install it.
+----------------+
Sendmail 8 supports the IDENT protocol, as defined by RFC 1413.
-No ident server is included with this distribution. I have found
-copies available on:
-
- ftp.lysator.liu.se /pub/ident/servers
- romulus.ucs.uoknor.edu /networking/ident/servers
- ftp.cyf-kr.edu.pl /agh/uciagh/network/ident
+Note that the RFC states a client should wait at least 30 seconds
+for a response. As of 8.10.0, the default Timeout.ident is 5 seconds
+as many sites have adopted the practice of dropping IDENT queries.
+This has lead to delays processing mail.
-If you want to run an IDENT server, I suggest getting a copy from
-one of those sites. Versions are available for several different
-systems, including Apollo, BSD, NeXT, AIX, TOPS20, and VMS.
+No ident server is included with this distribution. It is available
+from:
+ ftp://ftp.lysator.liu.se/pub/ident/servers/
+ http://sf.www.lysator.liu.se/~pen/pidentd/
+-------------------------+
| INTEROPERATION PROBLEMS |
@@ -353,6 +327,14 @@ Microsoft Exchange Server 5.0
"connection reset" and "I/O error".'' Upgrading Exchange from
Version 5.0 to Version 5.5 Service Pack 2 solved this problem.
+CommuniGate Pro
+ CommuniGate Pro 3.2.4 does not accept the AUTH= -parameter on
+ the MAIL FROM command if the client is not authenticated. Use
+
+ define(`confAUTH_OPTIONS', `A')
+
+ in .mc file if you have compiled sendmail with Cyrus SASL
+ and you communicate with CommuniGate Pro servers.
+---------------------+
| DIRECTORY STRUCTURE |
@@ -368,15 +350,19 @@ contrib Some contributed tools to help with sendmail. THESE
ARE NOT SUPPORTED by sendmail -- contact the original
authors if you have problems. (This directory is not
on the 4.4BSD tape.)
+devtools Build environment. See devtools/README.
doc Documentation. If you are getting source, read
op.me -- it's long, but worth it.
+include Include files used by multiple programs in the distribution.
+libsmdb sendmail database library with support for Berkeley DB 1.X,
+ Berkeley DB 2.X, Berkeley DB 3.X, and NDBM.
+libsmutil sendmail utility library with functions used by different
+ programs.
mail.local The source for the local delivery agent used for 4.4BSD.
THIS IS NOT PART OF SENDMAIL! and may not compile
everywhere, since it depends on some 4.4-isms. Warning:
it does mailbox locking differently than other systems.
-mailstats Statistics printing program. It has the pathname of
- sendmail.st compiled in, so if you've changed that,
- beware.
+mailstats Statistics printing program.
makemap A program that creates the keyed maps used by the $( ... $)
construct in sendmail. It is primitive but effective.
It takes a very simple input format, so you will probably
@@ -390,10 +376,13 @@ rmail Source for rmail(8). This is used as a delivery
other non-socket oriented mailers. Older versions of
rmail are probably deficient. RMAIL IS NOT PART OF
SENDMAIL!!! The 4.4BSD source is included for you to
- look at or try to port to your system. I know it doesn't
- compile on {SunOS, HP-UX, OSF/1, other} (pick one).
+ look at or try to port to your system. There is no
+ guarantee it will even compile on your operating system.
smrsh The "sendmail restricted shell", which can be used as
a replacement for /bin/sh in the prog mailer to provide
increased security control. NOT PART OF SENDMAIL!
-src Source for the sendmail program itself.
+sendmail Source for the sendmail program itself.
test Some test scripts (currently only for compilation aids).
+vacation Source for the vacation program. NOT PART OF SENDMAIL!
+
+$Revision: 8.71.4.6 $, Last updated $Date: 2000/06/29 04:18:43 $
diff --git a/contrib/sendmail/RELEASE_NOTES b/contrib/sendmail/RELEASE_NOTES
index e50c3b58862c..1dea007204b9 100644
--- a/contrib/sendmail/RELEASE_NOTES
+++ b/contrib/sendmail/RELEASE_NOTES
@@ -1,12 +1,1662 @@
SENDMAIL RELEASE NOTES
- @(#)RELEASE_NOTES 8.9.3.1 (Berkeley) 2/4/1999
+ $Id: RELEASE_NOTES,v 8.561.2.5.2.80 2000/07/19 20:40:57 gshapiro Exp $
This listing shows the version of the sendmail binary, the version
of the sendmail configuration files, the date of release, and a
summary of the changes in that release.
-8.9.3/8.9.3 99/02/04
+8.11.0/8.11.0 2000/07/19
+ SECURITY: If sendmail is installed as a non-root set-user-ID binary
+ (not the normal case), some operating systems will still
+ keep a saved-uid of the effective-uid when sendmail tries
+ to drop all of its privileges. If sendmail needs to drop
+ these privileges and the operating system doesn't set the
+ saved-uid as well, exit with an error. Problem noted by
+ Kari Hurtta of the Finnish Meteorological Institute.
+ SECURITY: sendmail depends on snprintf() NUL terminating the string
+ it populates. It is possible that some broken
+ implementations of snprintf() exist that do not do this.
+ Systems in this category should compile with
+ -DSNPRINTF_IS_BROKEN=1. Use test/t_snprintf.c to test your
+ system and report broken implementations to
+ sendmail-bugs@sendmail.org and your OS vendor. Problem
+ noted by Slawomir Piotrowski of TELSAT GP.
+ Support SMTP Service Extension for Secure SMTP (RFC 2487) (STARTTLS).
+ Implementation influenced by the example programs of
+ OpenSSL and the work of Lutz Jaenicke of TU Cottbus.
+ Add new STARTTLS related options CACERTPath, CACERTFile,
+ ClientCertFile, ClientKeyFile, DHParameters, RandFile,
+ ServerCertFile, and ServerKeyFile. These are documented in
+ cf/README and doc/op/op.*.
+ New STARTTLS related macros: ${cert_issuer}, ${cert_subject},
+ ${tls_version}, ${cipher}, ${cipher_bits}, ${verify},
+ ${server_name}, and ${server_addr}. These are documented
+ in cf/README and doc/op/op.*.
+ Add support for the Entropy Gathering Daemon (EGD) for better
+ random data.
+ New DontBlameSendmail option InsufficientEntropy for systems which
+ don't properly seed the PRNG for OpenSSL but want to
+ try to use STARTTLS despite the security problems.
+ Support the security layer in SMTP AUTH for mechanisms which
+ support encryption. Based on code contributed by Tim
+ Martin of CMU.
+ Add new macro ${auth_ssf} to reflect the SMTP AUTH security
+ strength factor.
+ LDAP's -1 (single match only) flag was not honored if the -z
+ (delimiter) flag was not given. Problem noted by ST Wong of
+ the Chinese University of Hong Kong. Fix from Mark Adamson
+ of CMU.
+ Add more protection from accidentally tripping OpenLDAP 1.X's
+ ld_errno == LDAP_DECODING_ERROR hack on ldap_next_attribute().
+ Suggested by Kurt Zeilenga of OpenLDAP.
+ Fix the default family selection for DaemonPortOptions. As
+ documented, unless a family is specified in a
+ DaemonPortOptions option, "inet" is the default. It is
+ also the default if no DaemonPortOptions value is set.
+ Therefore, IPv6 users should configure additional sockets
+ by adding DaemonPortOptions settings with Family=inet6 if
+ they wish to also listen on IPv6 interfaces. Problem noted
+ by Jun-ichiro itojun Hagino of the KAME Project.
+ Set ${if_family} when setting ${if_addr} and ${if_name} to reflect
+ the interface information for an outgoing connection.
+ Not doing so was creating a mismatch between the socket
+ family and address used in subsequent connections if the
+ M=b modifier was set in DaemonPortOptions. Problem noted
+ by John Beck of Sun Microsystems.
+ If DaemonPortOptions modifier M=b is used, determine the socket
+ family based on the IP address. ${if_family} is no longer
+ persistent (i.e., saved in qf files). Patch from John Beck
+ of Sun Microsystems.
+ sendmail 8.10 and 8.11 reused the ${if_addr} and ${if_family}
+ macros for both the incoming interface address/family and
+ the outgoing interface address/family. In order for M=b
+ modifier in DaemonPortOptions to work properly, preserve
+ the incoming information in the queue file for later
+ delivery attempts.
+ Use SMTP error code and enhanced status code from check_relay in
+ responses to commands. Problem noted by Jeff Wasilko of
+ smoe.org.
+ Add more vigilance in checking for putc() errors on output streams
+ to protect from a bug in Solaris 2.6's putc(). Problem
+ noted by Graeme Hewson of Oracle.
+ The LDAP map -n option (return attribute names only) wasn't working.
+ Problem noted by Ajay Matia.
+ Under certain circumstances, an address could be listed as deferred
+ but would be bounced back to the sender as failed to be
+ delivered when it really should have been queued. Problem
+ noted by Allan E Johannesen of Worcester Polytechnic Institute.
+ Prevent a segmentation fault in a child SMTP process from getting
+ the SMTP transaction out of sync. Problem noted by Per
+ Hedeland of Ericsson.
+ Turn off RES_DEBUG if SFIO is defined unless SFIO_STDIO_COMPAT
+ is defined to avoid a core dump due to incompatibilities
+ between sfio and stdio. Problem noted by Neil Rickert
+ of Northern Illinois University.
+ Don't log useless envelope ID on initial connection log. Problem
+ noted by Kari Hurtta of the Finnish Meteorological Institute.
+ Convert the free disk space shown in a control socket status query
+ to kilobyte units.
+ If TryNullMXList is True and there is a temporary DNS failure
+ looking up the hostname, requeue the message for a later
+ attempt. Problem noted by Ari Heikkinen of Pohjois-Savo
+ Polytechnic.
+ Under the proper circumstances, failed connections would be recorded
+ as "Bad file number" instead of "Connection failed" in the
+ queue file and persistent host status. Problem noted by
+ Graeme Hewson of Oracle.
+ Avoid getting into an endless loop if a non-hoststat directory exists
+ within the hoststatus directory (e.g., lost+found).
+ Patch from Valdis Kletnieks of Virginia Tech.
+ Make sure Timeout.queuereturn=now returns a bounce message to the
+ sender. Problem noted by Per Hedeland of Ericsson.
+ If a message data file can't be opened at delivery time, panic and
+ abort the attempt instead of delivering a message that
+ states "<<< No Message Collected >>>".
+ Fixup the GID checking code from 8.10.2 as it was overly
+ restrictive. Problem noted by Mark G. Thomas of Mark
+ G. Thomas Consulting.
+ Preserve source port number instead of replacing it with the ident
+ port number (113).
+ Document the queue status characters in the mailq man page.
+ Suggested by Ulrich Windl of the Universitat Regensburg.
+ Process queued items in which none of the recipient addresses have
+ host portions (or there are no recipients). Problem noted
+ by Valdis Kletnieks of Virginia Tech.
+ If a cached LDAP connection is used for multiple maps, make sure
+ only the first to open the connection is allowed to close
+ it so a later map close doesn't break the connection for
+ other maps. Problem noted by Wolfgang Hottgenroth of UUNET.
+ Netscape's LDAP libraries do not support Kerberos V4
+ authentication. Patch from Rainer Schoepf of the
+ University of Mainz.
+ Provide workaround for inconsistent handling of data passed
+ via callbacks to Cyrus SASL prior to version 1.5.23.
+ Mention ENHANCEDSTATUSCODES in the SMTP HELP helpfile. Omission
+ noted by Ulrich Windl of the Universitat Regensburg.
+ Portability:
+ Add the ability to read IPv6 interface addresses into class
+ 'w' under FreeBSD (and possibly others). From Jun
+ Kuriyama of IMG SRC, Inc. and the FreeBSD Project.
+ Replace code for finding the number of CPUs on HPUX.
+ NCRUNIX MP-RAS 3.02 SO_REUSEADDR socket option does not
+ work properly causing problems if the accept()
+ fails and the socket needs to be reopened. Patch
+ from Tom Moore of NCR.
+ NetBSD uses a .0 extension of formatted man pages. From
+ Andrew Brown of Graffiti World Wide, Inc.
+ Return to using the IPv6 AI_DEFAULT flag instead of AI_V4MAPPED
+ for calls to getipnodebyname(). The Linux
+ implementation is broken so AI_ADDRCONFIG is stripped
+ under Linux. From John Beck of Sun Microsystems and
+ John Kennedy of Cal State University, Chico.
+ CONFIG: Catch invalid addresses containing a ',' at the wrong place.
+ Patch from Neil Rickert of Northern Illinois University.
+ CONFIG: New variables for the new sendmail options:
+ confCACERT_PATH CACERTPath
+ confCACERT CACERTFile
+ confCLIENT_CERT ClientCertFile
+ confCLIENT_KEY ClientKeyFile
+ confDH_PARAMETERS DHParameters
+ confRAND_FILE RandFile
+ confSERVER_CERT ServerCertFile
+ confSERVER_KEY ServerKeyFile
+ CONFIG: Provide basic rulesets for TLS policy control and add new
+ tags to the access database to support these policies. See
+ cf/README for more information.
+ CONFIG: Add TLS information to the Received: header.
+ CONFIG: Call tls_client ruleset from check_mail in case it wasn't
+ called due to a STARTTLS command.
+ CONFIG: If TLS_PERM_ERR is defined, TLS related errors are permanent
+ instead of temporary.
+ CONFIG: FEATURE(`relay_hosts_only') didn't work in combination with
+ the access map and relaying to a domain without using a To:
+ tag. Problem noted by Mark G. Thomas of Mark G. Thomas
+ Consulting.
+ CONFIG: Set confEBINDIR to /usr/sbin to match the devtools entry in
+ OSTYPE(`linux') and OSTYPE(`mklinux'). From Tim Pierce of
+ RootsWeb.com.
+ CONFIG: Make sure FEATURE(`nullclient') doesn't use aliasing and
+ forwarding to make it as close to the old behavior as
+ possible. Problem noted by George W. Baltz of the
+ University of Maryland.
+ CONFIG: Added OSTYPE(`darwin') for Mac OS X and Darwin users. From
+ Wilfredo Sanchez of Apple Computer, Inc.
+ CONFIG: Changed the map names used by FEATURE(`ldap_routing') from
+ ldap_mailhost and ldap_mailroutingaddress to ldapmh and
+ ldapmra as underscores in map names cause problems if
+ underscore is in OperatorChars. Problem noted by Bob Zeitz
+ of the University of Alberta.
+ CONFIG: Apply blacklist_recipients also to hosts in class {w}.
+ Patch from Michael Tratz of Esosoft Corporation.
+ CONFIG: Use A=TCP ... instead of A=IPC ... in SMTP mailers.
+ CONTRIB: Add link_hash.sh to create symbolic links to the hash
+ of X.509 certificates.
+ CONTRIB: passwd-to-alias.pl: More protection from special characters;
+ treat special shells as root aliases; skip entries where the
+ GECOS full name and username match. From Ulrich Windl of the
+ Universitat Regensburg.
+ CONTRIB: qtool.pl: Add missing last_modified_time method and fix a
+ typo. Patch from Graeme Hewson of Oracle.
+ CONTRIB: re-mqueue.pl: Improve handling of a race between re-mqueue
+ and sendmail. Patch from Graeme Hewson of Oracle.
+ CONTRIB: re-mqueue.pl: Don't exit(0) at end so can be called as
+ subroutine Patch from Graeme Hewson of Oracle.
+ CONTRIB: Add movemail.pl (move old mail messages between queues by
+ calling re-mqueue.pl) and movemail.conf (configuration
+ script for movemail.pl). From Graeme Hewson of Oracle.
+ CONTRIB: Add cidrexpand (expands CIDR blocks as a preprocessor to
+ makemap). From Derek J. Balling of Yahoo,Inc.
+ DEVTOOLS: INSTALL_RAWMAN installation option mistakenly applied any
+ extension modifications (e.g., MAN8EXT) to the installation
+ target. Patch from James Ralston of Carnegie Mellon
+ University.
+ DEVTOOLS: Add support for SunOS 5.9.
+ DEVTOOLS: New option confLN contains the command used to create
+ links.
+ LIBSMDB: Berkeley DB 2.X and 3.X errors might be lost and not
+ reported.
+ MAIL.LOCAL: DG/UX portability. Problem noted by Tim Boyer of
+ Denman Tire Corporation.
+ MAIL.LOCAL: Prevent a possible DoS attack when compiled with
+ -DCONTENTLENGTH. Based on patch from 3APA3A@SECURITY.NNOV.RU.
+ MAILSTATS: Fix usage statement (-p and -o are optional).
+ MAKEMAP: Change man page layout as workaround for problem with nroff
+ and -man on Solaris 7. Patch from Larry Williamson.
+ RMAIL: AIX 4.3 has snprintf(). Problem noted by David Hayes of
+ Black Diamond Equipment, Limited.
+ RMAIL: Prevent a segmentation fault if the incoming message does not
+ have a From line.
+ VACATION: Read all of the headers before deciding whether or not
+ to respond instead of stopping after finding recipient.
+ Added Files:
+ cf/ostype/darwin.m4
+ contrib/cidrexpand
+ contrib/link_hash.sh
+ contrib/movemail.conf
+ contrib/movemail.pl
+ devtools/OS/SunOS.5.9
+ test/t_snprintf.c
+
+8.10.2/8.10.2 2000/06/07
+ SECURITY: Work around broken Linux setuid() implementation.
+ On Linux, a normal user process has the ability to subvert
+ the setuid() call such that it is impossible for a root
+ process to drop its privileges. Problem noted by Wojciech
+ Purczynski of elzabsoft.pl.
+ SECURITY: Add more vigilance around set*uid(), setgid(), setgroups(),
+ initgroups(), and chroot() calls.
+ Added Files:
+ test/t_setuid.c
+
+8.10.1/8.10.1 2000/04/06
+ SECURITY: Limit the choice of outgoing (client-side) SMTP
+ Authentication mechanisms to those specified in
+ AuthMechanisms to prevent information leakage. We do not
+ recommend use of PLAIN for outgoing mail as it sends the
+ password in clear text to possibly untrusted servers. See
+ cf/README's DefaultAuthInfo section for additional information.
+ Copy the ident argument for openlog() to avoid problems on some
+ OSs. Based on patch from Rob Bajorek from Webhelp.com.
+ Avoid bogus error message when reporting an alias line as too long.
+ Avoid bogus socket error message if sendmail.cf version level is
+ greater than sendmail binary supported version. Patch
+ from John Beck of Sun Microsystems.
+ Prevent a malformed ruleset (missing right hand side) from causing
+ a segmentation fault when using address test mode. Based on
+ patch from John Beck of Sun Microsystems.
+ Prevent memory leak from use of NIS maps and yp_match(3). Problem
+ noted by Gil Kloepfer of the University of Texas at Austin.
+ Fix queue file permission checks to allow for TrustedUser ownership.
+ Change logging of errors from the trust_auth ruleset to LogLevel 10
+ or higher.
+ Avoid simple password cracking attacks against SMTP AUTH by using
+ exponential delay after too many tries within one connection.
+ Encode an initial empty AUTH challenge as '=', not as empty string.
+ Avoid segmentation fault on EX_SOFTWARE internal error logs.
+ Problem noted by Allan E Johannesen of Worcester
+ Polytechnic Institute.
+ Ensure that a header check which resolves to $#discard actually
+ discards the message.
+ Emit missing value warnings for aliases with no right hand side
+ when newaliases is run instead of only when delivery is
+ attempted to the alias.
+ Remove AuthOptions missing value warning for consistency with other
+ flag options.
+ Portability:
+ SECURITY: Specify a run-time shared library search path for
+ AIX 4.X instead of using the dangerous AIX 4.X
+ linker semantics. AIX 4.X users should consult
+ sendmail/README for further information. Problem
+ noted by Valdis Kletnieks of Virginia Tech.
+ Avoid use of strerror(3) call. Problem noted by Charles
+ Levert of Ecole Polytechnique de Montreal.
+ DGUX requires -lsocket -lnsl and has a non-standard install
+ program. From Tim Boyer of Denman Tire Corporation.
+ HPUX 11.0 has a broken res_search() function.
+ Updates to devtools/OS/NeXT.3.X, NeXT.4.X, and NEXTSTEP.4.X
+ from J. P. McCann of E I A.
+ Digital UNIX/Compaq Tru64 5.0 now includes snprintf(3).
+ Problem noted by Michael Long of Info Avenue Internet
+ Services, LLC.
+ Modern (post-199912) OpenBSD versions include working
+ strlc{at,py}(3) functions. From Todd C. Miller of
+ Courtesan Consulting.
+ SINIX doesn't have random(3). From Gerald Rinske of
+ Siemens Business Services.
+ CONFIG: Change error message about unresolvable sender domain to
+ include the sender address. Proposed by Wolfgang Rupprecht
+ of WSRCC.
+ CONFIG: Fix usenet mailer calls.
+ CONFIG: If RELAY_MAILER_FLAGS is not defined, use SMTP_MAILER_FLAGS
+ to be backward compatible with 8.9.
+ CONFIG: Change handling of default case @domain for virtusertable
+ to allow for +*@domain to deal with +detail.
+ CONTRIB: Remove converting.sun.configs -- it is obsolete.
+ DEVTOOLS: confUBINMODE was being ignored. Fix from KITAZIMA, Tuneki
+ of NEC.
+ DEVTOOLS: Add to NCR platform list and include the architecture
+ (i486). From Tom J. Moore of NCR.
+ DEVTOOLS: SECURITY: Change method of linking with sendmail utility
+ libraries to work around the AIX 4.X and SunOS 4.X linker's
+ overloaded -L option. Problem noted by Valdis Kletnieks of
+ Virginia Tech.
+ DEVTOOLS: configure.sh was overriding the user's choice for
+ confNROFF. Problem noted by Glenn A. Malling of Syracuse
+ University.
+ DEVTOOLS: New variables conf_prog_LIB_POST and confBLDVARIANT added
+ for other internal projects but included in the open source
+ release.
+ LIBSMDB: Check for ".db" instead of simply "db" at the end of the
+ map name to determine whether or not to add the extension.
+ This fixes makemap when building the userdb file. Problem
+ noted by Andrew J Cole of the University of Leeds.
+ LIBSMDB: Allow a database to be opened for updating and created if
+ it doesn't already exist. Problem noted by Rand Wacker of
+ Sendmail.
+ LIBSMDB: If type is SMDB_TYPE_DEFAULT and both NEWDB and NDBM are
+ available, fall back to NDBM if NEWDB open fails. This
+ fixes praliases. Patch from John Beck of Sun Microsystems.
+ LIBSMUTIL: safefile()'s SFF_NOTEXCL check was being misinterpreted
+ as SFF_NOWRFILES.
+ OP.ME: Clarify some issues regarding mailer flags. Suggested by
+ Martin Mokrejs of The Charles University and Neil Rickert of
+ Northern Illinois University.
+ PRALIASES: Restore 8.9.X functionality of being able to search for
+ particular keys in a database by specifying the keys on the
+ command line. Man page updated accordingly. Patch from
+ John Beck of Sun Microsystems.
+ VACATION: SunOS 4.X portability from Charles Levert of Ecole
+ Polytechnique de Montreal.
+ VACATION: Fix -t option which is ignored but available for
+ compatibility with Sun's version, based on patch from
+ Volker Dobler of Infratest Burke.
+ Added Files:
+ devtools/M4/UNIX/smlib.m4
+ devtools/OS/OSF1.V5.0
+ Deleted Files:
+ contrib/converting.sun.configs
+ Deleted Directories (already done in 8.10.0 but not listed):
+ doc/intro
+ doc/usenix
+ doc/changes
+
+8.10.0/8.10.0 2000/03/01
+ *************************************************************
+ * The engineering department at Sendmail, Inc. has suffered *
+ * the tragic loss of a key member of our engineering team. *
+ * Julie Van Bourg was the Vice President of Engineering *
+ * at Sendmail, Inc. during the development and deployment *
+ * of this release. It was her vision, dedication, and *
+ * support that has made this release a success. Julie died *
+ * on October 26, 1999 of cancer. We have lost a leader, a *
+ * coach, and a friend. *
+ * *
+ * This release is dedicated to her memory and to the joy, *
+ * strength, ideals, and hope that she brought to all of us. *
+ * Julie, we miss you! *
+ *************************************************************
+ SECURITY: The safe file checks now back track through symbolic
+ links to make sure the files can't be compromised due
+ to poor permissions on the parent directories of the
+ symbolic link target.
+ SECURITY: Only root, TrustedUser, and users in class t can rebuild
+ the alias map. Problem noted by Michal Zalewski of the
+ "Internet for Schools" project (IdS).
+ SECURITY: There is a potential for a denial of service attack if
+ the AutoRebuildAliases option is set as a user can kill the
+ sendmail process while it is rebuilding the aliases file
+ (leaving it in an inconsistent state). This option and
+ its use is deprecated and will be removed from a future
+ version of sendmail.
+ SECURITY: Make sure all file descriptors (besides stdin, stdout, and
+ stderr) are closed before restarting sendmail. Problem noted
+ by Michal Zalewski of the "Internet for Schools" project
+ (IdS).
+ Begin using /etc/mail/ for sendmail related files. This affects
+ a large number of files. See cf/README for more details.
+ The directory structure of the distribution has changed slightly
+ for easier code sharing among the programs.
+ Support SMTP AUTH (see RFC 2554). New macros for this purpose
+ are ${auth_authen}, ${auth_type}, and ${auth_author}
+ which hold the client's authentication credentials,
+ the mechanism used for authentication, and the
+ authorization identity (i.e., the AUTH= parameter if
+ supplied). Based on code contributed by Tim Martin of CMU.
+ On systems which use the Torek stdio library (all of the BSD
+ distributions), use memory-buffered files to reduce
+ file system overhead by not creating temporary files on
+ disk. Contributed by Exactis.com, Inc.
+ New option DataFileBufferSize to control the maximum size of a
+ memory-buffered data (df) file before a disk-based file is
+ used. Contributed by Exactis.com, Inc.
+ New option XscriptFileBufferSize to control the maximum size of a
+ memory-buffered transcript (xf) file before a disk-based
+ file is used. Contributed by Exactis.com, Inc.
+ sendmail implements RFC 2476 (Message Submission), e.g., it can
+ now listen on several different ports. Use:
+ O DaemonPortOptions=Name=MSA, Port=587, M=E
+ to run a Message Submission Agent (MSA); this is turned
+ on by default in m4-generated .cf files; it can be turned
+ off with FEATURE(`no_default_msa').
+ The 'XUSR' SMTP command is deprecated. Mail user agents should
+ begin using RFC 2476 Message Submission for initial user
+ message submission. XUSR may disappear from a future release.
+ The new '-G' (relay (gateway) submission) command line option
+ indicates that the message being submitted from the command
+ line is for relaying, not initial submission. This means
+ the message will be rejected if the addresses are not fully
+ qualified and no canonicalization will be done. Future
+ releases may even reject improperly formed messages.
+ The '-U' (initial user submission) command line option is
+ deprecated and may be removed from a future release.
+ Mail user agents should begin using '-G' to indicate that
+ this is a relay submission (the inverse of -U).
+ The next release of sendmail will assume that any message submitted
+ from the command line is an initial user submission and act
+ accordingly.
+ If sendmail doesn't have enough privileges to run a .forward
+ program or deliver to file as the owner of that file, the
+ address is marked as unsafe. This means if RunAsUser is
+ set, users won't be able to use programs or delivery to
+ files in their .forward files. Administrators can override
+ this by setting the DontBlameSendmail option to the new
+ setting NonRootSafeAddr.
+ Allow group or world writable directories if the sticky bit is set
+ on the directory and DontBlameSendmail is set to
+ TrustStickyBit. Based on patch from Chris Metcalf of
+ InCert Software.
+ Prevent logging of unsafe directory paths for non-existent forward
+ files if the new DontWarnForwardFileInUnsafeDirPath bit is
+ set in the DontBlameSendmail option. Requested by many.
+ New Timeout.control option to limit the total time spent satisfying
+ a control socket request.
+ New Timeout.resolver options for controlling BIND resolver
+ settings:
+ Timeout.resolver.retrans
+ Sets the resolver's retransmission time interval (in
+ seconds). Sets both Timeout.resolver.retrans.first
+ and Timeout.resolver.retrans.normal.
+ Timeout.resolver.retrans.first
+ Sets the resolver's retransmission time interval (in
+ seconds) for the first attempt to deliver a message.
+ Timeout.resolver.retrans.normal
+ Sets the resolver's retransmission time interval (in
+ seconds) for all resolver lookups except the first
+ delivery attempt.
+ Timeout.resolver.retry
+ Sets the number of times to retransmit a resolver
+ query. Sets both Timeout.resolver.retry.first
+ and Timeout.resolver.retry.normal.
+ Timeout.resolver.retry.first
+ Sets the number of times to retransmit a resolver
+ query for the first attempt to deliver a message.
+ Timeout.resolver.retry.normal
+ Sets the number of times to retransmit a resolver
+ query for all resolver lookups except the first
+ delivery attempt.
+ Contributed by Exactis.com, Inc.
+ Support multiple queue directories. To use multiple queues, supply
+ a QueueDirectory option value ending with an asterisk. For
+ example, /var/spool/mqueue/q* will use all of the
+ directories or symbolic links to directories beginning with
+ 'q' in /var/spool/mqueue as queue directories. Keep in
+ mind, the queue directory structure should not be changed
+ while sendmail is running. Queue runs create a separate
+ process for running each queue unless the verbose flag is
+ given on a non-daemon queue run. New items are randomly
+ assigned to a queue. Contributed by Exactis.com, Inc.
+ Support different directories for qf, df, and xf queue files; if
+ subdirectories or symbolic links to directories of those names
+ exist in the queue directories, they are used for the
+ corresponding queue files. Keep in mind, the queue
+ directory structure should not be changed while sendmail is
+ running. Proposed by Mathias Koerber of Singapore
+ Telecommunications Ltd.
+ New queue file naming system which uses a filename guaranteed to be
+ unique for 60 years. This allows queue IDs to be assigned
+ without fancy file system locking. Queued items can be
+ moved between queues easily. Contributed by Exactis.com,
+ Inc.
+ Messages which are undeliverable due to temporary address failures
+ (e.g., DNS failure) will now go to the FallBackMX host, if
+ set. Contributed by Exactis.com, Inc.
+ New command line option '-L tag' which sets the identifier used for
+ syslog. Contributed by Exactis.com, Inc.
+ QueueSortOrder=Filename will sort the queue by filename. This
+ avoids opening and reading each queue file when preparing
+ to run the queue. Contributed by Exactis.com, Inc.
+ Shared memory counters and microtimers functionality has been
+ donated by Exactis.com, Inc.
+ The SCCS ID tags have been replaced with RCS ID tags.
+ Allow trusted users (those on a T line or in $=t) to set the
+ QueueDirectory (Q) option without an X-Authentication-Warning:
+ being added. Suggested by Michael K. Sanders.
+ IPv6 support based on patches from John Kennedy of Cal State
+ University, Chico, Motonori Nakamura of Kyoto University,
+ and John Beck of Sun Microsystems.
+ In low-disk space situations, where sendmail would previously refuse
+ connections, still accept them, but only allow ETRN commands.
+ Suggested by Mathias Koerber of Singapore Telecommunications
+ Ltd.
+ The [IPC] builtin mailer now allows delivery to a UNIX domain socket
+ on systems which support them. This can be used with LMTP
+ local delivery agents which listen on a named socket. An
+ example mailer might be:
+ Mexecmail, P=[IPC], F=lsDFMmnqSXzA5@/:|, E=\r\n,
+ S=10, R=20/40, T=DNS/RFC822/X-Unix,
+ A=FILE /var/run/lmtpd
+ Code contributed by Lyndon Nerenberg of Messaging Direct.
+ The [TCP] builtin mailer name is now deprecated. Use [IPC]
+ instead.
+ The first mailer argument in the [IPC] mailer is now checked for a
+ legitimate value. Possible values are TCP (for TCP/IP
+ connections), IPC (which will be deprecated in a future
+ version), and FILE (for UNIX domain socket delivery).
+ PrivacyOptions=goaway no longer includes the noetrn and the noreceipts
+ flags.
+ PrivacyOptions=nobodyreturn instructs sendmail not to include the
+ body of the original message on delivery status
+ notifications.
+ Don't announce DSN if PrivacyOptions=noreceipts is set. Problem noted
+ by Dan Bernstein, fix from Robert Harker of Harker Systems.
+ Accept the SMTP RSET command even when rejecting commands due to TCP
+ Wrappers or the check_relay ruleset. Problem noted by
+ Steve Schweinhart of America Online.
+ Warn if OperatorChars is set multiple times. OperatorChars should
+ not be set after rulesets are defined. Suggested by
+ Mitchell Blank Jr of Exec-PC.
+ Do not report temporary failure on delivery to files. In
+ interactive delivery mode, this would result in two SMTP
+ responses after the DATA command. Problem noted by
+ Nik Conwell of Boston University.
+ Check file close when mailing to files. Problem noted by Nik
+ Conwell of Boston University.
+ Avoid a segmentation fault when using the LDAP map. Patch from
+ Curtis W. Hillegas of Princeton University.
+ Always bind to the LDAP server regardless of whether you are using
+ ldap_open() or ldap_init(). Fix from Raj Kunjithapadam of
+ @Home Network.
+ New ruleset trust_auth to determine whether a given AUTH=
+ parameter of the MAIL command should be trusted. See SMTP
+ AUTH, cf/README, and doc/op/op.ps.
+ Allow new named config file rules check_vrfy, check_expn, and
+ check_etrn for VRFY, EXPN, and ETRN commands, respectively,
+ similar to check_rcpt etc.
+ Introduce new macros ${rcpt_mailer}, ${rcpt_host}, ${rcpt_addr},
+ ${mail_mailer}, ${mail_host}, ${mail_addr} that hold
+ the results of parsing the RCPT and MAIL arguments, i.e.
+ the resolved triplet from $#mailer $@host $:addr.
+ From Kari Hurtta of the Finnish Meteorological Institute.
+ New macro ${client_resolve} which holds the result of the resolve
+ call for ${client_name}: OK, FAIL, FORGED, TEMP. Proposed
+ by Kari Hurtta of the Finnish Meteorological Institute.
+ New macros ${dsn_notify}, ${dsn_envid}, and ${dsn_ret} that hold
+ the corresponding DSN parameter values. Proposed by
+ Mathias Herberts.
+ New macro ${msg_size} which holds the value of the SIZE= parameter,
+ i.e., usually the size of the message (in an ESMTP dialogue),
+ before the message has been collected, thereafter it holds
+ the message size as computed by sendmail (and can be used
+ in check_compat).
+ The macro ${deliveryMode} now specifies the current delivery mode
+ sendmail is using instead of the value of the DeliveryMode
+ option.
+ New macro ${ntries} holds the number of delivery attempts.
+ Drop explicit From: if same as what would be generated only if it is
+ a local address. From Motonori Nakamura of Kyoto University.
+ Write pid to file also if sendmail only processes the queue.
+ Proposed by Roy J. Mongiovi of Georgia Tech.
+ Log "low on disk space" only when necessary.
+ New macro ${load_avg} can be used to check the current load average.
+ Suggested by Scott Gifford of The Internet Ramp.
+ Return-Receipt-To: header implies DSN request if option RrtImpliesDsn
+ is set.
+ Flag -S for maps to specify the character which is substituted
+ for spaces (instead of the default given by O BlankSub).
+ Flag -D for maps: perform no lookup in deferred delivery mode.
+ This flag is set by default for the host map. Based on a
+ proposal from Ian MacPhedran of the University of Saskatchewan.
+ Open maps only on demand, not at startup.
+ Log warning about unsupported IP address families.
+ New option MaxHeadersLength allows to specify a maximum length
+ of the sum of all headers. This can be used to prevent
+ a denial-of-service attack.
+ New option MaxMimeHeaderLength which limits the size of MIME
+ headers and parameters within those headers. This option
+ is intended to protect mail user agents from buffer
+ overflow attacks.
+ Added option MaxAliasRecursion to specify the maximum depth of
+ alias recursion.
+ New flag F=6 for mailers to strip headers to seven bit.
+ Map type syslog to log the key via syslogd.
+ Entries in the alias file can be continued by putting a backslash
+ directly before the newline.
+ New option DeadLetterDrop to define the location of the system-wide
+ dead.letter file, formerly hardcoded to
+ /usr/tmp/dead.letter. If this option is not set (the
+ default), sendmail will not attempt to save to a
+ system-wide dead.letter file if it can not bounce the mail
+ to the user nor postmaster. Instead, it will rename the qf
+ file as it has in the past when the dead.letter file
+ could not be opened.
+ New option PidFile to define the location of the pid file. The
+ value of this option is macro expanded.
+ New option ProcessTitlePrefix specifies a prefix string for the
+ process title shown in 'ps' listings.
+ New macros for use with the PidFile and ProcessTitlePrefix options
+ (along with the already existing macros):
+ ${daemon_info} Daemon information, e.g.
+ SMTP+queueing@00:30:00
+ ${daemon_addr} Daemon address, e.g., 0.0.0.0
+ ${daemon_family} Daemon family, e.g., inet, inet6, etc.
+ ${daemon_name} Daemon name, e.g., MSA.
+ ${daemon_port} Daemon port, e.g., 25
+ ${queue_interval} Queue run interval, e.g., 00:30:00
+ New macros especially for virtual hosting:
+ ${if_name} hostname of interface of incoming connection.
+ ${if_addr} address of interface of incoming connection.
+ The latter is only set if the interface does not belong to the
+ loopback net.
+ If a message being accepted via a method other than SMTP and
+ would be rejected by a header check, do not send the message.
+ Suggested by Phil Homewood of Mincom Pty Ltd.
+ Don't strip comments for header checks if $>+ is used instead of $>.
+ Provide header value as quoted string in the macro
+ ${currHeader} (possibly truncated to MAXNAME). Suggested by
+ Jan Krueger of Unix-AG of University of Hannover.
+ The length of the header value is stored in ${hdrlen}.
+ H*: allows to specify a default ruleset for header checks. This
+ ruleset will only be called if the individual header does
+ not have its own ruleset assigned. Suggested by Jan
+ Krueger of Unix-AG of University of Hannover.
+ The name of the header field stored in ${hdr_name}.
+ Comments (i.e., text within parentheses) in rulesets are not
+ removed if the config file version is greater than or equal
+ to 9. For example, "R$+ ( 1 ) $@ 1" matches the
+ input "token (1)" but does not match "token".
+ Avoid removing the Content-Transfer-Encoding MIME header on
+ MIME messages. Problem noted by Sigurbjorn B. Larusson of
+ Multimedia Consumer Services. Fix from Per Hedeland of
+ Ericsson.
+ Avoid duplicate Content-Transfer-Encoding MIME header on
+ messages with 8-bit text in headers. Problem noted by
+ Per Steinar Iversen of Oslo College. Fix from Per Hedeland
+ of Ericsson.
+ Avoid keeping maps locked longer than necessary when re-opening a
+ modified database map file. Problem noted by Chris Adams
+ of Renaissance Internet Services.
+ Resolving to the $#error mailer with a temporary failure code (e.g.,
+ $#error $@ tempfail $: "400 Temporary failure") will now
+ queue up the message instead of bouncing it.
+ Be more liberal in acceptable responses to an SMTP RSET command as
+ standard does not provide any indication of what to do when
+ something other than 250 is received. Based on a patch
+ from Steve Schweinhart of America Online.
+ New option TrustedUser allows to specify a user who can own
+ important files instead of root. This requires HASFCHOWN.
+ Fix USERDB conditional so compiling with NEWDB or HESIOD and
+ setting USERDB=0 works. Fix from Jorg Zanger of Schock.
+ Fix another instance (similar to one in 8.9.3) of a network failure
+ being mis-logged as "Illegal Seek" instead of whatever
+ really went wrong. From John Beck of Sun Microsystems.
+ $? tests also whether the macro is non-null.
+ Print an error message if a mailer definition contains an invalid
+ equate name.
+ New mailer equate /= to specify a directory to chroot() into before
+ executing the mailer program. Suggested by Igor Vinokurov.
+ New mailer equate W= to specify the maximum time to wait for the
+ mailer to return after sending all data to it.
+ Only free memory from the process list when adding a new process
+ into a previously filled slot. Previously, the memory was
+ freed at removal time. Since removal can happen in a
+ signal handler, this may leave the memory map in an
+ inconsistent state. Problem noted by Jeff A. Earickson and
+ David Cooley of Colby College.
+ When using the UserDB @hostname catch-all, do not try to lookup
+ local users in the passwd file. The UserDB code has
+ already decided the message will be passed to another host
+ for processing. Fix from Tony Landells of Burdett
+ Buckeridge Young Limited.
+ Support LDAP authorization via either a file containing the
+ password or Kerberos V4 using the new map options
+ '-ddistinguished_name', '-Mmethod', and '-Pfilename'. The
+ distinguished_name is who to login as. The method can be
+ one of LDAP_AUTH_NONE, LDAP_AUTH_SIMPLE, or
+ LDAP_AUTH_KRBV4. The filename is the file containing the
+ secret key for LDAP_AUTH_SIMPLE or the name of the Kerberos
+ ticket file for LDAP_AUTH_KRBV4. Patch from Booker Bense
+ of Stanford University.
+ The ldapx map has been renamed to ldap. The use of ldapx is
+ deprecated and will be removed in a future version.
+ If the result of an LDAP search returns a multi-valued attribute
+ and the map has the column delimiter set, it turns that
+ response into a delimiter separated string. The LDAP map
+ will traverse multiple entries as well. LDAP alias maps
+ automatically set the column delimiter to the comma.
+ Based on patch from Booker Bense of Stanford University and
+ idea from Philip A. Prindeville of Mirapoint, Inc.
+ Support return of multiple values for a single LDAP lookup. The
+ values to be returned should be in a comma separated string.
+ For example, `-v "email,emailother"'. Patch from
+ Curtis W. Hillegas of Princeton University.
+ Allow the use of LDAP for alias maps.
+ If no LDAP attributes are specified in an LDAP map declaration, all
+ attributes found in the match will be returned.
+ Prevent commas in quoted strings in the AliasFile value from
+ breaking up a single entry into multiple entries. This is
+ needed for LDAP alias file specifications to allow for
+ comma separated key and value strings.
+ Keep connections to LDAP server open instead of opening and closing
+ for each lookup. To reduce overhead, sendmail will cache
+ connections such that multiple maps which use the same
+ host, port, bind DN, and authentication will only result in
+ a single connection to that host.
+ Put timeout in the proper place for USE_LDAP_INIT.
+ Be more careful about checking for errors and freeing memory on
+ LDAP lookups.
+ Use asynchronous LDAP searches to save memory and network
+ resources.
+ Do not copy LDAP query results if the map's match only flag is set.
+ Increase portability to the Netscape LDAP libraries.
+ Change the parsing of the LDAP filter specification. '%s' is still
+ replaced with the literal contents of the map lookup key --
+ note that this means a lookup can be done using the LDAP
+ special characters. The new '%0' token can be used instead
+ of '%s' to encode the key buffer according to RFC 2254.
+ For example, if the LDAP map specification contains '-k
+ "(user=%s)"' and a lookup is done on "*", this would be
+ equivalent to '-k "(user=*)"' -- matching ANY record with a
+ user attribute. Instead, if the LDAP map specification
+ contains '-k "(user=%0)"' and a lookup is done on "*", this
+ would be equivalent to '-k "(user=\2A)"' -- matching a user
+ with the name "*".
+ New LDAP map flags: "-1" requires a single match to be returned, if
+ more than one is returned, it is equivalent to no records
+ being found; "-r never|always|search|find" sets the LDAP
+ alias dereference option; "-Z size" limits the number of
+ matches to return.
+ New option LDAPDefaultSpec allows a default map specification for
+ LDAP maps. The value should only contain LDAP specific
+ settings such as "-h host -p port -d bindDN", etc. The
+ settings will be used for all LDAP maps unless they are
+ specified in the individual map specification ('K'
+ command). This option should be set before any LDAP maps
+ are defined.
+ Prevent an NDBM alias file opening loop when the NDBM open
+ continually fails. Fix from Roy J. Mongiovi of Georgia
+ Tech.
+ Reduce memory utilization for smaller symbol table entries. In
+ particular, class entries get much smaller, which can be
+ important if you have large classes.
+ On network-related temporary failures, record the hostname which
+ gave error in the queued status message. Requested by
+ Ulrich Windl of the Universitat Regensburg.
+ Add new F=% mailer flag to allow for a store and forward
+ configuration. Mailers which have this flag will not attempt
+ delivery on initial recipient of a message or on queue runs
+ unless the queued message is selected using one of the
+ -qI/-qR/-qS queue run modifiers or an ETRN request. Code
+ provided by Philip Guenther of Gustavus Adolphus College.
+ New option ControlSocketName which, when set, creates a daemon
+ control socket. This socket allows an external program to
+ control and query status from the running sendmail daemon
+ via a named socket, similar to the ctlinnd interface to the
+ INN news server. Access to this interface is controlled by
+ the UNIX file permissions on the named socket on most UNIX
+ systems (see sendmail/README for more information). An
+ example control program is provided as contrib/smcontrol.pl.
+ Change the default values of QueueLA from 8 to (8 * numproc) and
+ RefuseLA from 12 to (12 * numproc) where numproc is the
+ number of processors online on the system (if that can be
+ determined). For single processor machines, this change
+ has no effect.
+ Don't return body of message to postmaster on "Too many hops" bounces.
+ Based on fix from Motonori Nakamura of Kyoto University.
+ Give more detailed DSN descriptions for some cases. Patch from
+ Motonori Nakamura of Kyoto University.
+ Logging of alias, forward file, and UserDB expansion now happens
+ at LogLevel 11 or higher instead of 10 or higher.
+ Logging of an envelope's complete delivery (the "done" message) now
+ happens at LogLevel 10 or higher instead of 11 or higher.
+ Logging of TCP/IP or UNIX standard input connections now happens at
+ LogLevel 10 or higher. Previously, only TCP/IP connections
+ were logged, and on at LogLevel 12 or higher. Setting
+ LogLevel to 10 will now assist users in tracking frequent
+ connection-based denial of service attacks.
+ Log basic information about authenticated connections at LogLevel
+ 10 or higher.
+ Log SMTP Authentication mechanism and author when logging the sender
+ information (from= syslog line).
+ Log the DSN code for each recipient if one is available as a new
+ equate (dsn=).
+ Macro expand PostmasterCopy and DoubleBounceAddress options.
+ New "ph" map for performing ph queries in rulesets. More
+ information is available at
+ http://www-wsg.cso.uiuc.edu/sendmail/patches/.
+ Contributed by Mark Roth of the University of Illinois at
+ Urbana-Champaign.
+ Detect temporary lookup failures in the host map if looking up a
+ bracketed IP address. Problem noted by Kari Hurtta of the
+ Finnish Meteorological Institute.
+ Do not report a Remote-MTA on local deliveries. Problem noted by
+ Kari Hurtta of the Finnish Meteorological Institute.
+ When a forward file points to an alias which runs a program, run
+ the program as the default user and the default group, not
+ the forward file user. This change also assures the
+ :include: directives in aliases are also processed using
+ the default user and group. Problem noted by Sergiu
+ Popovici of DNT Romania.
+ Prevent attempts to save a dead.letter file for a user with
+ no home directory (/no/such/directory). Problem noted by
+ Michael Brown of Finnigan FT/MS.
+ Include message delay and number of tries when logging that a
+ message has been completely delivered (LogLevel of 10 or
+ above). Suggested by Nick Hilliard of Ireland Online.
+ Log the sender of a message even if none of the recipients were
+ accepted. If some of the recipients were rejected, it is
+ helpful to know the sender of the message.
+ Check the root directory (/) when checking a path for safety.
+ Problem noted by John Beck of Sun Microsystems.
+ Prevent multiple responses to the DATA command if DeliveryMode is
+ interactive and delivering to an alias which resolves to
+ multiple files.
+ Macros in the helpfile are expanded if the helpfile version is 2 or
+ greater (see below); the help function doesn't print the
+ version of sendmail any longer, instead it is placed in
+ the helpfile ($v). Suggested by Chuck Foster of UUNET
+ PIPEX. Additionally, comment lines (starting with #) are
+ skipped and a version line (#vers) is introduced. The
+ helpfile version for 8.10.0 is 2, if no version or an older
+ version is found, a warning is logged. The '#vers'
+ directive should be placed at the top of the help file.
+ Use fsync() when delivering to a file to guarantee the delivery to
+ disk succeeded. Suggested by Nick Christenson.
+ If delivery to a file is unsuccessful, truncate the file back to its
+ length before the attempt.
+ If a forward points to a filename for delivery, change to the
+ user's uid before checking permissions on the file. This
+ allows delivery to files on NFS mounted directories where
+ root is remapped to nobody. Problem noted by Harald
+ Daeubler of Universitaet Ulm.
+ purgestat and sendmail -bH purge only expired (Timeout.hoststatus)
+ host status files, not all files.
+ Any macros stored in the class $={persistentMacros} will be saved
+ in the queue file for the message and set when delivery
+ is attempted on the queued item. Suggested by Kyle Jones of
+ Wonderworks Inc.
+ Add support for storing information between rulesets using the new
+ macro map class. This can be used to store information
+ between queue runs as well using $={persistentMacros}.
+ Based on an idea from Jan Krueger of Unix-AG of University
+ of Hannover.
+ New map class arith to allow for computations in rules. The
+ operation (+, -, *, /, l (for less than), and =) is given
+ as key. The two operands are specified as arguments; the
+ lookup returns the result of the computation. For example,
+ "$(arith l $@ 4 $@ 2 $)" will return "FALSE" and
+ "$(arith + $@ 4 $@ 2 $)" will return "6".
+ Add new syntax for header declarations which decide whether to
+ include the header based on a macro rather than a mailer
+ flag:
+ H?${MyMacro}?X-My-Header: ${MyMacro}
+ This should be used along with $={persistentMacros}.
+ It can be used for adding headers to a message based on
+ the results of check_* and header check rulesets.
+ Allow new named config file rule check_eoh which is called after
+ all of the headers have been collected. The input to the
+ ruleset the number of headers and the size of all of the
+ headers in bytes separated by $|. This ruleset along with
+ the macro storage map can be used to correlate information
+ gathered between headers and to check for missing headers.
+ See cf/README or doc/op/op.ps for an example.
+ Change the default for the MeToo option to True to correspond
+ to the clarification in the DRUMS SMTP Update spec. This
+ option is deprecated and will be removed from a future
+ version.
+ Change the sendmail binary default for SendMimeErrors to True.
+ Change the sendmail binary default for SuperSafe to True.
+ Display ruleset names in debug and address test mode output
+ if referencing a named ruleset.
+ New mailer equate m= which will limit the number of messages
+ delivered per connection on an SMTP or LMTP mailer.
+ Improve QueueSortOrder=Host by reversing the hostname before
+ using it to sort. Now all the same domains are really run
+ through the queue together. If they have the same MX host,
+ then they will have a much better opportunity to use the
+ connection cache if available. This should be a reasonable
+ performance improvement. Patch from Randall Winchester of
+ the University of Maryland.
+ If a message is rejected by a header check ruleset, log who would
+ have received the message if it had not been rejected.
+ New "now" value for Timeout.queuereturn to bounce entries from the
+ queue immediately. No delivery attempt is made.
+ Increase sleeping time exponentially after too many "bad" commands
+ up to 4 minutes delay (compare MAX{BAD,NOOP,HELO,VRFY,ETRN}-
+ COMMANDS).
+ New option ClientPortOptions similar to DaemonPortOptions
+ but for outgoing connections.
+ New suboptions for DaemonPortOptions: Name (a name used for
+ error messages and logging) and Modifiers, i.e.
+ a require authentication
+ b bind to interface through which mail has
+ been received
+ c perform hostname canonification
+ f require fully qualified hostname
+ h use name of interface for outgoing HELO
+ command
+ C don't perform hostname canonification
+ E disallow ETRN (see RFC 2476)
+ New suboption for ClientPortOptions: Modifiers, i.e.
+ h use name of interface for HELO command
+ The version number for queue files (qf) has been incremented to 4.
+ Log unacceptable HELO/EHLO domain name attempts if LogLevel is set
+ to 10 or higher. Suggested by Rick Troxel of the National
+ Institutes of Health.
+ If a mailer dies, print the status in decimal instead of octal
+ format. Suggested by Michael Shapiro of Sun Microsystems.
+ Limit the length of all MX records considered for delivery to 8k.
+ Move message priority from sender to recipient logging. Suggested by
+ Ulrich Windl of the Universitat Regensburg.
+ Add support for Berkeley DB 3.X.
+ Add fix for Berkeley DB 2.X fcntl() locking race condition.
+ Requires a post-2.7.5 version of Berkeley DB.
+ Support writing traffic log (sendmail -X option) to a FIFO.
+ Patch submitted by Rick Heaton of Network Associates, Inc.
+ Do not ignore Timeout settings in the .cf file when a Timeout
+ sub-options is set on the command line. Problem noted by
+ Graeme Hewson of Oracle.
+ Randomize equal preference MX records each time delivery is
+ attempted via a new connection to a host instead of once per
+ session. Suggested by Scott Salvidio of Compaq.
+ Implement enhanced status codes as defined by RFC 2034.
+ Add [hostname] to class w for the names of all interfaces unless
+ DontProbeInterfaces is set. This is useful for sending mails
+ to hosts which have dynamically assigned names.
+ If a message is bounced due to bad MIME conformance, avoid bouncing
+ the bounce for the same reason. If the body is not 8-bit
+ clean, and EightBitMode isn't set to pass8, the body will
+ not be included in the bounce. Problem noted by Valdis
+ Kletnieks of Virginia Tech.
+ The timeout for sending a message via SMTP has been changed from
+ '${msgsize} / 16 + (${nrcpts} * 300)' to a timeout which
+ simply checks for progress on sending data every 5 minutes.
+ This will detect the inability to send information quicker
+ and reduce the number of processes simply waiting to
+ timeout.
+ Prevent a segmentation fault on systems which give a partial filled
+ interface address structure when loading the system network
+ interface addresses. Fix from Reinier Bezuidenhout of
+ Nanoteq.
+ Add a compile-time configuration macro, MAXINTERFACES, which
+ indicates the number of interfaces to read when probing
+ for hostnames and IP addresses for class w ($=w). The
+ default value is 512. Based on idea from Reinier
+ Bezuidenhout of Nanoteq.
+ If the RefuseLA option is set to 0, do not reject connections based
+ on load average.
+ Allow ruleset 0 to have a name. Problem noted by Neil Rickert of
+ Northern Illinois University.
+ Expand the Return-Path: header at delivery time, after "owner-"
+ envelope splitting has occurred.
+ Don't try to sort the queue if there are no entries. Patch from
+ Luke Mewburn from RMIT University.
+ Add a "/quit" command to address test mode.
+ Include the proper sender in the UNIX "From " line and Return-Path:
+ header when undeliverable mail is saved to ~/dead.letter.
+ Problem noted by Kari Hurtta of the Finnish Meteorological
+ Institute.
+ The contents of a class can now be copied to another class using
+ the syntax: "C{Dest} $={Source}". This would copy all of
+ the items in class $={Source} into the class $={Dest}.
+ Include original envelope's error transcript in bounces created for
+ split (owner-) envelopes to see the original errors when
+ the recipients were added. Based on fix from Motonori
+ Nakamura of Kyoto University.
+ Show reason for permanent delivery errors directly after the
+ addresses. From Motonori Nakamura of Kyoto University.
+ Prevent a segmentation fault when bouncing a split-envelope
+ message. Patch from Motonori Nakamura of Kyoto University.
+ If the specification for the queue run interval (-q###) has a
+ syntax error, consider the error fatal and exit.
+ Pay attention to CheckpointInterval during LMTP delivery. Problem
+ noted by Motonori Nakamura of Kyoto University.
+ On operating systems which have setlogin(2), use it to set the
+ login name to the RunAsUserName when starting as a daemon.
+ This is for delivery to programs which use getlogin().
+ Based on fix from Motonori Nakamura of Kyoto University.
+ Differentiate between "command not implemented" and "command
+ unrecognized" in the SMTP dialogue.
+ Strip returns from forward and include files. Problem noted by
+ Allan E Johannesen of Worcester Polytechnic Institute.
+ Prevent a core dump when using 'sendmail -bv' on an address which
+ resolves to the $#error mailer with a temporary failure.
+ Based on fix from Neil Rickert of Northern Illinois
+ University.
+ Prevent multiple deliveries of a message with a "non-local alias"
+ pointing to a local user, if canonicalization fails
+ the message was requeued *and* delivered to the alias.
+ If an invalid ruleset is declared, the ruleset name could be
+ ignored and its rules added to S0. Instead, ignore the
+ ruleset lines as well.
+ Avoid incorrect Final-Recipient, Action, and X-Actual-Recipient
+ success DSN fields as well as duplicate entries for a
+ single address due to S5 and UserDB processing. Problems
+ noted by Kari Hurtta of the Finnish Meteorological
+ Institute.
+ Turn off timeouts when exiting sendmail due to an interrupt signal
+ to prevent the timeout from firing during the exit process.
+ Problem noted by Michael Shapiro of Sun Microsystems.
+ Do not append @MyHostName to non-RFC822 addresses output by the EXPN
+ command or on Final-Recipient: and X-Actual-Recipient: DSN
+ headers. Non-RFC822 addresses include deliveries to
+ programs, file, DECnet, etc.
+ Fix logic for determining if a local user is using -f or -bs to
+ spoof their return address. Based on idea from Neil Rickert
+ of Northern Illinois University and patch from Per Hedeland
+ of Ericsson.
+ Report the proper UID in the bounce message if an :include: file is
+ owned by a uid that doesn't map to a username and the
+ :include: file contains delivery to a file or program.
+ Problem noted by John Beck of Sun Microsystems.
+ Avoid the attempt of trying to send a second SMTP QUIT command if
+ the remote server responds to the first QUIT with a 4xx
+ response code and drops the connection. This behavior was
+ noted by Ulrich Windl of the Universitat Regensburg when
+ sendmail was talking to the Mercury 1.43 MTA.
+ If a hostname lookup times out and ServiceSwitchFile is set but the
+ file is not present, the lookup failure would be marked as
+ a permanent failure instead of a temporary failure. Fix
+ from Russell King of the ARM Linux Project.
+ Handle aliases or forwards which deliver to programs using tabs
+ instead of spaces between arguments. Problem noted by Randy
+ Wormser. Fix from Neil Rickert of Northern Illinois
+ University.
+ Allow MaxRecipientsPerMessage option to be set on the command line
+ by normal users (e.g., sendmail won't drop its root
+ privileges) to allow overrides for message submission via
+ 'sendmail -bs'.
+ Set the names for help file and statistics file to "helpfile" and
+ "statistics", respectively, if no parameters are given for
+ them in the .cf file.
+ Avoid bogus 'errbody: I/O Error -7' log messages when sending
+ success DSN messages for messages relayed to non-DSN aware
+ systems. Problem noted by Juergen Georgi of RUS University
+ of Stuttgart and Kyle Tucker of Parexel International.
+ Prevent +detail information from interfering with local delivery to
+ multiple users in the same transaction (F=m).
+ Add H_FORCE flag for the X-Authentication-Warning: header, so it
+ will be added even if one already exists. Problem noted
+ by Michal Zalewski of Marchew Industries.
+ Stop processing SMTP commands if the SMTP connection is dropped.
+ This prevents a remote system from flooding the connection
+ with commands and then disconnecting. Previously, the
+ server would process all of the buffered commands. Problem
+ noted by Michal Zalewski of Marchew Industries.
+ Properly process user-supplied headers beginning with '?'. Problem
+ noted by Michal Zalewski of Marchew Industries.
+ If multiple header checks resolve to the $#error mailer, use the
+ last permanent (5XX) failure if any exist. Otherwise, use
+ the last temporary (4XX) failure.
+ RFC 1891 requires "hexchar" in a "xtext" to be upper case. Patch
+ from Ronald F. Guilmette of Infinite Monkeys & Co.
+ Timeout.ident now defaults to 5 seconds instead of 30 seconds to
+ prevent the now common delays associated with mailing to a
+ site which drops IDENT packets. Suggested by many.
+ Persistent host status data is not reloaded disk when current data
+ is available in the in-memory cache. Problem noted by Per
+ Hedeland of Ericsson.
+ mailq displays unprintable characters in addresses as their octal
+ representation and a leading backslash. This avoids problems
+ with "unprintable" characters. Problem noted by Michal
+ Zalewski of the "Internet for Schools" project (IdS).
+ The mail line length limit (L= equate) was adding the '!' indicator
+ one character past the limit. This would cause subsequent
+ hops to break the line again. The '!' is now placed in
+ the last column of the limit if the line needs to be broken.
+ Problem noted by Joe Pruett of Q7 Enterprises. Based on fix
+ from Per Hedeland of Ericsson.
+ If a resolver ANY query is larger than the UDP packet size, the
+ resolver will fall back to TCP. However, some
+ misconfigured firewalls black 53/TCP so the ANY lookup
+ fails whereas an MX or A record might succeed. Therefore,
+ don't fail on ANY queries.
+ If an SMTP recipient is rejected due to syntax errors in the
+ address, do not send an empty postmaster notification DSN
+ to the postmaster. Problem noted by Neil Rickert of
+ Northern Illinois University.
+ Allow '_' and '.' in map names when parsing a sequence map
+ specification. Patch from William Setzer of North Carolina
+ State University.
+ Fix hostname in logging of read timeouts for the QUIT command on
+ cached connections. Problem noted by Neil Rickert of
+ Northern Illinois University.
+ Use a more descriptive entry to log "null" connections, i.e.,
+ "host did not issue MAIL/EXPN/VRFY/ETRN during connection".
+ Fix a file descriptor leak in ONEX mode.
+ Portability:
+ Reverse signal handling logic such that sigaction(2) with
+ the SA_RESTART flag is the preferred method and the
+ other signal methods are only tried if SA_RESTART
+ is not available. Problem noted by Allan E
+ Johannesen of Worcester Polytechnic Institute.
+ AIX 4.x supports the sa_len member of struct sockaddr.
+ This allows network interface probing to work
+ properly. Fix from David Bronder of the
+ University of Iowa.
+ AIX 4.3 has snprintf() support.
+ Use "PPC" as the architecture name when building under
+ AIX. This will be reflected in the obj.* directory
+ name.
+ Apple Darwin support based on Apple Rhapsody port.
+ Fixed AIX 'make depend' method from Valdis Kletnieks of
+ Virginia Tech.
+ Digital UNIX has uname(2).
+ GNU Hurd updates from Mark Kettenis of the University of
+ Amsterdam.
+ Improved HPUX 11.0 portability.
+ Properly determine the number of CPUs on FreeBSD 2.X,
+ FreeBSD 3.X, HP/UX 10.X and HP/UX 11.X.
+ Remove special IRIX ABI cases from Build script and the OS
+ files. Use the standard 'cc' options used by SGI
+ in building the operating system. Users can
+ override the defaults by setting confCC and
+ confLIBSEARCHPATH appropriately.
+ IRIX nsd map support from Bob Mende of SGI.
+ Minor devtools fixes for IRIX from Bob Mende of SGI.
+ Linux patch for IP_SRCROUTE support from Joerg Dorchain
+ of MW EDV & ELECTRONIC.
+ Linux now uses /usr/sbin for confEBINDIR in the build
+ system. From MATSUURA Takanori of Osaka University.
+ Remove special treatment for Linux PPC in the build
+ system. From MATSUURA Takanori of Osaka University.
+ Motorolla UNIX SYSTEM V/88 Release 4.0 support from
+ Sergey Rusanov of the Republic of Udmurtia.
+ NCR MP-RAS 3.x includes regular expression support. From
+ Tom J. Moore of NCR.
+ NEC EWS-UX/V series settings for _PATH_VENDOR_CF and
+ _PATH_SENDMAILPID from Oota Toshiya of
+ NEC Computers Group Planning Division.
+ Minor NetBSD owner/group tweaks from Ayamura Kikuchi, M.D.
+ NEWS-OS 6.X listed SYSLOG_BUFSIZE as 256 in confENVDEF and
+ 1024 in conf.h. Since confENVDEF would be used,
+ use that value in conf.h.
+ Use NeXT's NETINFO to get domain name. From Gerd Knops of
+ BITart Consulting.
+ Use NeXT's NETINFO for alias and hostname resolution if
+ AUTO_NETINFO_ALIASES and AUTO_NETINFO_HOSTS are
+ defined. Patch from Wilfredo Sanchez of Apple
+ Computer, Inc.
+ NeXT portability tweaks. Problems reported by Dragan
+ Milicic of the University of Utah and J. P. McCann
+ of E I A.
+ New compile flag FAST_PID_RECYCLE: set this if your system
+ can reuse the same PID in the same second.
+ New compile flag HASFCHOWN: set this if your OS has
+ fchown(2).
+ New compile flag HASRANDOM: set this to 0 if your OS does
+ not have random(3). rand() will be used instead.
+ New compile flag HASSRANDOMDEV: set this if your OS has
+ srandomdev(3).
+ New compile flag HASSETLOGIN: set this if your OS has
+ setlogin(2).
+ Replace SINIX and ReliantUNIX support with version
+ specific SINIX files. From Gerald Rinske of
+ Siemens Business Services.
+ Use the 60-second load average instead of the 5 second load
+ average on Compaq Tru64 UNIX (formerly Digital
+ UNIX). From Chris Teakle of the University of Qld.
+ Use ANSI C by default for Compaq Tru64 UNIX. Suggested by
+ Randall Winchester of Swales Aerospace.
+ Correct setgroups() prototype for Compaq Tru64 UNIX.
+ Problem noted by Randall Winchester of Swales
+ Aerospace.
+ Hitachi 3050R/3050RX and 3500 Workstations running
+ HI-UX/WE2 4.02, 6.10 and 7.10 from Motonori
+ NAKAMURA of Kyoto University.
+ New compile flag NO_GETSERVBYNAME: set this to disable
+ use of getservbyname() on systems which can
+ not lookup a service by name over NIS, such as
+ HI-UX. Patch from Motonori NAKAMURA of Kyoto
+ University.
+ Use devtools/bin/install.sh on SCO 5.x. Problem noted
+ by Sun Wenbing of the China Engineering and
+ Technology Information Network.
+ make depend didn't work properly on UNIXWARE 4.2. Problem
+ noted by Ariel Malik of Netology, Ltd.
+ Use /usr/lbin as confEBINDIR for Compaq Tru64 (Digital UNIX).
+ Set confSTDIO_TYPE to torek for BSD-OS, FreeBSD, NetBSD,
+ and OpenBSD.
+ A recent Compaq Ultrix 4.5 Y2K patch has broken detection
+ of local_hostname_length(). See sendmail/README
+ for more details. Problem noted by Allan E
+ Johannesen of Worcester Polytechnic Institute.
+ CONFIG: Begin using /etc/mail/ for sendmail related files. This
+ affects a large number of files. See cf/README for more
+ details.
+ CONFIG: New macro MAIL_SETTINGS_DIR contains the path (including
+ trailing slash) for the mail settings directory.
+ CONFIG: Increment version number of config file to 9.
+ CONFIG: OSTYPE(`bsdi1.0') and OSTYPE(`bsdi2.0') have been
+ deprecated and may be removed from a future release.
+ BSD/OS users should begin using OSTYPE(`bsdi').
+ CONFIG: OpenBSD 2.4 installs mail.local non-setuid root. This
+ requires a new OSTYPE(`openbsd'). From Todd C. Miller of
+ Courtesan Consulting.
+ CONFIG: New OSTYPE(`hpux11') for HP/UX 11.X.
+ CONFIG: A syntax error in check_mail would cause fake top-level
+ domains (.BITNET, .DECNET, .FAX, .USENET, and .UUCP) to
+ be improperly rejected as unresolvable.
+ CONFIG: New FEATURE(`dnsbl') takes up to two arguments (name of
+ DNS server, rejection message) and can be included
+ multiple times.
+ CONFIG: New FEATURE(`relay_mail_from') allows relaying if the
+ mail sender is listed as RELAY in the access map (and tagged
+ with From:).
+ CONFIG: Optional tagging of LHS in the access map (Connect:,
+ From:, To:) to enable finer control.
+ CONFIG: New FEATURE(`ldap_routing') implements LDAP address
+ routing. See cf/README for a complete description of the
+ new functionality.
+ CONFIG: New variables for the new sendmail options:
+ confAUTH_MECHANISMS AuthMechanisms
+ confAUTH_OPTIONS AuthOptions
+ confCLIENT_OPTIONS ClientPortOptions
+ confCONTROL_SOCKET_NAME ControlSocketName
+ confDEAD_LETTER_DROP DeadLetterDrop
+ confDEF_AUTH_INFO DefaultAuthInfo
+ confDF_BUFFER_SIZE DataFileBufferSize
+ confLDAP_DEFAULT_SPEC LDAPDefaultSpec
+ confMAX_ALIAS_RECURSION MaxAliasRecursion
+ confMAX_HEADERS_LENGTH MaxHeadersLength
+ confMAX_MIME_HEADER_LENGTH MaxMimeHeaderLength
+ confPID_FILE PidFile
+ confPROCESS_TITLE_PREFIX ProcessTitlePrefix
+ confRRT_IMPLIES_DSN RrtImpliesDsn
+ confTO_CONTROL Timeout.control
+ confTO_RESOLVER_RETRANS Timeout.resolver.retrans
+ confTO_RESOLVER_RETRANS_FIRST Timeout.resolver.retrans.first
+ confTO_RESOLVER_RETRANS_NORMAL Timeout.resolver.retrans.normal
+ confTO_RESOLVER_RETRY Timeout.resolver.retry
+ confTO_RESOLVER_RETRY_FIRST Timeout.resolver.retry.first
+ confTO_RESOLVER_RETRY_NORMAL Timeout.resolver.retry.normal
+ confTRUSTED_USER TrustedUser
+ confXF_BUFFER_SIZE XscriptFileBufferSize
+ CONFIG: confDAEMON_OPTIONS has been replaced by DAEMON_OPTIONS(),
+ which takes the options as argument and can be used
+ multiple times; see cf/README for details.
+ CONFIG: Add a fifth mailer definition to MAILER(`smtp') called
+ "dsmtp". This mail provides on-demand delivery using the
+ F=% mailer flag described above. The "dsmtp" mailer
+ definition uses the new DSMTP_MAILER_ARGS which defaults
+ to "IPC $h".
+ CONFIG: New variables LOCAL_MAILER_MAXMSGS, SMTP_MAILER_MAXMSGS,
+ and RELAY_MAILER_MAXMSGS for setting the m= equate for the
+ local, smtp, and relay mailers respectively.
+ CONFIG: New variable LOCAL_MAILER_DSN_DIAGNOSTIC_CODE for setting
+ the DSN Diagnostic-Code type for the local mailer. The
+ value should be changed with care.
+ CONFIG: FEATURE(`local_lmtp') now sets the DSN Diagnostic-Code type
+ for the local mailer to the proper value of "SMTP".
+ CONFIG: All included maps are no longer optional by default; if
+ there there is a problem with a map, sendmail will
+ complain.
+ CONFIG: Removed root from class E; use EXPOSED_USER(`root')
+ to get the old behavior. Suggested by Joe Pruett
+ of Q7 Enterprises.
+ CONFIG: MASQUERADE_EXCEPTION() defines hosts/subdomains which
+ will not be masqueraded. Proposed by Arne Wichmann
+ of MPI Saarbruecken, Griff Miller of PGS Tensor,
+ Jayme Cox of Broderbund Software Inc.
+ CONFIG: A list of exceptions for FEATURE(`nocanonify') can be
+ specified by CANONIFY_DOMAIN or CANONIFY_DOMAIN_FILE,
+ i.e., a list of domains which are passed to $[ ... $]
+ for canonification. Based on an idea from Neil Rickert
+ of Northern Illinois University.
+ CONFIG: If `canonify_hosts' is specified as parameter for
+ FEATURE(`nocanonify') then addresses which have only
+ a hostname, e.g., <user@host>, will be canonified.
+ CONFIG: If FEATURE(`nocanonify') is turned on, a trailing dot is
+ nevertheless added to addresses with more than one component
+ in it.
+ CONFIG: Canonification is no longer attempted for any host or domain
+ in class 'P' ($=P).
+ CONFIG: New class for matching virtusertable entries $={VirtHost} that
+ can be populated by VIRTUSER_DOMAIN or VIRTUSER_DOMAIN_FILE.
+ FEATURE(`virtuser_entire_domain') can be used to apply this
+ class also to entire subdomains. Hosts in this class are
+ treated as canonical in SCanonify2, i.e., a trailing dot
+ is added.
+ CONFIG: If VIRTUSER_DOMAIN() or VIRTUSER_DOMAIN_FILE() are used,
+ include $={VirtHost} in $=R (hosts allowed to relay).
+ CONFIG: FEATURE(`generics_entire_domain') can be used to apply the
+ genericstable also to subdomains of $=G.
+ CONFIG: Pass "+detail" as %2 for virtusertable lookups.
+ Patch from Noam Freedman from University of Chicago.
+ CONFIG: Pass "+detail" as %1 for genericstable lookups. Suggested
+ by Raymond S Brand of rsbx.net.
+ CONFIG: Allow @domain in genericstable to override masquerading.
+ Suggested by Owen Duffy from Owen Duffy & Associates.
+ CONFIG: LOCAL_DOMAIN() adds entries to class w. Suggested by Steve
+ Hubert of University of Washington.
+ CONFIG: OSTYPE(`gnuhurd') has been replaced by OSTYPE(`gnu') as
+ GNU is now the canonical system name. From Mark
+ Kettenis of the University of Amsterdam.
+ CONFIG: OSTYPE(`unixware7') updates from Larry Rosenman.
+ CONFIG: Do not include '=' in option expansion if there is no value
+ associated with the option. From Andrew Brown of
+ Graffiti World Wide, Inc.
+ CONFIG: Add MAILER(`qpage') to define a new pager mailer. Contributed
+ by Philip A. Prindeville of Enteka Enterprise Technology
+ Services.
+ CONFIG: MAILER(`cyrus') was not preserving case for mail folder
+ names. Problem noted by Randall Winchester of Swales
+ Aerospace.
+ CONFIG: RELAY_MAILER_FLAGS can be used to define additional flags
+ for the relay mailer. Suggested by Doug Hughes of Auburn
+ University and Brian Candler.
+ CONFIG: LOCAL_MAILER_FLAGS now includes 'P' (Add Return-Path:
+ header) by default. Suggested by Per Hedeland of Ericsson.
+ CONFIG: Use SMART_HOST for bracketed addresses, e.g., user@[host].
+ Suggested by Kari Hurtta of the Finnish Meteorological
+ Institute.
+ CONFIG: New macro MODIFY_MAILER_FLAGS to tweak *_MAILER_FLAGS;
+ i.e., to set, add, or delete flags.
+ CONFIG: If SMTP AUTH is used then relaying is allowed for any user
+ who authenticated via a "trusted" mechanism, i.e., one that
+ is defined via TRUST_AUTH_MECH(`list of mechanisms').
+ CONFIG: FEATURE(`delay_checks') delays check_mail and check_relay
+ after check_rcpt and allows for exceptions from the checks.
+ CONFIG: Map declarations have been moved into their associated
+ feature files to allow greater flexibility in use of
+ sequence maps. Suggested by Per Hedeland of Ericsson.
+ CONFIG: New macro LOCAL_MAILER_EOL to override the default end of
+ line string for the local mailer. Requested by Il Oh of
+ Willamette Industries, Inc.
+ CONFIG: Route addresses are stripped, i.e., <@a,@b,@c:user@d> is
+ converted to <user@d>
+ CONFIG: Reject bogus return address of <@@hostname>, generated by
+ Sun's older, broken configuration files.
+ CONFIG: FEATURE(`nullclient') now provides the full rulesets of a
+ normal configuration, allowing anti-spam checks to be
+ performed.
+ CONFIG: Don't return a permanent error (Relaying denied) if
+ ${client_name} can't be resolved just temporarily.
+ Suggested by Kari Hurtta of the Finnish Meteorological
+ Institute.
+ CONFIG: Change numbered rulesets into named (which still can
+ be accessed by their numbers).
+ CONFIG: FEATURE(`nouucp') takes one parameter: reject or nospecial
+ which describes whether to disallow "!" in the local part
+ of an address.
+ CONFIG: Call Local_localaddr from localaddr (S5) which can be used
+ to rewrite an address from a mailer which has the F=5 flag
+ set. If the ruleset returns a mailer, the appropriate
+ action is taken, otherwise the returned tokens are ignored.
+ CONFIG: cf/ostype/solaris.m4 has been renamed to solaris2.pre5.m4
+ and cf/ostype/solaris2.m4 is now a copy of solaris2.ml.m4.
+ The latter is kept around for backward compatibility.
+ CONFIG: Allow ":D.S.N:" for mailer/virtusertable "error:" entries,
+ where "D.S.N" is an RFC 1893 compliant error code.
+ CONFIG: Use /usr/lbin as confEBINDIR for Compaq Tru64 (Digital UNIX).
+ CONFIG: Remove second space between username and date in UNIX From_
+ line. Noted by Allan E Johannesen of Worcester Polytechnic
+ Institute.
+ CONFIG: Make sure all of the mailers have complete T= equates.
+ CONFIG: Extend FEATURE(`local_procmail') so it can now take
+ arguments overriding the mailer program, arguments, and
+ mailer definition flags. This makes it possible to use
+ other programs such as maildrop for local delivery.
+ CONFIG: Emit warning if FEATURE(`local_lmtp') or
+ FEATURE(`local_procmail') is given after MAILER(`local').
+ Patch from Richard A. Nelson of IBM.
+ CONFIG: Add SMTP Authentication information to Received: header
+ default value (confRECEIVED_HEADER).
+ CONFIG: Remove `l' flag from USENET_MAILER_FLAGS as it is not a
+ local mailer. Problem noted by Per Hedeland of Ericsson.
+ CONTRIB: Added bounce-resender.pl from Brian R. Gaeke of the
+ University of California at Berkeley.
+ CONTRIB: Added domainmap.m4 from Mark D. Roth of the University of
+ Illinois at Urbana-Champaign.
+ CONTRIB: etrn.pl now recognizes bogus host names. Patch from
+ Bruce Barnett of GE's R&D Lab.
+ CONTRIB: Patches for re-mqueue.pl by Graeme Hewson of Oracle
+ Corporation UK.
+ CONTRIB: Added qtool.pl to assist in managing the queues.
+ DEVTOOLS: Prevent user environment variables from interfering with
+ the Build scripts. Problem noted by Ezequiel H. Panepucci of
+ Yale University.
+ DEVTOOLS: 'Build -M' will display the obj.* directory which will
+ be used for building.
+ DEVTOOLS: 'Build -A' will display the architecture that would be
+ used for a fresh build.
+ DEVTOOLS: New variable confRANLIB, set automatically by configure.sh.
+ DEVTOOLS: New variable confRANLIBOPTS for the options to send to
+ ranlib.
+ DEVTOOLS: 'Build -O <path>' will have the object files build in
+ <path>/obj.*. Suggested by Bryan Costales of Exactis.
+ DEVTOOLS: New variable confNO_MAN_BUILD which will prevent the
+ building of the man pages when defined. Suggested by Bryan
+ Costales.
+ DEVTOOLS: New variables confNO_HELPFILE_INSTALL and
+ confNO_STATISTICS_INSTALL which will prevent the
+ installation of the sendmail helpfile and statistics file
+ respectively. Suggested by Bryan Costales.
+ DEVTOOLS: Recognize ReliantUNIX as SINIX. Patch from Gerald Rinske
+ of Siemens Business Services.
+ DEVTOOLS: New variable confSTDIO_TYPE which defines the type of
+ stdio library. The new buffered file I/O depends on the
+ Torek stdio library. This option can be either portable or
+ torek.
+ DEVTOOLS: New variables confSRCADD and confSMSRCADD which
+ correspond to confOBJADD and confSMOBJADD respectively.
+ They should contain the C source files for the object files
+ listed in confOBJADD and confSMOBJADD. These file names
+ will be passed to the 'make depend' stage of compilation.
+ DEVTOOLS: New program specific variables for each of the programs
+ in the sendmail distribution. Each has the form
+ `conf_prog_ENVDEF', for example, `conf_sendmail_ENVDEF'.
+ The new variables are conf_prog_ENVDEF, conf_prog_LIBS,
+ conf_prog_SRCADD, and conf_prog_OBJADD.
+ DEVTOOLS: Build system redesign. This should have little affect on
+ building the distribution, but documentation on the changes
+ are in devtools/README.
+ DEVTOOLS: Don't allow 'Build -f file' if an object directory already
+ exists. Suggested by Valdis Kletnieks of Virginia Tech.
+ DEVTOOLS: Rename confSRCDIR to confSMSRCDIR since it only identifies
+ the path to the sendmail source directory. confSRCDIR is a
+ new variable which identifies the root of the source
+ directories for all of the programs in the distribution.
+ DEVTOOLS: confSRCDIR and confSMSRCDIR are now determined at Build
+ time. They can both still be overridden by setting the m4
+ macro.
+ DEVTOOLS: confSBINGRP now defaults to bin instead of kmem.
+ DEVTOOLS: 'Build -Q prefix' uses devtools/Site/prefix.*.m4 for
+ build configurations, and places objects in obj.prefix.*/.
+ Complains as 'Build -f file' does for existing object
+ directories. Suggested by Tom Smith of Digital Equipment
+ Corporation.
+ DEVTOOLS: Setting confINSTALL_RAWMAN will install unformatted
+ manual pages in the directory tree specified by
+ confMANROOTMAN.
+ DEVTOOLS: If formatting the manual pages fails, copy in the
+ preformatted pages from the distribution. The new variable
+ confCOPY specifies the copying program.
+ DEVTOOLS: Defining confFORCE_RMAIL will install rmail without
+ question. Suggested by Terry Lambert of Whistle
+ Communications.
+ DEVTOOLS: confSTFILE and confHFFILE can be used to change the names
+ of the installed statistics and help files, respectively.
+ DEVTOOLS: Remove spaces in `uname -r` output when determining
+ operating system identity. Problem noted by Erik
+ Wachtenheim of Dartmouth College.
+ DEVTOOLS: New variable confLIBSEARCHPATH to specify the paths that
+ will be search for the libraries specified in confLIBSEARCH.
+ Defaults to "/lib /usr/lib /usr/shlib".
+ DEVTOOLS: New variables confSTRIP and confSTRIPOPTS for specifying
+ how to strip binaries. These are used by the new
+ install-strip target.
+ DEVTOOLS: New config file site.post.m4 which is included after
+ the others (if it exists).
+ DEVTOOLS: Change order of LIBS: first product specific libraries
+ then the default ones.
+ MAIL.LOCAL: Will not be installed setuid root. To use mail.local
+ as local delivery agent without LMTP mode, use
+ MODIFY_MAILER_FLAGS(`LOCAL', `+S')
+ to set the S flag.
+ MAIL.LOCAL: Do not reject addresses which would otherwise be
+ accepted by sendmail. Suggested by Neil Rickert of
+ Northern Illinois University.
+ MAIL.LOCAL: New -7 option which causes LMTP mode not to advertise
+ 8BITMIME in the LHLO response. Suggested by Kari Hurtta of
+ the Finnish Meteorological Institute.
+ MAIL.LOCAL: Add support for the maillock() routines by defining
+ MAILLOCK when compiling. Also requires linking with
+ -lmail. Patch from Neil Rickert of Northern Illinois
+ University.
+ MAIL.LOCAL: Create a Content-Length: header if CONTENTLENGTH is
+ defined when compiling. Automatically set for Solaris 2.3
+ and later. Patch from Neil Rickert of Northern Illinois
+ University.
+ MAIL.LOCAL: Move the initialization of the 'notifybiff' address
+ structure to the beginning of the program. This ensures that
+ the getservbyname() is done before any seteuid to a possibly
+ unauthenticated user. If you are using NIS+ and secure RPC
+ on a Solaris system, this avoids syslog messages such as,
+ "authdes_refresh: keyserv(1m) is unable to encrypt session
+ key." Patch from Neil Rickert of Northern Illinois
+ University.
+ MAIL.LOCAL: Support group writable mail spool files when MAILGID is
+ set to the gid to use (-DMAILGID=6) when compiling.
+ Patch from Neil Rickert of Northern Illinois University.
+ MAIL.LOCAL: When a mail message included lines longer than 2046
+ characters (in LMTP mode), mail.local split the incoming
+ line up into 2046-character output lines (excluding the
+ newline). If an input line was 2047 characters long
+ (excluding CR-LF) and the last character was a '.',
+ mail.local saw it as the end of input, transfered it to the
+ user mailbox and tried to write an `ok' back to sendmail.
+ If the message was much longer, both sendmail and
+ mail.local would deadlock waiting for each other to read
+ what they have written. Problem noted by Peter Jeremy of
+ Alcatel Australia Limited.
+ MAIL.LOCAL: New option -b to return a permanent error instead of a
+ temporary error if a mailbox exceeds quota. Suggested by
+ Neil Rickert of Northern Illinois University.
+ MAIL.LOCAL: The creation of a lockfile is subject to a global
+ timeout to avoid starvation.
+ MAIL.LOCAL: Properly parse addresses with multiple quoted
+ local-parts. Problem noted by Ronald F. Guilmette of
+ Infinite Monkeys & Co.
+ MAIL.LOCAL: NCR MP/RAS 3.X portability from Tom J. Moore of NCR.
+ MAILSTATS: New -p option to invoke program mode in which stats are
+ printed in a machine readable fashion and the stats file
+ is reset. Patch from Kevin Hildebrand of the University
+ of Maryland.
+ MAKEMAP: If running as root, automatically change the ownership of
+ generated maps to the TrustedUser as specified in the
+ sendmail configuration file.
+ MAKEMAP: New -C option to accept an alternate sendmail
+ configuration file to use for finding the TrustedUser
+ option.
+ MAKEMAP: New -u option to dump (unmap) a database. Based on
+ code contributed by Roy Mongiovi of Georgia Tech.
+ MAKEMAP: New -e option to allow empty values. Suggested by Philip
+ A. Prindeville of Enteka Enterprise Technology Services.
+ MAKEMAP: Compile cleanly on 64-bit operating systems. Problem
+ noted by Gerald Rinske of Siemens Business Services.
+ OP.ME: Correctly document interaction between F=S and U= mailer
+ equates. Problem noted by Bob Halley of Internet Engines.
+ OP.ME: Fixup Timeout documentation. From Graeme Hewson of Oracle
+ Corporation UK.
+ OP.ME: The Timeout [r] option was incorrectly listed as "safe"
+ (e.g., sendmail would not drop root privileges if the
+ option was specified on the command line). Problem noted
+ by Todd C. Miller of Courtesan Consulting.
+ PRALIASES: Handle the hash and btree map specifications for
+ Berkeley DB. Patch from Brian J. Coan of the
+ Institute for Global Communications.
+ PRALIASES: Read the sendmail.cf file for the location(s) of the
+ alias file(s) if the -f option is not used. Patch from
+ John Beck of Sun Microsystems.
+ PRALIASES: New -C option to specify an alternate sendmail
+ configuration file to use for finding alias file(s). Patch
+ from John Beck of Sun Microsystems.
+ SMRSH: allow shell commands echo, exec, and exit. Allow command
+ lists using || and &&. Based on patch from Brian J. Coan
+ of the Institute for Global Communications.
+ SMRSH: Update README for the new Build system. From Tim Pierce
+ of RootsWeb Genealogical Data Cooperative.
+ VACATION: Added vacation auto-responder to sendmail distribution.
+ LIBSMDB: Added abstracted database library. Works with Berkeley
+ DB 1.85, Berkeley DB 2.X, Berkeley DB 3.X, and NDBM.
+ Changed Files:
+ The Build script in the various program subdirectories are
+ no longer symbolic links. They are now scripts
+ which execute the actual Build script in
+ devtools/bin.
+ All the manual pages are now written against -man and not
+ -mandoc as they were previously.
+ Add a simple Makefile to every directory so make instead
+ of Build will work (unless parameters are
+ required for Build).
+ New Directories:
+ devtools/M4/UNIX
+ include
+ libmilter
+ libsmdb
+ libsmutil
+ vacation
+ Renamed Directories:
+ BuildTools => devtools
+ src => sendmail
+ Deleted Files:
+ cf/m4/nullrelay.m4
+ devtools/OS/Linux.ppc
+ devtools/OS/ReliantUNIX
+ devtools/OS/SINIX
+ sendmail/ldap_map.h
+ New Files:
+ INSTALL
+ PGPKEYS
+ cf/cf/generic-linux.cf
+ cf/cf/generic-linux.mc
+ cf/feature/delay_checks.m4
+ cf/feature/dnsbl.m4
+ cf/feature/generics_entire_domain.m4
+ cf/feature/no_default_msa.m4
+ cf/feature/relay_mail_from.m4
+ cf/feature/virtuser_entire_domain.m4
+ cf/mailer/qpage.m4
+ cf/ostype/bsdi.m4
+ cf/ostype/hpux11.m4
+ cf/ostype/openbsd.m4
+ contrib/bounce-resender.pl
+ contrib/domainmap.m4
+ contrib/qtool.8
+ contrib/qtool.pl
+ devtools/M4/depend/AIX.m4
+ devtools/M4/list.m4
+ devtools/M4/string.m4
+ devtools/M4/subst_ext.m4
+ devtools/M4/switch.m4
+ devtools/OS/Darwin
+ devtools/OS/GNU
+ devtools/OS/SINIX.5.43
+ devtools/OS/SINIX.5.44
+ devtools/OS/m88k
+ devtools/bin/find_in_path.sh
+ mail.local/Makefile
+ mailstats/Makefile
+ makemap/Makefile
+ praliases/Makefile
+ rmail/Makefile
+ sendmail/Makefile
+ sendmail/bf.h
+ sendmail/bf_portable.c
+ sendmail/bf_portable.h
+ sendmail/bf_torek.c
+ sendmail/bf_torek.h
+ sendmail/shmticklib.c
+ sendmail/statusd_shm.h
+ sendmail/timers.c
+ sendmail/timers.h
+ smrsh/Makefile
+ vacation/Makefile
+ Renamed Files:
+ cf/ostype/gnuhurd.m4 => cf/ostype/gnu.m4
+ sendmail/cdefs.h => include/sendmail/cdefs.h
+ sendmail/sendmail.hf => sendmail/helpfile
+ sendmail/mailstats.h => include/sendmail/mailstats.h
+ sendmail/pathnames.h => include/sendmail/pathnames.h
+ sendmail/safefile.c => libsmutil/safefile.c
+ sendmail/snprintf.c => libsmutil/snprintf.c
+ sendmail/useful.h => include/sendmail/useful.h
+ cf/ostype/solaris2.m4 => cf/ostype/solaris2.pre5.m4
+ Copied Files:
+ cf/ostype/solaris2.ml.m4 => cf/ostype/solaris2.m4
+
+8.9.3/8.9.3 1999/02/04
SECURITY: Limit message headers to a maximum of 32K bytes (total
of all headers in a single message) to prevent a denial of
service attack. This limit will be configurable in 8.10.
@@ -47,7 +1697,9 @@ summary of the changes in that release.
published in the updated SMTP specification from the DRUMS
group of the IETF.
Portability:
- AIX 4.2.0.2 ships with a /usr/lib/libbind.a which should
+ AIX 4.2.0 or 4.2.1 may become updated by the fileset
+ bos.rte.net level 4.2.0.2. This introduces the
+ softlink /usr/lib/libbind.a which should
not be used. It conflicts with the resolver
built into libc.a. "bind" has been removed
from the confLIBSEARCH BuildTools variable.
@@ -87,12 +1739,12 @@ summary of the changes in that release.
CONFIG: The bestmx_is_local checking done in check_rcpt would
cause later checks to fail. Patch from Paul J Murphy of
MIDS Europe.
- New files:
+ New Files:
BuildTools/OS/CRAYTS.10.0.x
BuildTools/OS/ReliantUNIX
BuildTools/OS/SunOS.5.8
-8.9.2/8.9.2 98/12/30
+8.9.2/8.9.2 1998/12/30
SECURITY: Remove five second sleep on accepting daemon connections
due to an accept() failure. This sleep could be used
for a denial of service attack.
@@ -133,10 +1785,10 @@ summary of the changes in that release.
in case the $HFDIR directory does not exist. Problem
noted by Josef Svitak of Montana State University.
Close all maps when exiting the process with one exception.
- Berkeley DB can use internal shared memory locking for
- its memory pool. Closing a map opened by another process
- will interfere with the shared memory and locks of the
- parent process leaving things in a bad state. For
+ Berkeley DB can use internal shared memory locking for
+ its memory pool. Closing a map opened by another process
+ will interfere with the shared memory and locks of the
+ parent process leaving things in a bad state. For
Berkeley DB, only close the map if the current process
is also the one that opened the map, otherwise only close
the map file descriptor. Thanks to Yoseff Francus of
@@ -145,7 +1797,7 @@ summary of the changes in that release.
Avoid null pointer dereference on XDEBUG output for SMTP reply
failures. Problem noted by Carlos Canau of EUnet Portugal.
On mailq and hoststat listings being piped to another program, such
- as more, if the pipe closes (i.e. the user quits more),
+ as more, if the pipe closes (i.e., the user quits more),
stop sending output and exit. Patch from Allan E Johannesen
of Worcester Polytechnic Institute.
In accordance with the documentation, LDAP map lookup failures
@@ -223,7 +1875,7 @@ summary of the changes in that release.
there are multiple RBL's available and the MAPS RBL may
not be the one in use. Suggested by Alan Brown of
Manawatu Internet Services.
- CONFIG: Properly strip route addresses (i.e. @host1:user@host2)
+ CONFIG: Properly strip route addresses (i.e., @host1:user@host2)
when stripping down a recipient address to check for
relaying. Patch from Claus Assmann of
Christian-Albrechts-University of Kiel and Neil W Rickert
@@ -235,7 +1887,7 @@ summary of the changes in that release.
Dot Com.
CONFIG: Fixed check for deferred delivery mode warning. Patch
from Claus Assmann of Christian-Albrechts-University of
- Kiel and Per Hedeland of Ericsson.
+ Kiel and Per Hedeland of Ericsson.
CONFIG: If a recipient using % addressing is used, e.g.
user%site@othersite, and othersite's MX records are now
checked for local hosts if FEATURE(relay_based_on_MX) is
@@ -264,11 +1916,11 @@ summary of the changes in that release.
New Files:
BuildTools/OS/IRIX64.6.5
BuildTools/OS/UnixWare.5.i386
- cf/cf/unixware7.m4
+ cf/ostype/unixware7.m4
contrib/smcontrol.pl
src/control.c
-8.9.1/8.9.1 98/07/02
+8.9.1/8.9.1 1998/07/02
If both an OS specific site configuration file and a generic
site.config.m4 file existed, only the latter was used
instead of both. Problem noted by Geir Johannessen of
@@ -289,10 +1941,10 @@ summary of the changes in that release.
If the check_relay ruleset resolved to the discard mailer, messages
were still delivered. Problem noted by Mirek Luc of NASK.
Mail delivery to files would fail with an Operating System Error
- if sendmail was not running as root, i.e. RunAsUser was set.
+ if sendmail was not running as root, i.e., RunAsUser was set.
Problem noted by Leonard N. Zubkoff of Dandelion Digital.
Prevent MinQueueAge from interfering from queued items created
- in the future, i.e. if the system clock was set ahead
+ in the future, i.e., if the system clock was set ahead
and then back. Problem noted by Michael Miller of the
University of Natal, Pietermaritzburg.
Do not advertise ETRN support in ESTMP EHLO reply if noetrn is
@@ -353,11 +2005,11 @@ summary of the changes in that release.
New Files:
BuildTools/OS/DomainOS.10.4
-8.9.0/8.9.0 98/05/19
+8.9.0/8.9.0 1998/05/19
SECURITY: To prevent users from reading files not normally
readable, sendmail will no longer open forward, :include:,
class, ErrorHeader, or HelpFile files located in unsafe
- (i.e. group or world writable) directory paths. Sites
+ (i.e., group or world writable) directory paths. Sites
which need the ability to override security can use the
DontBlameSendmail option. See the README file for more
information.
@@ -411,7 +2063,7 @@ summary of the changes in that release.
only done if you had magic characters (0x81) to indicate
macro expansion. Now $x will be expanded. This means that
real dollar signs have to be backslash escaped.
- TCP Wrappers expects "unknown" in the hostname argument if the
+ TCP Wrappers expects "unknown" in the hostname argument if the
reverse DNS lookup for the incoming connection fails.
Problem noted by Randy Grimshaw of Syracuse University and
Wietse Venema of the Global Security Analysis Lab at
@@ -455,11 +2107,11 @@ summary of the changes in that release.
Technical University of Braunschweig. Patch from Per Hedeland
of Ericsson.
Print test input in address test mode when input is not from the tty
- when the -v flag is given (i.e. sendmail -bt -v) to make
+ when the -v flag is given (i.e., sendmail -bt -v) to make
output easier to decipher. Problem noted by Aidan Nichol
of Procter & Gamble.
The LDAP map -s flag was not properly parsed and the error message
- given included the remainder of the arguments instead of
+ given included the remainder of the arguments instead of
solely the argument in error. Problem noted by Aidan Nichol
of Procter & Gamble.
New DontBlameSendmail option. This option allows administrators to
@@ -512,7 +2164,7 @@ summary of the changes in that release.
a forward (A) DNS lookup on the result of the PTR lookup
and compare results. If they differ or if the PTR lookup
fails, &{client_name} will contain the IP address
- surrounded by square brackets (e.g. [127.0.0.1]).
+ surrounded by square brackets (e.g., [127.0.0.1]).
New map flag: -Tx appends "x" to lookups that return temporary failure
(i.e, it is like -ax for the temporary failure case, in
contrast to the success case).
@@ -534,7 +2186,7 @@ summary of the changes in that release.
obeys all of the F= mailer flags such as the MIME
7/8 bit conversion flags. This is useful for defining
a mailer which delivers to the same file regardless of the
- recipient (e.g. 'A=FILE /dev/null' to discard unwanted mail).
+ recipient (e.g., 'A=FILE /dev/null' to discard unwanted mail).
Do not assume the identity of a remote connection is root@localhost
if the remote connection closes the socket before the
remote identity can be queried.
@@ -756,7 +2408,7 @@ summary of the changes in that release.
Kari Hurtta of the Finnish Meteorological Institute.
CONFIG: .cf files are now stored in the same directory with the
.mc files instead of in the obj directory.
- CONFIG: New options confSINGLE_LINE_FROM_HEADER,
+ CONFIG: New options confSINGLE_LINE_FROM_HEADER,
confALLOW_BOGUS_HELO, and confMUST_QUOTE_CHARS for
setting SingleLineFromHeader, AllowBogusHELO, and
MustQuoteChars respectively.
@@ -765,7 +2417,7 @@ summary of the changes in that release.
status on a per-user basis. Code donated by John Myers of
CMU (now of Netscape).
MAIL.LOCAL: HP-UX support from Randall S. Winchester of the
- University of Maryland. NOTE: mail.local is not
+ University of Maryland. NOTE: mail.local is not
compatible with the stock HP-UX mail format. Be sure to
read mail.local/README.
MAIL.LOCAL: Prevent other mail delivery agents from stealing a
@@ -875,7 +2527,7 @@ summary of the changes in that release.
cf/cf/obj/* => cf/cf/*
src/READ_ME => src/README
-8.8.8/8.8.8 97/10/24
+8.8.8/8.8.8 1997/10/24
If the check_relay ruleset failed, the relay= field was logged
incorrectly. Problem noted by Kari Hurtta of the Finnish
Meteorological Institute.
@@ -961,7 +2613,7 @@ summary of the changes in that release.
Problem noted by Kari E. Hurtta of the Finnish Meteorological
Institute.
Make sure non-rebuildable database maps are opened before the
- rebuildable maps (i.e. alias files) in case the database maps
+ rebuildable maps (i.e., alias files) in case the database maps
are needed for verifying the left hand side of the aliases.
Problem noted by Lloyd Parkes of Victoria University.
Make sure sender RFC822 source route addresses are alias expanded for
@@ -994,7 +2646,7 @@ summary of the changes in that release.
chownsafe() to always return 0 even if the OS does
not permit file giveaways. Problem noted by
Yasutaka Sumi of The University of Tokyo.
- IRIX6: Syslog buffer size set to 512 bytes. Reported by
+ IRIX6: Syslog buffer size set to 512 bytes. Reported by
Gerald Rinske of Siemens Business Services VAS.
Linux: Pad process title with NULLs. Problem noted by
Jon Lewis of Florida Digital Turnpike.
@@ -1014,7 +2666,7 @@ summary of the changes in that release.
OP.ME: Document the F=i mailer flag. Problem noted by Per Hedeland of
Ericsson.
-8.8.7/8.8.7 97/08/03
+8.8.7/8.8.7 1997/08/03
If using Berkeley DB on systems without O_EXLOCK (open a file with
an exclusive lock already set -- i.e., almost all systems
except 4.4-BSD derived systems), the initial attempt at
@@ -1166,7 +2818,7 @@ summary of the changes in that release.
DELETED FILES:
Makefile
-8.8.6/8.8.6 97/06/14
+8.8.6/8.8.6 1997/06/14
*************************************************************
* The extensive assistance of Gregory Neil Shapiro of WPI *
* in preparing this release is gratefully appreciated. *
@@ -1424,7 +3076,7 @@ summary of the changes in that release.
MAILER(procmail), but do pass F=Pn9 (include Return-Path:,
don't include From_, and convert to 8-bit). Suggestions
from Kimmo Suominen and Roderick Schertler.
- CONFIG: Domains under $=M (specified with MASQUERADE_DOMAIN) where
+ CONFIG: Domains under $=M (specified with MASQUERADE_DOMAIN) were
being masqueraded as though FEATURE(masquerade_entire_domain)
was specified, even when it wasn't.
MAIL.LOCAL: Solaris 2.6 has snprintf. From John Beck of SunSoft.
@@ -1469,7 +3121,7 @@ summary of the changes in that release.
src/Makefiles/Makefile.IRIX.6.2 => Makefile.IRIX.6.x
src/Makefiles/Makefile.IRIX64 => Makefile.IRIX64.6.0
-8.8.5/8.8.5 97/01/21
+8.8.5/8.8.5 1997/01/21
SECURITY: Clear out group list during startup. Without this, sendmail
will continue to run with the group permissions of the caller,
even if RunAsUser is specified.
@@ -1613,7 +3265,7 @@ summary of the changes in that release.
a duplex printer. From Matthew Black of Cal State University,
Long Beach.
-8.8.4/8.8.4 96/12/02
+8.8.4/8.8.4 1996/12/02
SECURITY: under some circumstances, an attacker could get additional
permissions by hard linking to files that were group
writable by the attacker. The solution is to disallow any
@@ -1712,7 +3364,7 @@ summary of the changes in that release.
NEW FILES:
contrib/etrn.pl
-8.8.3/8.8.3 96/11/17
+8.8.3/8.8.3 1996/11/17
SECURITY: it was possible to get a root shell by lying to sendmail
about argv[0] and then sending it a signal. Problem noted
by Leshka Zakharoff <leshka@leshka.chuvashia.su> on the
@@ -1825,7 +3477,7 @@ summary of the changes in that release.
cf/ostype/aix4.m4
cf/ostype/mklinux.m4
-8.8.2/8.8.2 96/10/18
+8.8.2/8.8.2 1996/10/18
SECURITY: fix a botch in the 7-bit MIME patch; the previous patch
changed the code but didn't fix the problem.
PORTABILITY FIXES:
@@ -1836,7 +3488,7 @@ summary of the changes in that release.
from this document. These flags were F=d, F=j, F=R, and F=9.
CONFIG: no changes.
-8.8.1/8.8.1 96/10/17
+8.8.1/8.8.1 1996/10/17
SECURITY: unset all environment variables that the resolver will
examine during queue runs and daemon mode. Problem noted
by Dan Bernstein of the University of Illinois at Chicago.
@@ -1889,7 +3541,7 @@ summary of the changes in that release.
MAIL.LOCAL: patches to compile on NEXTSTEP. From Patrick Nolan
of Stanford via Robert La Ferla.
-8.8.0/8.8.0 96/09/26
+8.8.0/8.8.0 1996/09/26
Under some circumstances, Bcc: headers would not be properly
deleted. Pointed out by Jonathan Kamens of OpenVision.
Log a warning if the sendmail daemon is invoked without a full
@@ -2251,7 +3903,7 @@ summary of the changes in that release.
framework is gratefully appreciated.
New SingleThreadDelivery option (requires HostStatusDirectory to
operate). Avoids letting two sendmails on the local machine
- open connections to the same remote host at the same time.
+ open connections to the same remote host at the same time.
This reduces load on the other machine, but can cause mail to
be delayed (for example, if one sendmail is delivering a huge
message, other sendmails won't be able to send even small
@@ -2531,7 +4183,7 @@ summary of the changes in that release.
src/Makefiles/Makefile.NeXT => Makefile.NeXT.2.x
src/Makefiles/Makefile.NEXTSTEP => Makefile.NeXT.3.x
-8.7.6/8.7.3 96/09/17
+8.7.6/8.7.3 1996/09/17
SECURITY: It is possible to force getpwuid to fail when writing the
queue file, causing sendmail to fall back to running programs
as the default user. This is not exploitable from off-site.
@@ -2541,7 +4193,7 @@ summary of the changes in that release.
a local user to get root. This is not known to be exploitable
from off-site. The workaround is to disable chfn(1) commands.
-8.7.5/8.7.3 96/03/04
+8.7.5/8.7.3 1996/03/04
Fix glitch in 8.7.4 when putting certain internal lines; this can
in some case cause connections to hang or messages to have
extra spaces in odd places. Patch from Eric Wassenaar;
@@ -2549,14 +4201,14 @@ summary of the changes in that release.
Hansen of Stanford University, Dean Gaudet of HotWired,
and others.
-8.7.4/8.7.3 96/02/18
+8.7.4/8.7.3 1996/02/18
SECURITY: In some cases it was still possible for an attacker to
insert newlines into a queue file, thus allowing access to
any user (except root).
CONFIG: no changes -- it is not a bug that the configuration
version number is unchanged.
-8.7.3/8.7.3 95/12/03
+8.7.3/8.7.3 1995/12/03
Fix botch in name server timeout in RCPT code; this problem caused
two responses in SMTP, which breaks things horribly. Fix
from Gregory Neil Shapiro of WPI.
@@ -2575,7 +4227,7 @@ summary of the changes in that release.
CONFIG: add confHOSTS_FILE m4 variable to set HostsFile option.
Deficiency pointed out by Bryan Costales of ICSI.
-8.7.2/8.7.2 95/11/19
+8.7.2/8.7.2 1995/11/19
REALLY fix the backslash escapes in SmtpGreetingMessage,
OperatorChars, and UnixFromLine options. They were not
properly repaired in 8.7.1.
@@ -2719,7 +4371,7 @@ summary of the changes in that release.
portability changes for Posix environments (no functional
changes).
-8.7.1/8.7.1 95/10/01
+8.7.1/8.7.1 1995/10/01
Old macros that have become options (SmtpGreetingMessage,
OperatorChars, and UnixFromLine) didn't allow backslash
escapes in the options, where they previously had. Bug
@@ -2804,7 +4456,7 @@ summary of the changes in that release.
src/Makefiles/Makefile.KSR (omitted from 8.7 by mistake)
src/Makefiles/Makefile.UXPDS
-8.7/8.7 95/09/16
+8.7/8.7 1995/09/16
Fix a problem that could cause sendmail to run out of file
descriptors due to a trashed data structure after a
vfork. Fix from Brian Coan of the Institute for
@@ -3182,7 +4834,7 @@ summary of the changes in that release.
Add multiple queue timeouts (both return and warning). These are
set by the Precedence: or Priority: header fields to one of
three values. If a Priority: is set and has value "normal",
- "urgent", or "non-urgent" the corresponding timeouts are
+ "urgent", or "non-urgent" the corresponding timeouts are
used. If no priority is set, the Precedence: is consulted;
if negative, non-urgent timeouts are used; if greater than
zero, urgent timeouts are used. Otherwise, normal timeouts
@@ -3810,7 +5462,7 @@ summary of the changes in that release.
and this can create unreplyable addresses. From Chip
Rosenthal of Unicom.
CONFIG: add confRECEIVED_HEADER to change the format of the
- Received: header inserted into all messages. Suggested by
+ Received: header inserted into all messages. Suggested by
Gary Mills of the University of Manitoba.
CONFIG: Make "notsticky" the default; use FEATURE(stickyhost)
to get the old behavior. I did this upon observing
@@ -4013,14 +5665,14 @@ summary of the changes in that release.
contrib/rcpt-streaming
src/Makefiles/Makefile.SunOS.5.x
-8.6.13/8.6.12 96/01/25
+8.6.13/8.6.12 1996/01/25
SECURITY: In some cases it was still possible for an attacker to
insert newlines into a queue file, thus allowing access to
any user (except root).
CONFIG: no changes -- it is not a bug that the configuration
version number is unchanged.
-8.6.12/8.6.12 95/03/28
+8.6.12/8.6.12 1995/03/28
Fix to IDENT code (it was getting the size of the reply buffer
too small, so nothing was ever accepted). Fix from several
people, including Allan Johannesen, Shane Castle of the
@@ -4031,7 +5683,7 @@ summary of the changes in that release.
file descriptors on systems that use vfork() rather
than fork().
-8.6.11/8.6.11 95/03/08
+8.6.11/8.6.11 1995/03/08
The ``possible attack'' message would be logged more often
than necessary if you are using Pine as a user agent.
The wrong host would be reported in the ``possible attack''
@@ -4066,7 +5718,7 @@ summary of the changes in that release.
CONFIG: No changes (version number only, to keep it in sync
with the binaries).
-8.6.10/8.6.10 95/02/10
+8.6.10/8.6.10 1995/02/10
SECURITY: Diagnose bogus values to some command line flags that
could allow trash to get into headers and qf files.
Validate the name of the user returned by the IDENT protocol.
@@ -4110,7 +5762,7 @@ summary of the changes in that release.
CONFIG: No changes (version number only, to keep it in sync
with the binaries).
-8.6.9/8.6.9 94/04/19
+8.6.9/8.6.9 1994/04/19
Do all mail delivery completely disconnected from any terminal.
This provides consistency with daemon delivery and
may have some security implications.
@@ -4232,18 +5884,18 @@ summary of the changes in that release.
doc/changes/changes.me
doc/changes/changes.ps
-8.6.8/8.6.6 94/03/21
+8.6.8/8.6.6 1994/03/21
SECURITY: it was possible to read any file as root using the
E (error message) option. Reported by Richard Jones;
fixed by Michael Corrigan and Christophe Wolfhugel.
-8.6.7/8.6.6 94/03/14
+8.6.7/8.6.6 1994/03/14
SECURITY: it was possible to get root access by using weird
values to the -d flag. Thanks to Alain Durand of
INRIA for forwarding me the notice from the bugtraq
list.
-8.6.6/8.6.6 94/03/13
+8.6.6/8.6.6 1994/03/13
SECURITY: the ability to give files away on System V-based
systems proved dangerous -- don't run as the owner
of a :include: file on a system that allows giveaways.
@@ -4475,7 +6127,7 @@ summary of the changes in that release.
doc/intro/Makefile
doc/usenix/Makefile
-8.6.5/8.6.5 94/01/13
+8.6.5/8.6.5 1994/01/13
Security fix: /.forward could be owned by anyone (the test
to allow root to own any file was backwards). From
Bob Campbell at U.C. Berkeley.
@@ -4763,7 +6415,7 @@ summary of the changes in that release.
makemap/Makefile.dist
praliases/Makefile.dist
-8.6.4/8.6.4 93/10/31
+8.6.4/8.6.4 1993/10/31
Repair core-dump problem (write to read-only memory segment)
if you fall back to the return-to-Postmaster case in
savemail. Problem reported by Richard Liu.
@@ -4811,7 +6463,7 @@ summary of the changes in that release.
CONFIG: handle <list:;> syntax correctly. This isn't legal, but
it shouldn't fail miserably. From Motonori Nakamura.
-8.6.2/8.6.2 93/10/15
+8.6.2/8.6.2 1993/10/15
Put a "successful delivery" message in the transcript for
addresses that get return-receipts.
Put a prominent "this is only a warning" message in warning
@@ -4857,13 +6509,13 @@ summary of the changes in that release.
(from Jon Forrest of UC Berkeley)
CONFIG: fix ``mailer:host'' form of UUCP relay naming.
-8.6.1/8.6 93/10/08
+8.6.1/8.6 1993/10/08
Portability fixes for A/UX and Encore UMAX V.
Fix error message handling -- if you had a name server down
causing an error during parsing, that message was never
propagated to the queue file.
-8.6/8.6 93/10/05
+8.6/8.6 1993/10/05
Configuration cleanup: make it easier to undo IDENTPROTO in
conf.h (other systems have the same bug).
If HASGETDTABLESIZE and _SC_OPEN_MAX are both defined, assume
@@ -5067,7 +6719,7 @@ summary of the changes in that release.
CONFIG: class $=Z is a set of UUCP hosts that use uucp-dom
connections (domain-ized UUCP).
CONFIG: fix bug in default maps (-o must be before database file
- name). Pointed out by Christophe Wolfhugel.
+ name). Pointed out by Christophe Wolfhugel.
CONFIG: add FEATURE(nodns) to state that we are not relying on
DNS. This would presumably be used in UUCP islands.
CONFIG: add OSTYPE(nextstep) and OSTYPE(linux).
@@ -5094,7 +6746,7 @@ summary of the changes in that release.
want to hold it for another release. Problem noted by
Bret Marquis.
-8.5/8.5 93/07/23
+8.5/8.5 1993/07/23
Serious bug: if you used a command line recipient that was unknown
sendmail would not send a return message (it was treating
everything as though it had an SMTP-style client that
@@ -5124,7 +6776,7 @@ summary of the changes in that release.
the default on SMART_HOST to change from "suucp" to
"relay" if you have MAILER(smtp) specified.
-8.4/8.4 93/07/22
+8.4/8.4 1993/07/22
Add option `w'. If you receive a message that comes to you because
you are the best (lowest preference) target of an MX, and
you haven't explicitly recognized the source MX host in
@@ -5275,7 +6927,7 @@ summary of the changes in that release.
Changes to cf/sh/makeinfo.sh to make it portable to SVR4
environments. Ugly as sin.
-8.3/8.3 93/07/13
+8.3/8.3 1993/07/13
Fix setuid problems introduced in 8.2 that caused messages
like "Cannot create qfXXXXXX: Invalid argument"
or "Cannot reopen dfXXXXXX: Permission denied". This
@@ -5319,7 +6971,7 @@ summary of the changes in that release.
Christophe Wolfhugel.
CONFIG: Add OSTYPE(aix3). From Christophe Wolfhugel.
-8.2/8.2 93/07/11
+8.2/8.2 1993/07/11
Don't drop out on config file parse errors in -bt mode.
On older configuration files, assume option "l" (use Errors-To
header) for back compatibility. NOTE: this DOES NOT
@@ -5431,7 +7083,7 @@ summary of the changes in that release.
first. This is currently unused in the config files,
but could be used in a mailertable entry.
-8.1C/8.1B 93/06/27
+8.1C/8.1B 1993/06/27
Serious security bug fix: it was possible to read any file on
the system, regardless of ownership and permissions.
If a subroutine returns a fully qualified address, return it
@@ -5439,1149 +7091,13 @@ summary of the changes in that release.
This fixes a problem with mailertable lookups.
CONFIG: fix some M4 frotz (concat => CONCAT)
-8.1B/8.1A 93/06/12
+8.1B/8.1A 1993/06/12
Serious bug fix: pattern matching backup algorithm stepped by
two tokens in classes instead of one. Found by Claus
Assmann at University of Kiel, Germany.
-8.1A/8.1A 93/06/08
+8.1A/8.1A 1993/06/08
Another mailertable fix....
-8.1/8.1 93/06/07
+8.1/8.1 1993/06/07
4.4BSD freeze. No semantic changes.
-
-6.65/6.34 93/06/06
- Fix some lintish problems.
- Fix some cases where server SMTP behaved poorly when handed bogus
- input, pointed out by Eric Wassenaar.
- CONFIG: fix some more (sigh) mailertable bugs -- thanks to
- Motonori Nakamura of Kyoto University (again).
-
-6.64/6.33 93/06/05
- Don't send 050 (-v) information after the 250 response to a QUIT
- command in srvrsmtp -- clients usually close the connection
- at this point, and it causes bogus error messages.
- Don't send messages that have errors on input (such as unbalanced
- parentheses) during SMTP transactions, since a return
- message has (probably) already been sent.
- Give better diagnostics on timeouts during network reads, including
- information similar to the SMTP phase.
- Fix bug that caused SMTP messages to deliver synchronously; this
- happened after the DATA 250, and hence caused reading the
- next command to be delayed.
- Ignore Errors-To: header unless 'l' (lower case el) header is
- specified. The Errors-To: header violates RFC 1123.
- Errors-To: was only needed to take the place of the
- envelope sender in the days when most Unix mailers
- didn't understand about the two kinds of senders.
- Don't send warning messages in response to automatically generated
- messages (that is, those From:<>).
- CONFIG: fix some rather stupid typos in the mailertable code
- pointed out by Motonori Nakamura of Kyoto University.
- CONFIG: add confUSE_ERRORS_TO configuration option.
- CONFIG: if ALWAYS_ADD_DOMAIN is selected, try to use $M
- (masquerade name) instead of $j.
- CONFIG: don't add dots to relay names (added in 6.29); it breaks
- several things, and can be simulated by dot terminating
- the names of relays. For example, use:
- DBbit.net.relay.
- (note the trailing dot).
-
-6.63/6.32 93/06/01
- Fix prototypes to eliminate chars in argument lists -- some
- compilers are pissy about this.
- Log protocol ($r) and body type if set so we can determine if
- the adaptive algorithms are working.
- Pessimize on locking of database files (particularly for NEWDB
- databases) during opens. There were problems with
- processes opening the file while it was rebuilt; since
- NEWDB caches heavily, the reader opened an empty file,
- which is an error. If your system has the ability to
- lock atomically on open, this works properly; otherwise,
- there are race conditions.
- Check mod time on .pag file instead of .dir in NDBM aliases
- because the .dir file doesn't get updated for small
- alias files. From John Gardiner Myers of CMU.
- More Solaris portability -- it now compiles on Solaris, but
- hangs up in gethostbyname().
- Move setting of RES_DEBUG flag before first myhostname() call
- so we can see name server traffic on that call.
- Fsync() queue files.
- Fix a problem that causes -bi to try to rebuild maps other than
- the alias file(s).
- Fix a problem that caused udb to reject entries from any but
- the first database listed.
- Rearrange doc subdirectory for 4.4BSD release tape.
- CONFIG: put $r into the Received line. This was an oversight.
- CONFIG: fix typo (call to ruleset 99 should have been ruleset 90).
- CONFIG: move "auxiliary" subroutines to be in ruleset 90-99
- range -- in the long run, single digit rulesets may
- become reserved for builtin use by sendmail.
- CONFIG: fix major problem that causes host aliases (that is,
- anything in $=w != $j) to not be recognized. This has
- been around since 6.30.
-
-6.62/6.31 93/05/28
- BETA RELEASE
- Fix recursive syserr (if there is an error printing a syserr
- message). This makes the code much less eager to consider
- a write error as serious. This also includes some
- heuristics to be clever about closed connections.
- Lock NEWDB files during gets. This requires version 1.5 or later
- of the db library. If you have an older version, you
- can use -DOLD_NEWDB. This will go away in a few weeks.
- Fix problem causing aliases that use host maps to get overwritten.
- Do appropriate byte swapping on port numbers in ident protocol
- code. Fix from Allan Johannesen of WPI.
- Defer opening of map files to the same time as alias files so that
- the daemon will tend to pick up new versions more promptly.
- Prototype a bunch more functions.
- Some Solaris 2.1 changes (still doesn't link though).
- Try to simplify Makefiles by including more subordinate #defines
- in conf.h (based on OS type).
- CONFIG: check for domains if FEATURE(mailertable) is defined.
- For example, if the host name is "knecht.cs.berkeley.edu"
- it will search the following mailertable keys:
- knecht.cs.berkeley.edu
- .cs.berkeley.edu
- .berkeley.edu
- .edu
- This could be used to replace the special relays for bitnet
- and similar nets.
-
-6.61/6.30 93/05/24
- Fix problem that prevented appending dots on canonified host
- names. This breaks tons of config files -- very
- important fix.
- Fix improper pointer dereference in response to HELO command.
- Fix core dump if debugging set in map_rewrite.
- CONFIG: add FEATURE(always_add_domain) to always attach the
- local domain (only impacts local mail).
- CONFIG: try to avoid turning names into $j -- although
- technically a host can only have one "canonical name",
- it seems to be common practice to have several.
-
-6.60/6.29 93/05/22
- Major change: merge alias databases with maps. This expands and
- changes the map class interface but fixes a bunch of bugs.
- The important user-visible change is that the file name
- in a K line now does not include the ".db" extension; this
- is added automatically. Also, the -d (NIS domain) flag is
- missing from the K config line; use @domain instead.
- When compiling, the *_MAP names are gone -- just compile
- in NDBM, NEWDB, and/or NIS support.
- Announce mailer/host/user triple on -bv flag -- from Brian
- Bullen of Stirling University.
- Don't send more than one line in response to HELO -- it confuses
- Pony Express, which then behaves very badly. However,
- this change does send two line 220 greetings, with the
- second line reading "ESMTP spoken here". The usersmtp
- module recognizes this and goes into ESMTP mode regardless
- of the setting of the "a" mailer flag. Thus, "a" means
- "always try EHLO".
- AIX portability changes (thanks to Christophe Wolfhugel of
- Herve Schauer Consultants (Paris) for providing me with
- an INSA account for this purpose). Lightly tested. Use
- -D_AIX3. This probably breaks compatibility with some
- older systems (e.g., 4.2bsd) but still works on SunOS
- 4.1.2, Ultrix 4.2A, HP-UX 8.07, OSF/1 T1.3, and AIX 3.2.3.
- Fix a problem causing an error message loop if the output channel
- is hosed.
- Add the Makefiles that I use for various environments -- some are
- Berkeley make versions and some are old make versions.
- My makefile for the NeXT box has gotten lost, alas!
- PRALIASES: support for printing NEWDB databases. From
- Michael J. Corrigan of U.C. San Diego.
- CONFIG: don't pass pseudo-domains to $[ ... $] (if you have
- a wildcard MX it can have weird results). From
- Christophe Wolfhugel.
- CONFIG: dot terminate relay hostnames in S0. From Christophe
- Wolfhugel.
-
-6.59/6.28 93/05/13
- Log version with SMTP daemon startup message.
- Adjust setproctitle to work on NetBSD and BSD/386.
- Fix null pointer reference in MX fallback code.
- A bunch of minor fixes from Eric Wassenaar:
- If deliver cannot execv the mailer, return EX_OSERR
- instead of EX_TEMPFAIL (to give better
- error messages).
- Consistently malloc e_message.
- Catch degenerate case of calling returntosender()
- with an empty returnq.
- MIME reformatting.
-
-6.58/6.28 93/05/13
- Fix bug that can cause incorrect verbose display of user smtp
- messages.
- Disable SMTP VERB command if PRIV_NOEXPN is set (since this
- could reveal the same information.
- Allow failure when reading SMTP greeting message to go on to
- next MX host.
- Add "MIME-Version: 1.0" header if using MIME (this was NOT
- included in RFC 1344, but Bill King of Allan-Bradley
- Company forwarded me email from Nathaniel Borenstein
- claiming that it was an inadvertent omission).
- Don't use Content-Type: X-message-header. According to John
- Myers of CMU, many MIME readers will completely ignore
- the data if they don't recognize it. Instead, just
- add a blank line to make it a legal (empty) message.
- Fix problem causing dots to keep getting appended to cached
- hostnames. This can cause buffer overrun conditions.
- The problem was found by Erik Forsberg of Retix,
- although I used a different bug fix than he provided.
- Fix parsing of split header/envelope rewriting specs -- from
- Eric Forsberg.
- Fix from Eric Wassenaar to correct To: lists in error messages.
-
-6.57/6.28 93/05/11
- Fix minor glitch causing extra ctladdrs to be output to queue
- file. Just an annoyance.
- Cache results of name server canonification lookups to avoid
- backed up queue runs.
- Major rewrite of alias.c: considerable cleanup, plus sample
- (untested) support for NIS aliases. The "A" option
- can now be a comma separated list (or be repeated) --
- that is, you can have multiple alias databases. Each
- database can have the syntax ``class:file''; if no class
- is specified, the "implicit" class is assumed. Implicit
- searches through a list of compiled in types -- hash,
- dbm, nis, and stab. Alias files are searched in the
- order they are listed. For example:
- OAhash:/etc/aliases.local,/etc/aliases
- OAnis:mail.aliases@my.nis.domain
- first searches the hash database /etc/aliases.local,
- then the regular /etc/aliases database, then the NIS
- map "mail.aliases" in the NIS domain "my.nis.domain".
- If in Verbose mode (probably from VERB command) run SMTP job
- in foreground and don't do RCPT optimizations.
- Add udb :mailsender as equivalent to owner- for regular aliases.
- Delete option 8; add option 7 that means the opposite. That is,
- default to 8-bit mode; a special option is needed to
- force sendmail into 7 bit mode.
- Send error messages in encapsulated MIME format.
- New compile flag "NIS" that turns on NIS alias and NIS map
- support.
- Add "j" option to send error messages in MIME (RFC 1341)
- encapsulated message format per RFC 1344. The
- syntax is pretty ugly if you don't have MIME-aware
- user agents.
- Clean up message handling (for display in mailq output).
- New setproctitle implementation for 4.4bsd.
- Create files (such as ~/dead.letter) using mode FileMode (the
- F option value) instead of 0666.
- Fix bug causing output of EXPN command to not be fully qualified.
- This may cause some problems with UUCP addresses that
- will require some config file assistance -- specifically,
- the $: part has to include the host name for this output
- to make sense.
- Fix a problem that sometimes diagnosed errors and still sent the
- message if the header syntax was bad.
- Fix a bug that caused an error message to be emailed when sendmail
- was operating in -bv mode.
- Add "ListenQueueSize" keyword to daemon options option (OO) to
- set the queue size parameter passed to listen(). You
- will normally have to tweak your kernel to up this.
- Strip spaces off of beginning of message-id before logging (in
- case it was folded across lines).
- Tweak compile flags in daemon.c -- there were some cases where
- it wouldn't work without NETINET.
- Change *file* mailer to output all the usual default headers
- (From, Date, Message-Id). It gets used when sending
- back error messages.
- CONFIG: explicitly catch and diagnose list:; syntax in ruleset
- zero -- this is not a valid recipient syntax according
- to RFC 821.
- CONFIG: add confMIME_FORMAT_ERRORS to send error messages in
- MIME format. Defaults to on.
- CONFIG: add SMTP_MAILER_FLAGS and UUCP_MAILER_FLAGS to augment
- the flags for those mailers.
-
-6.56/6.27 93/05/01
- Fix problem that causes the fallback mail to postmaster
- (case ESM_POSTMASTER in savemail()) to not look at
- aliases (ugh).
- Some more HPUX tweaking (compile flag hpux => __hpux so it
- still works in ANSI mode).
- Don't try to flock non-regular files when mailing to a file.
- In particular, this was a problem if you tried to
- send to /dev/null.
- Fix a weird bug that can cause senders to be queued as
- recipients if the name server is down when the mail
- is initially sent. This hack just ignores sender
- deletion (essentially, it sets the MeToo flag) if there
- is a TEMPFAIL during processing of the sender address.
- Obscure.
- Fix a dangling else problem -- from Brian Bullen from University
- of Stirling, UK.
- Add the "b" mailer flag to force a blank line on the end of
- messages. Some brilliant versions of /bin/mail insist
- on this but do not add it themselves.
- Add the "g" mailer flag to prevent user SMTP from sending
- "MAIL From:<>". This is only intended to be a
- transitional gesture, and should not be used if at
- all possible. It appears that Berkeley and IDA
- config files have always handled this properly; the
- UK config kit apparently does not.
- Don't lowercase and then capitalize header field names -- leave
- them with original capitalization. Fixes from Bill
- King of Allen-Bradley Company.
- Further cleanup and improved reporting of error messages,
- particularly conditions that cause messages to be
- requeued for future delivery.
- Tweak syslog priorities in some cases.
- CONFIG: clean up route-addr on UUCP addresses.
-
-6.55/6.25 93/04/27
- HPUX 8.07 compatibility changes in getla() -- I had to make
- these changes to get it to work at Berkeley, although
- others seem to have been working before (???).
- Various patches to XLA code.
- Fix problem that causes setuid bit on files to be ignored from
- SMTP or in queue runs. Problem noted by Jason Ornstein
- of Under The Wire, Inc.
- Fix problem that can cause CNAMEs to be ignored.
- Generalize getmxrr to match local host in $=w instead of a
- single name passed in.
- Some cleanup from Eric Wassenaar:
- Use FileMailer instead of ProgMailer in two places.
- Eliminate duplicate 8th-bit stripping in commaize.
- Fix a problem with mis-parsing of backslash escapes
- under some circumstances.
- NIS map fix (was always including trailing null character)
- from Mike Glendinning of Ingres UK.
- Add "a" mailer flag to try using ESMTP. It tries the EHLO
- command and if that fails falls back to regular SMTP.
- Also parses EHLO option keywords. If host supports
- SIZE extension, this is added to the MAIL FROM:
- command.
- Extend "b" option to include a second value which is the
- maximum message size this server is willing to accept.
- For example, a value of "10/1000000" says that there
- must be ten blocks free, and sendmail will reject
- any message larger than one megabyte.
- Some portability hooks for NeXT (this could be applicable
- to Mach in general). You have to create an empty
- file called "unistd.h" to get it to compile.
- Adjust config values (MAXLINE, MAXATOM, and PSBUFSIZE) to
- be more generous.
- Add X400-Received: to the list of headers tagged with H_TRACE
- in conf.c. From Bill King, Allen-Bradley Co.
-
-6.54/6.25 93/04/19
- Fix problem that caused redefinition of SMTP and QUEUE compile
- flags. Pointed out by Jon Forrest of the Sequoia 2000
- project at Berkeley.
- Properly handle \! hack -- it was treating host\!user as one
- token (host!user) instead of three (host, !, user).
- Fix from Eric Wassenaar of NIKHEF-H.
- Fix compilation problem in getauthinfo() if IDENTPROTO is off.
- Turn off DEFNAMES and DNSRCH when getting the hostsignature
- (i.e., MX records) in level 1 configuration files; this
- matches the old behavior. From Motonori Nakamura of
- Kyoto University.
- Improve error message printing -- if sent through an alias,
- error messages include the name of the alias in the
- message. Unfortunately, in order to make this work
- properly in queue runs, this changes the format of the
- C line in the qf file. The relatively uselessness of
- the previous information was pointed out to me by
- Allan E Johannesen of WPI.
- Add XLA compile flag to add hooks to Christophe Wolfhugel's
- extended load average code. This is still in very early
- form. For information regarding the guts of the xla
- code, contact Christophe.Wolfhugel@grasp.insa-lyon.fr.
- Additional hooks for detecting tempfails in rewriting rules
- (that is, in map lookups).
-
-6.53/6.25 93/04/15
- Properly diagnose ruleset zero returning null (instead of a mailer
- triple). From Motonori Nakamura of Kyoto University.
- More generalization of socket code for other protocols.
- Shorten timeouts on reverse name lookups -- since they are done
- during connection establishment, long timeouts here can
- cause higher level timeouts. This mainly serves to accept
- mail from hosts that do not have proper reverse (PTR) DNS
- records set up.
- Reset e_statmsg before each mailer invocation to avoid bogus
- messages in the log.
- Redefine $r, $s, and $_ in error envelopes so you don't get
- incorrect cruft in the error message. Problem noted by
- Motonori Nakamura of Kyoto University.
- Fix a problem that can cause failure to return errors to Postmaster
- in certain cases. From Motonori Nakamura.
- Fix a problem that can cause some systems to give duplicate error
- messages when a bad syntax address such as "<a" is presented
- to an SMTP server. It doesn't seem to occur on all
- machines. From Motonori Nakamura.
- Default IDENTPROTO off for Ultrix and HPUX, which apparently have
- the interesting "feature" that when they receive a "Host
- unreachable" message they closes all open connections to
- that host. However, some firewall gateways send this message
- if you try to connect to an unauthorized port, such as the
- IDENT port (113). Thus, no email can be received from such
- hosts. There is some evidence that versions of Ultrix before
- 4.3 do not have this problem. Thanks to Tom Ivar Helbekkmo
- for pointing out this behavior to me and to Michael Corrigan
- of U.C. San Diego for informing me about the HPUX problem.
- Allow IPC mailers to return a colon-separated list of hosts in the
- $@ clause; these are searched in order as though they were
- MX records.
- When sending an error report, print the list of addresses tagged
- as bad. Requested by Allan E Johannesen of WPI.
- Change map function calls to return a status code. This gets
- passed back as the result of rewrite. Parseaddr marks
- the address as a QUEUEUP address if the return code is
- EX_TEMPFAIL. All this to queue properly if the name
- server is down. This code is not well tested. This code
- changes the interface to map lookup functions (a fifth
- parameter, int *statp, is added). Feature requested by
- Dan Oscarsson.
- Don't delete quotes (in the dequote map) if there are spaces in
- the string, since this would cause them to be replaced by
- the SpaceSub character.
- Accept BODY=8BITMIME on SMTP MAIL command. This isn't advertised
- because the 8BIT to 7BIT translation doesn't exist yet.
- This does add a "bodytype" field to both envelope and
- queue file and a -B command line flag to pass the type in
- during direct invocations.
- Discard return error messages only on responses to responses to
- responses, not on responses to responses. That is, the
- algorithm is to try return to sender, then return to
- postmaster, then discard. Previously it discarded
- immediately if the return to sender pass failed.
- CONFIG: back out change to hide unqualified hostnames behind %-hack.
- This screws up local aliases and .forward files.
- CONFIG: add FEATURE(nocanonify) to turn off calls to $[ ... $];
- some sites only handle completely canonified names.
- Requested by John Gardiner Myers of CMU.
- CONFIG: some UUCP code was still included even if FEATURE(nouucp)
- was specified.
-
-6.52/6.24 93/04/10
- Clean up some minor glitches on error return messages pointed out
- by Motonori Nakamura of Kyoto University.
- Fix reply() to not reset SmtpReplyBuffer on fatal errors; this
- was supposed to reset SmtpMsg Buffer. This makes the
- client side code virtually useless. Reported by Allan
- E Johannesen of WPI and Phil Brandenberger of Swarthmore.
- Better debug messages if fuzzy is disabled, suggested by Allan
- E Johannesen of WPI.
- Offset SmtpReplyBuffer by four in usersmtp when checking for
- loopback. From Eric Wassenaar.
- Don't set $s until after runinchild in srvrsmtp -- otherwise
- it gets cleared. From Eric Wassenaar.
- Implement IDA-style $&x for deferred macro expansion.
- More POSIX compatibility.
- CONFIG: Hide unqualified hostnames behind %-hack using $s as the
- actual sender. This is only done if $r is non-null, that
- is, if this is not locally submitted mail.
- CONFIG: Add FEATURE(bitdomain) allowing mapping of BITNET host
- names to internet domains. A program contributed by
- John Gardiner Myers of CMU to create the maps is included
- in the contrib directory (in the "misc" tar file).
- CONFIG: Add FEATURE(uucpdomain) for a similar mapping for UUCP
- hosts. There is currently no tool to create this map.
-
-6.51/6.23 93/04/04
- Add D= mailer flag to specify a path of possible working directories
- in which to execute the mailer. This is intended for the
- prog mailer; some shells can get upset if they don't have
- access to the current directory.
- Add RFC 1413 (IDENT) protocol support. This is only very loosely
- tested. This adds a $_ macro to be the authenticated
- info (in ``user@domain [address]'' form) and debug flag
- 9 to trace the protocol.
- Check for loopbacks in usersmtp instead of srvrsmtp -- there is no
- reason for a local agent to not be talking to the localhost
- (although the inverse is not true).
- Add a few hooks for automated map rebuilding. This is certainly
- not done yet.
- CONFIG: Have prog mailer specify a path of ``D=$z:/'' -- that is,
- user's home directory then the root.
- CONFIG: Log RFC 1413 identification in Received: line.
-
-6.50/6.22 93/04/01
- Fixes to requeueing code to make it compute priority, nrcpts,
- and the like properly.
-
-6.49/6.22 93/04/01
- Diagnose incorrect privacy flags. Suggested by Bryan Costales
- of ICSI.
- Some ANSI C fixes.
- Arrange to quote backslashes as well as other special characters
- in the phrase part of a route-addr.
- Some fixes to FallBackMX code suggested by Motonori Nakamura of
- Kyoto University.
- More vigorous zeroing of CurHostAddr to avoid logging of bogus
- host addresses when you are actually just printing
- information from the MCI structure; problem noted by
- Michael Corrigan of U.C. San Diego.
- Don't ignore rest of queue if any job is not runnable. This can
- also cause an incorrect job to be lost. Fix from
- Eric Wassenaar.
- Always respond "quickly" to RCPT command; do alias expansion and
- the like later. This also means that mail for lists that
- have errors will be accepted, and an error sent back
- later. This is done by instantiating the queue file
- and then immediately running and requeueing it.
-
-6.48/6.22 93/03/30
- Fix incorrect diagnosis of infinite loop in ruleset. Problem noted
- by several people.
- Improve information printed when infinite loops are discovered.
- Zero CurHostAddr to fix erroneous internet addresses in log when no
- addresses can be bound. Pointed out by Motonori Nakamura
- of Kyoto University.
- "Probe" SMTP connections using RSET instead of NOOP "just in case".
- Suggested by John Gardiner Myers of CMU.
- Don't warn about -f if you are setting sender to yourself.
-
-6.47/6.22 93/03/29
- Fix incompatible call to endmailer in smtpquit which causes core
- dumps. Noted by Allan E Johannesen of WPI.
- HPUX portability changes from Michael J. Corrigan of UC San Diego.
- Require MAIL before RCPT command in srvrsmtp.c. This had been
- intentional from the 821 draft days when the order wasn't
- clear, but is silly now.
- Fix bug in nis_magic routine that was initializing parameters
- incorrectly. Fix from Takahiro Kanbe of Fuji Xerox
- Information Systems Co., Ltd.
- Change default for PrivacyFlags in conf.c to 0 -- since it always
- "or"s in new values, there was no way to turn off the
- AuthWarning stuff.
- Add O option to set SMTP daemon options.
- Add V option to set fallback MX host. This always sorts at lower
- priority than anything it gets from the name server. It
- should only be used for environments with very bad network
- connectivity. Requested by several people.
- Log sending info. It's not clear this is a good idea.
- CONFIG: fix typo in mailertable code. Noted by Phil Brandenberger
- of Swarthmore.
- CONFIG: add confDAEMON_OPTIONS and confFALLBACK_MX to set options
- O and V, respectively.
-
-6.46/6.21 93/03/26
- Fix botch in server SMTP that broke transactions that did not
- use HELO first (like MH). Fix from Michael Corrigan
- of U.C. San Diego.
- Fall back to other MX records if there is an error anywhere
- in delivery (actually on MAIL or DATA -- RCPT is harder).
- Suggested by John Gardiner Myers and Motonori Nakamura.
- Revert to non-prototypes -- it turns out that our ANSI C
- compiler is more forgiving than most others about
- mixing prototyped extern declarations with non-prototyped
- function definitions.
- Fix a problem with multi-word class matching pointed out by
- Neil Rickert. Given:
- CX b a.b.c
- R$+ $=X $+ $: $1 < $2 > $3
- the input "user@a.b.c" failed instead of being properly
- rewritten as "user@a.<b>.c".
- Neil also convinced me that it was correct that $~ should match
- only one token -- the problem is that it's always possible
- to add another token, so $~ matches far too eagerly.
-
-6.45/6.21 93/03/25
- Implement multi-word classes (properly!).
-
-6.44/6.21 93/03/25
- Add X-Authentication-Warning: headers to clue users into possible
- attempts to forge mail. This is on the authwarnings
- privacy flag, but is the default. Suggested by Bryan
- Costales of ICSI.
- Pass default units for convtime in so they can be more reasonable.
- Allow config files to always add a new Comments: header (i.e.,
- they will be added even if an old one already exists).
- Suggested by Bryan Costales of ICSI.
- Allow config files to delete an existing Return-Path: header.
- These should only be added at final delivery. Suggested
- by Bryan Costales of ICSI.
- Some debugging additions. Suggested by Bryan Costales of ICSI.
- Clean up logging of Family 0 addresses. Noted by David Muir
- Sharnoff and others.
- Add a "dequote" map class. This allows config files to strip
- quotes off of addresses. Note that this is not a builtin
- map, just a class -- so you have to define the map
- using the K line.
- Fix a bug in the queueup() loop getting a locked tf where in
- very odd cases it can fall off the bottom and core dump.
- Of course, it was P{r Emanuelsson who found it....
- Open a new transcript when splitting an envelope. Problem found
- by Allan E Johannesen of WPI.
- Improved error output in endmailer if the mailer core dumps.
- CONFIG: Fix typo in UUCP mailer definition.
- CONFIG: Default several of the new options on: eight bit input,
- privacy flags set to "authwarnings", and message warning
- set to 4h.
- CONFIG: Use dequote map.
-
-6.43/6.20 93/03/23
- Fix problem with assumption of an sa_len field in a generic
- sockaddr -- it turns out that most vendors haven't
- picked up this (very important) fix.
- Change compilation flags for daemon code -- select one or both
- of NETINET or NETISO, but don't ever set DAEMON manually.
- CONFIG: add FEATURE(mailertable) to do IDA-style mailertables.
-
-6.42/6.19 93/03/19
- Use Postmaster as default fallback return address, not root.
- POSIX changes for file descriptor handling.
- Diagnose errors writing new queue file.
- If you change the owner using an owner- alias, also change the
- error mode to EM_MAIL so that errors don't get dropped
- into an inappropriate directory. Problem noted by
- Allan E Johannesen of WPI.
- If you are su'ed to root, send email as who you really are, not
- as root. From Brian Kantor of U.C. San Diego.
- Allow warning messages to be sent after a configurable interval
- has passed without delivery. The message is sent only
- once per envelope. This changes the format of the qf
- file to have an F line, and the format of the T option
- to accept take the format "return/warn" (both intervals).
- Don't force all local names to lower case -- this was left over
- from the weird handling of case mapping on aliases. It
- is now driven (as expected) by the "u" mailer flag.
- Problem noted by P{r Emanuelsson.
- Fix problem that caused headers on returned email to be trashed;
- they were getting freed, but are still accessible via
- BlankEnvelope.
- Fix problem that caused bogus ids to be created on returned
- mail.
- Add support for ISO and other non-INET networking. This is by
- no means finished yet. This does assume a lot of other
- system support, like a version of gethostbyname that
- returns non-AF_INET addresses.
- CONFIG: change default on prog mailer to keep upper case in
- user names (i.e., in the program command line).
- CONFIG: strip trailing dots off of hosts in uucp mailer before
- convert to bang format.
- CONFIG: create new "relay" mailer for $R (LOCAL_RELAY) and $H
- (MAIL_HUB) delivery that doesn't add local domain. Note
- that this violates 821, but is probably "more correct"
- for what we are trying to do. Problem pointed out by
- Michael Graff of Iowa State.
-
-6.41/6.18 93/03/18
- Clean up unnecessary creates of queue ids (i.e., empty qf files)
- when not needed, such as when starting up an SMTP
- connection.
- Fix problem where split envelopes aren't instantiated in the queue.
- This is quite a serious bug.
- Owner- aliases had problems with leading spaces causing a
- premature delimitation.
-
-6.40/6.18 93/03/18
- Have ending 250 (after DATA) include the id; suggested by
- Brian Kantor of UC San Diego.
- Add logging on envelope splitting.
- Change queue ids to have one more letter encoding the hour of
- the day so that during a single day there is a greater
- likelihood of uniqueness; requested by Brian Kantor.
-
-6.39/6.18 93/03/18
- Fix minor compile problem if LOCKF is defined.
- Define size of tobuf in conf.h. Observed by Toshinari Takahashi
- of Toshiba.
- Restore e_sender -- this is equivalent to e_from.q_paddr without
- decorations such as angle brackets and comments.
- OSF/1 on Alpha changes from Allan E Johannesen of WPI.
- CONFIG: fix typo in S3 for list syntax (;: => :;). Thanks to
- Christopher Hoover for noting the problem.
-
-6.38/6.17 93/03/17
- Pass envelope to disconnect to avoid another use of CurEnv, which
- can apparently end up being null at inopportune times.
- Log "received from" as "relay=" for consistency (suggested by
- John Gardiner Myers).
- Fix major bug in header handling: if no From: line existed in
- the header (so sendmail inserts one), and the sender is
- an alias that has an owner, the From: line shows the
- owner (as well as the envelope). Fixed by early binding
- the headers (which will change debugging output).
- HPUX portability patches from Michael J. Corrigan of UC San Diego.
- Some attempts to adapt better to out of open file conditions.
- Some changes to ctladdr handling in queue files.
-
-6.37/6.17 93/03/16
- MAJOR CHANGE: delete e_sender and e_returnpath (why are these
- different from e_from?) and $< macro.
- Log correct IP address in relay= field even if the connection
- times out.
- Log "received from [RESPONSE]" on EF_RESPONSE messages (from
- John Gardiner Myers).
- Fixes to SysExMsg logging (sometimes just got "message: %s"
- instead of "message: error message"), noted by Eric
- Wassenaar. Also reported by Motonori Nakamura.
- Improvements to MX piggybacking code, from Motonori Nakamura.
- Fix case where CurHostName points to an auto variable that has
- been deallocated (from Motonori Nakamura).
- Fix bug causing newlines to be included in aliases if option
- "n" (check alias RHS) is set; bug noted by David Muir
- Sharnoff.
- Fix problem causing user names that should be mapped to lower
- case to not be mapped if they are sent during a queue
- run. This greatly simplifies the case mapping code.
- Problem noted by Allan E Johannesen of WPI.
- Don't do recipient address rewriting in buildaddr. This
- improperly did recipient rewriting on sender addresses,
- and just seems bogus in general -- but the change could
- break some .cf files.
- Pass TZ envariable to child processes for System V.
- CONFIG: allow LOCAL_RULE_1 and LOCAL_RULE_2 if you want to
- define those rulesets.
- KNOWN PROBLEM: I have seen some problems on SunOS that causes
- the User Data Base to give errors on some addresses. I
- have tracked the problem back at least as far as 93.02.15
- (version 6.22). Running with debugging on makes it
- go away, so I conclude that it is referencing uninitialized
- stack data. I haven't been able to track this down yet.
-
-6.36/6.16 93/03/08
- Allow local mailer to specify $@host -- this lets you assign the
- "foo" part of jgm+foo to $h for passing in to the local
- mailer.
- Additional debug printing in getcanonname (show query type).
- Don't add the e_fromdomain on sender addresses -- this interacts
- weirdly with the owner- code.
- Improve delivery logging to not log obvious or meaningless stuff.
- Include numeric IP address in Received: lines per RFC 1123 section
- 5.2.8.
- Fixed a bug in checking stat() return value if restrictmailq is
- set. Also, check the entire group set instead of just the
- primary group. Both from John Gardiner Myers.
- Don't have usrerr automatically print errno, since this is often
- misleading.
- Use transienterror() in makeconnection after connect() fails and
- in openmailer after execve() fails (from Eric Wassenaar).
- Also moved transienterror() from util.c to conf.c.
- Clean up from= logging on response messages.
- Undo patch allowing prescan to return a null vector -- it breaks
- too many things.
- Config: FEATURE(notsticky) lets you use UDB for everything coming
- in to the machine, even if it is specifically targetted
- to this machine. Without it, UDB is bypassed if the user
- name is fully qualified.
- Config: fix another minor botch with <> (local mailer wasn't
- mapping them properly).
-
-6.35/6.15 93/03/05
- Fix getrealhostname to return null if sinlen <= 0 -- this can
- occur if stdin is a pipe.
- Avoid infinite loop in getcanonname if name server return
- NO_DATA (for example).
- Config: avoid having C flag qualify list syntax and error syntax.
-
-6.34/6.14 93/03/05
- Fix logging in deliver to not pass too many parameters to Ultrix
- versions of syslog.
- Don't write the pid file until after the daemon has actually
- opened and conditioned the connection.
- Consider addresses "different" if their q_uids differ (so that
- two users forwarding to the same program will be seen
- as different, rather than the same).
- Fix problem with bad parameters in main() -- they set ExitStat
- but don't exit.
- Fix null pointer references through RealHostName -- painfully
- discovered by Allan E Johannesen of WPI.
- Fix bug causing user@@localhost to core dump (yuch).
- Config: don't put two @host.dom.ain on users in $=E in SMTP
- mailer. Also, catch user@ (no host) in ruleset 0.
-
-6.33/6.13 93/03/03
- Config: add confCW_FILE as the name of the cw configuration file
- (defaults to /etc/sendmail.cw). From P{r Emanuelsson.
- Allow prescan to return a pointer to an empty list -- this is
- not an error. Also, clean up error reporting to avoid
- double errors (prescan reports once, then the caller
- reports again).
- Changes to avoid trusting T_ANY queries -- run them, but if you
- don't get the info you expected, do T_A and T_MX queries
- anyhow. This also fixes an oversight where _res.options
- bits were being ignored.
- If PRIV_NOVRFY is set, use 252 response code instead of 502 per
- RFC 1123 section 5.2.3. It's not 100% clear that this
- is correct, but it probably works better with stupid
- mailers that do a VRFY and only check the first digit.
-
-6.32/6.12 93/03/02
- Fix uninitialized variable "protocol" in smtp code.
- Include <unistd.h> in sendmail.h -- move towards POSIX/ANSI.
- Additional hooks for RFC 1427 (ESMTP SIZE extension). This
- includes requiring that enoughspace() know the system
- block size, which will undoubtedly break most ports.
- Trace flag 19 in use for srvrsmtp.c.
- Additional logging -- notably the sending mailer name. This
- also changes the delivery logging to strict field=value
- syntax.
- Fix some problems with messages getting sent even to addresses
- that had been marked bad -- from Eric Wassenaar.
- More WIDE changes: accept host name inside [...] as non-MXed
- host. This is intended ONLY for use inside firewalled
- environments, where the MX points at the gateway.
- Change .cf file conventions so that mapping for <> addresses
- don't have an @ in them (to avoid confusing the C mailer
- flag). Pointed out by Neil Rickert.
- Config extensions for Sam Leffler's FlexFAX software.
-
-6.31/6.10 93/02/28
- Fix some more bugs in alias owner code -- there were some weird
- cases where an error in a non-aliased name would override
- the return info in an aliased name with an owner.
- Changes from WIDE Project, forwarded to me by Motonori Nakamura:
- Log actual delivery host (after MX et al); from
- yasuhiro@dcl.co.jp.
- Log daemon startup.
- Deliver Postmaster copies without a body.
- Better logging of SMTP senders.
- Send all program email as daemon even when local.
- As requested in various forms from many people, accept -qIstring
- to limit queue runs to jobs with queue-id matching string.
- Similarly for -qRstring for recipients, -qSstring for
- senders.
- Initial hooks for ESMTP support (see RFC 1425).
- Fixed a syntax error in the UUCP mailer specification that caused
- core dumps on startup.
- Check for missing A= or P= arguments in mailer definitions.
-
-6.30/6.10 93/02/27
- Require FROZENCONFIG compilation flag to include frozen
- configuration code. Frozen configuration is really
- not a very good idea any more, particularly in shared
- library environments.
- Do better checking of errno after opens of :include: and .forward
- files to defer delivery on network and other transient
- errors. Suggestion from Craig Everhart.
- Fix minor botch in read timeout macro processing.
- Add FEATURE(nouucp) to config files for sites that know absolutely
- nothing about UUCP.
- Add built cf files to distribution tape and clarify how to build
- them if you don't have the Berkeley make.
- Some sizeof(long) portability changes for the Alpha, from Allan
- E Johannesen.
- Add "restrictmailq" privacy flag -- if set, only people in the same
- group as your queue directory can print the queue. If you
- set this, be sure you also restrict access to log files....
- Fix another bug in owner-list stuff that can cause data files to
- be "lost".
- Fix a bug with queue runs that cause forwards to yourself to go
- into alias/forwarding loops. I'm still iffy about this
- fix.
- Fix from Eric Wassenaar for suppression of return message code.
-
-6.29/6.9 93/02/24
- Fix yet another problem in alias owner code -- put the wrong return
- address on the enclosed return-to-sender letter.
-
-6.28/6.9 93/02/24
- Fix botch in alias owner code that caused it to not operate if the
- error was detected locally.
-
-6.27/6.9 93/02/24
- M_LOCAL => M_LOCALMAILER to avoid conflict with Ultrix include
- file <sys/mount.h>.
- Miscellaneous bug fixes from Eric Wassenaar:
- sendmail -bv -t logs the from line even though in verify
- mode only.
- sendmail -v can go into queue mode if shouldqueue returns
- TRUE.
- Add route-addr pruning per RFC 1123 section 5.3.3. This can be
- disabled using the "R" option.
- Delete (always undocumented) -R flag (save original recipients);
- there are ways to syslog(3) these now.
- Clean up SMTP reply codes -- specify them as needed in the code,
- instead of in conf.c -- this was needed during the NCP to
- TCP transition, but seems silly now. This also changes
- parameters to message and nmessage.
- Have mailstats read the .cf file to find the sendmail.st file and
- get text versions of mailer names. An initial version of
- this code was provided by Tuominen Keijo (although the
- comments indicate the good bits were written by "E.V.").
- Add yet more System V compatibility hacks.
- Fix bug in VRFY code (assumes everything must be a local user).
- Allow specification of any of the hard-wired pathnames in the
- Makefile.
- Delete concept of "trusted users" -- this really didn't provide
- any security anyway, and caused some problems.
- Delete last vestige of support for the word "at" as an equivalent
- to the character "@".
- Propagate owner-foo alias information into the envelope sender.
- Based on code from John Gardiner Myers. This is a major
- semantic change -- beware!
- Allow $@ on LHS to indicate "match zero" -- this is used to match
- the null expression.
-
-6.26/6.8 93/02/21
- Don't "lose" queue runs. Very important fix from (who else?)
- Eric Wassenaar.
- Completely reset state on RSET command -- from Eric Wassenaar.
- Send error messages and return receipts using an envelope sender
- of <> regardless of the setting of $n. Rewriting rules
- can undo this if they feel the necessity, as might be
- needed for networks that don't understand the syntax.
- This is permitted by RFC 821 section 3.6 and required by
- RFC 1123 section 5.3.3. THIS REQUIRES VERSION 4 CONFIG
- FILES because the rulesets must be able to parse <>
- properly.
- Don't ever send error messages to "<>" -- they will get sent to
- the local postmaster or dumped in /usr/tmp/dead.letter
- instead. Per RFC 1123 section 5.3.3.
- Explicitly check for email to yourself as a dotted quad. You
- have to call $[ [ ... ] $] to get this.
- Up the message timeout to five days per RFC 1123 section 5.3.1.1.
- Make all read timeouts individually configurable, as strongly
- recommended by RFC 1123 section 5.3.2.
- Use f_bavail (blocks available to regular users) instead of f_bfree
- (blocks available to superuser) in free block checks.
- Change $d macro to be the current time, not the origination time,
- since this is consistent with how it is used now.
- Generalization of enoughspace from Eric Wassenaar covering
- SGI, Apollo, HPUX, Ultrix, and SunOS.
- Ignore process group signals -- some front ends can do this if
- you kill a window too quickly. From Eric Wassenaar.
- Change umask to 022.
-
-6.25/6.8 93/02/20
- Close all cached connections before calling mailers and after
- forking for delivery (caused double closes which resulted
- in false errors).
- Add FEATURE(redirect) in config files -- this allows you to alias
- old addresses to a pointer to the new address that will
- give a 551 error message, but not deliver the mail.
- Some code changes to make the 551 errors look pretty.
- Names of M4 program paths in config files have changed -- they
- are all XXX_MAILER_PATH now, to match XXX_MAILER_FLAGS.
- Fix a bug in the QSELFREF code having to do with empty .forward
- files, reported by Eric Wassenaar.
- Add option "p" (privacy flags); this allows you to tune how
- picky the SMTP server will be. This also adds the
- confPRIVACY_FLAGS M4 macro in the config files.
- Add option "b" (minimum blocks free). If there are fewer than
- this number of blocks free on the filesystem containing
- the queue directory, the SMTP MAIL command will return
- a 452 response and ask you to try again later. This
- also adds the confMIN_FREE_BLOCKS M4 macro in the config
- files.
- Made VRFY just verify (doesn't expand aliases and .forward files);
- EXPN does full expansion. RCPT in queue-only mode also
- doesn't chase aliases and .forward.
-
-6.24/6.7 93/02/19
- Increase the number of domain search entries in domain.c to allow
- for the extra "" entry indicating the root domain.
- Reported by Motonori Nakamura of Kyoto U.
- Add a "SMART_HOST" in the configs for UUCP-connected sites that
- want to forward all mail with extra "@"s to that site.
- Also allows SMART_HOST, LOCAL_RELAY, and MAIL_HUB to
- be specified as ``mailer:hostname'' to use an alternate
- mailer.
- Clarified and updated some wording in the Operations Guide.
- Add the "c" mailer flag -- this suppresses all comment parts of
- addresses (requested by John Curran of NEARnet).
- Have -v print prompts in -bt mode even if stdin is not a terminal
- (default behavior is to be silent if not reading from
- a terminal). Suggested by Bryan Costales, ICSI.
- Move the metacharacters from C0 space (\001-\037) into C1 space
- (\201-\237). This also fixes a bunch of potential bugs
- with G1 characters (\240-\276) in headers relating to
- negative numbers passed to isspace() et al.
- Add YP_LAST_MODIFIED and YP_MASTER_NAME to DBM version of alias
- database if YPCOMPAT is #defined. Enhancement from
- Takahiro Kanbe of Fuji Xerox Information Systems Co., Ltd.
- Add "list" Precedence (-30); this can be used with old sendmails
- which will map to precedence 0 (which will return error
- messages). Suggested by Stephen R. van den Berg.
- Many bug fixes from Eric Wassenaar of the National Institute for
- Nuclear and High-Energy Physics, Amsterdam:
- Clear timeouts properly on open failures in include().
- Don't dereference through NULL if no home directory found.
- Re-establish SIGCHLD signal on System 5 in reapchild().
- Avoid NULL pointer reference on -pFOO flag.
- Properly handle backslash escapes in comments.
- Correctly check reply status on SMTP NOOP command.
- Properly save SMTP error message if peer gives
- "Service Shutting Down" message.
- Avoid writing to the transcript if it couldn't be opened.
- Signal errors in SMTP children to parent properly.
- Handle self references in a list more globally (include a
- QSELFREF bit in the address flags). This enhancement
- was suggested by Eric Wassenaar.
- Use initgroups() in hpux, even though it's System-V based. The
- HASINITGROUPS compile flag can set this on other systems.
- This HPUX behavior was pointed out by Eric Wassenaar.
-
-6.23/6.6 93/02/16
- Clean up handling of LogLevel to make it easier to figure out
- what's on what level.
- Change log levels to have some consistency:
- 1 serious system failures, security problems
- 2 lost communications, protocol failures
- 3 other serious failures
- 4 minor errors
- 5 message collection
- 6 vrfy logging, creation of return-to-sender
- 7 delivery failures
- 8 delivery successes
- 9 delivery tempfails (queue ups)
- 10 database expansion
- >64 debugging
- Allow IDA-style separated processing on S= and R= in Mailer
- definition lines. Note that rulesets 1 and 2 are
- still used for both addresses as before. Bruce Lilly
- gave a convincing argument that RFC976 insists on
- this behavior.
- Added some time zones to arpatounix -- they may not be in the
- standards, but they are in use. However, I may delete
- arpatounix entirely -- there appears to be no reason
- for it to exist.
- Change to UUCP mailer (in cf directory) to try to do a saner job.
- I'm still not certain about this mailer in general.
-
-6.22/6.5 93/02/15
- Fix bug that prevents saving letters in ~/dead.letter.
- Don't add angle brackets in VRFY command if angle brackets already
- exist in the address.
- Fix bogus error message in udbexpand.
- Null terminate host buffers in buildaddr (broken in 6.21) --
- IMPORTANT FIX!!
-
-6.21/6.5 93/02/15
- Fix another incorrect error message in alias.c, found by Azuma
- Okamoto.
- Fix a couple of problems in the more-configurable config files,
- found by Tom Ivar Helbekkmo.
- Fix problem with quoted :include: entries.
- Don't duplicate the filename on verbose printing of .forward and
- :include: contents.
- Extend size of prescan buffer (to allow bigger addresses). Also,
- detect some buffer overflows.
- Log user SMTP protocol errors (log level 4).
-
-6.20/6.4 93/02/14
- Fix another problem in the MCI state machine caused when there
- were errors generated from the other end to commands
- other than RCPT.
-
-6.19/6.4 93/02/14
- Include load average support for DEC Alpha running OSF/1.
- Fix multiple-response problem with errors in MAIL From: line.
- Fix SMTP reply codes for invalid address syntaxes (give 501;
- never give multiple error messages for a single message).
- Fix problem where a cached connection timeout rejects all
- later connects to that host.
- Fix incorrect error message if alias.c is compiled with DBM only.
- Additional changes to fix nested conditionals (from Bruce Lilly).
- Recover more gracefully from operating system failures, particularly
- NULL returns from openmailer (from Noritoshi Demizu,
- OMRON Corporation).
- Log forward, alias, and userdb expand operations on log level 10;
- concept suggested by P{r (Pell) Emanuelsson.
- Changes for HPUX 8.07 compatibility.
-
-6.18/6.4 93/02/12
- Allow any config option to be set using an M4 define.
- Change UNAME compile flag to HASUNAME for IDA compatibility
- (besides, it's a better name).
- Note in README that on SunOS it must be linked -Bstatic.
- Fairly major change in domain.c to handle wildcard MX records
- more rationally. NOTE: the "w" option (no wildcard MX
- records match local domain) has been eliminated.
- Fix some unset variable references pointed out by Bruce Lilly.
- Fix host name in process titles when using cached connection.
-
-6.17/6.3 93/01/28
- Fix System 5 compatibility changes to be compatible with the rest
- of the world.
-
-6.16/6.3 93/01/28
- Experimental fix for problem handling errors in the SMTP
- protocol in conjunction with connection caching.
- System 5 compatibility changes.
-
-6.15/6.3 93/01/26
- Fix a bug that causes local mail delivered using -odq to be
- eliminated as a duplicate (because it matched the
- ctladdr, now passed in as a C line). These changes
- are pretty tricky......
-
-6.14/6.3 93/01/25
- Add debugging for some MCI errors.
-
-6.13/6.3 93/01/22
- Fix -e compatibility flag to take a value.
- Fix a couple of minor compilation warnings on Sun cc.
- Improve error messages in a few cases to be more self-explanatory.
-
-6.12/6.3 93/01/21
- Fix yet-another problem with environment handling, pointed out
- by Yoshitaka Tokugawa and Tom Ivar Helbekkmo.
- Some heuristics to try to limit resource exhaustion problems
- if a downstream host has been down for a long time.
- Fix problem with incorrect host name being logged in "Connection
- timed out" messages (from Tom Ivar Helbekkmo).
- Fix some ANSI C problems (from Takahiro Kanbe).
- Properly log message sender on returned mail during queue run.
- Count number of recipients properly.
- Fix a problem in yp map code.
- Diagnose "message timed out" (from Motonori Nakamura).
-
-6.11/6.3 93/01/20
- Fix problem with address delimitor inside quotes.
- Define $k and $=k to be the UUCP name (from the uname call)
- based on code from Bruce Lilly.
-
-6.10/6.2 93/01/18
- Implement arpatounix (largely code from Bruce Lilly).
- Log more info (suggested by John Myers).
- Allow nested $?...$|...$. (inspired by code from Bruce Lilly of
- Sony US).
- POSIX compatibility (noted by Keith Bostic).
- Handle SMTP MAIL command errors properly (urged by several people,
- notably John Myers of CMU).
- Do early diagnosis of .cf errors (notably referencing a RHS
- substitution that isn't on the LHS).
- Adjust checkpointing to better handle batched recipients, suggested
- by John Myers.
- Fix miscellaneous bugs.
- (config files:) Implement MAIL_HUB for all local mail (to handle
- NFS-mounted directories) as urged by Tom Ivar Helbekkmo
- of the Norwegian School of Economics.
-
-6.9/6.1 93/01/13
- Environment handling simplification/bug fix -- child processes
- get a minimal, fixed environment. This avoids different
- behavior in queue runs.
- Handle commas inside comments properly.
- Properly limit large messages submitted in -obq mode.
-
-6.8/6.1 93/01/10
- Check mtime of thaw file against .cf and sendmail binary, based on
- code from John Myers.
-
-6.7/6.1 93/01/10
- MX piggybacking, based on code from John Myers@CMU.
- Allow checkcompat to return -1 to mean tempfail.
- Bug fix in m_mno computation.
-
-6.6/6.1 93/01/09
- Tuning of queueing functions as recommended by John Gardiner Myers.
- Return mail headers (no body) on messages with negative precedence.
- Minor other bug fixes.
-
-6.5/6.1 93/01/03
- Fix botch causing queued headers to have ?XX? prefixes.
-
-6.4/6.1 93/01/02
- Changes to recognize special mailer types (e.g., file) early.
-
-6.3/6.1 93/01/01
- Pass timeouts to sfgets.
- Check for control characters in addresses.
- Fixed deferred error reporting.
- Report duplicate aliases.
- Handle mixed case recursive aliases.
- Misc bug fixes.
-
-6.2/6.1 92/12/30
- Put return-receipt-to on a conf.c flag (but don't set it).
- Fix minor syslog problem.
diff --git a/contrib/sendmail/cf/README b/contrib/sendmail/cf/README
index 392c36d0b8a3..dc3cebe4e5a6 100644
--- a/contrib/sendmail/cf/README
+++ b/contrib/sendmail/cf/README
@@ -1,63 +1,26 @@
+ SENDMAIL CONFIGURATION FILES
- NEW SENDMAIL CONFIGURATION FILES
-
- Eric Allman <eric@Sendmail.ORG>
-
- @(#)README 8.186 (Berkeley) 2/3/1999
-
-
-This document describes the sendmail configuration files being used
-at Berkeley. These use features in the new (R8) sendmail; they will
-not work on other versions.
-
-These configuration files are probably not as general as previous
-versions, and don't handle as many of the weird cases automagically.
-I was able to simplify them for two reasons. First, the network
-has become more consistent -- for example, at this point, everyone
-on the internet is supposed to be running a name server, so hacks to
-handle NIC-registered hosts can go away. Second, I assumed that a
-subdomain would be running SMTP internally -- UUCP is presumed to be
-a long-haul protocol. I realize that this is not universal, but it
-does describe the vast majority of sites with which I am familiar,
-including those outside the US.
-
-Of course, the downside of this is that if you do live in a weird
-world, things are going to get weirder for you. I'm sorry about that,
-but at the time we at Berkeley had a problem, and it seemed like the
-right thing to do.
-
-This package requires a post-V7 version of m4; if you are running the
-4.2bsd, SysV.2, or 7th Edition version, I suggest finding a friend with
-a newer version. You can m4-expand on their system, then run locally.
-SunOS's /usr/5bin/m4 or BSD-Net/2's m4 both work. GNU m4 version 1.1
-or later also works. Unfortunately, I'm told that the M4 on BSDI 1.0
+This document describes the sendmail configuration files. This package
+requires a post-V7 version of m4; if you are running the 4.2bsd, SysV.2, or
+7th Edition version. SunOS's /usr/5bin/m4 or BSD-Net/2's m4 both work.
+GNU m4 version 1.1 or later also works. Unfortunately, the M4 on BSDI 1.0
doesn't work -- you'll have to use a Net/2 or GNU version. GNU m4 is
-available from ftp://ftp.gnu.org/pub/gnu/m4-1.4.tar.gz (check for
-the latest version). EXCEPTIONS: DEC's m4 on Digital UNIX 4.x is broken
-(3.x is fine). Use GNU m4 on this platform.
-
-IF YOU DON'T HAVE A BERKELEY MAKE, don't despair! Just run
-"m4 ../m4/cf.m4 foo.mc > foo.cf" -- that should be all you need.
-There is also a fairly crude (but functional) Makefile.dist that works
-on the old version of make.
-
-To get started, you may want to look at tcpproto.mc (for TCP-only
-sites), uucpproto.mc (for UUCP-only sites), and clientproto.mc (for
-clusters of clients using a single mail host). Others are versions
-that we use at Berkeley, although not all are in current use. For
-example, ucbvax has gone away, but I've left ucbvax.mc in because
-it demonstrates some interesting techniques.
-
-I'm not pretending that this README describes everything that these
-configuration files can do; clever people can probably tweak them
-to great effect. But it should get you started.
+available from ftp://ftp.gnu.org/pub/gnu/m4-1.4.tar.gz (check for the
+latset version). EXCEPTIONS: DEC's m4 on Digital UNIX 4.x is broken (3.x
+is fine). Use GNU m4 on this platform.
+
+To get started, you may want to look at tcpproto.mc (for TCP-only sites),
+uucpproto.mc (for UUCP-only sites), and clientproto.mc (for clusters of
+clients using a single mail host). Others are versions previously used at
+Berkeley. For example, ucbvax has gone away, but ucbvax.mc demonstrates
+some interesting techniques.
*******************************************************************
*** BE SURE YOU CUSTOMIZE THESE FILES! They have some ***
*** Berkeley-specific assumptions built in, such as the name ***
-*** of our UUCP-relay. You'll want to create your own domain ***
-*** description, and use that in place of ***
+*** of their UUCP-relay. You'll want to create your own ***
+*** domain description, and use that in place of ***
*** domain/Berkeley.EDU.m4. ***
*******************************************************************
@@ -72,6 +35,11 @@ You must pre-load "cf.m4":
m4 ${CFDIR}/m4/cf.m4 config.mc > config.cf
+Alternatively, you can simply:
+
+ cd ${CFDIR}/cf
+ ./Build config.cf
+
where ${CFDIR} is the root of the cf directory and config.mc is the
name of your configuration file. If you are running a version of M4
that understands the __file__ builtin (versions of GNU m4 >= 0.75 do
@@ -86,7 +54,8 @@ Let's examine a typical .mc file:
divert(-1)
#
- # Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+ # Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers.
+ # All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -109,17 +78,17 @@ Let's examine a typical .mc file:
The divert(-1) will delete the crud in the resulting output file.
The copyright notice can be replaced by whatever your lawyers require;
-our lawyers require the one that I've included in my files. A copyleft
+our lawyers require the one that is included in these files. A copyleft
is a copyright by another name. The divert(0) restores regular output.
VERSIONID(`<SCCS or RCS version id>')
VERSIONID is a macro that stuffs the version information into the
-resulting file. We use SCCS; you could use RCS, something else, or
+resulting file. You could use SCCS, RCS, CVS, something else, or
omit it completely. This is not the same as the version id included
in SMTP greeting messages -- this is defined in m4/version.m4.
- OSTYPE(hpux9)dnl
+ OSTYPE(`hpux9')dnl
You must specify an OSTYPE to properly configure things such as the
pathname of the help and status files, the flags needed for the local
@@ -127,21 +96,21 @@ mailer, and other important things. If you omit it, you will get an
error when you try to build the configuration. Look at the ostype
directory for the list of known operating system types.
- DOMAIN(CS.Berkeley.EDU)dnl
+ DOMAIN(`CS.Berkeley.EDU')dnl
This example is specific to the Computer Science Division at Berkeley.
-You can use "DOMAIN(generic)" to get a sufficiently bland definition
+You can use "DOMAIN(`generic')" to get a sufficiently bland definition
that may well work for you, or you can create a customized domain
definition appropriate for your environment.
- MAILER(local)
- MAILER(smtp)
+ MAILER(`local')
+ MAILER(`smtp')
-These describe the mailers used at the default CS site site. The
+These describe the mailers used at the default CS site. The
local mailer is always included automatically. Beware: MAILER
declarations should always be at the end of the configuration file,
-and MAILER(smtp) should always precede MAILER(uucp). The general
-rules are that the order should be:
+and MAILER(`smtp') should always precede MAILER(`procmail'), and
+MAILER(`uucp'). The general rules are that the order should be:
VERSIONID
OSTYPE
@@ -149,7 +118,13 @@ rules are that the order should be:
FEATURE
local macro definitions
MAILER
- LOCAL_RULESET_*
+ LOCAL_RULE_*
+ LOCAL_RULESETS
+
+There are a few exceptions to this rule. Local macro definitions which
+influence a FEATURE() should be done before that feature. For example,
+a define(`PROCMAIL_MAILER_PATH', ...) should be done before
+FEATURE(`local_procmail').
+----------------------------+
@@ -174,9 +149,9 @@ one normally quotes both values to prevent expansion. For example,
One word of warning: M4 macros are expanded even in lines that appear
to be comments. For example, if you have
- # See FEATURE(foo) above
+ # See FEATURE(`foo') above
-it will not do what you expect, because the FEATURE(foo) will be
+it will not do what you expect, because the FEATURE(`foo') will be
expanded. This also applies to
# And then define the $X macro to be the return address
@@ -190,10 +165,61 @@ them with directed quotes, `like this'.
sendmail 8.9 has introduced a new configuration directory for sendmail
related files, /etc/mail. The new files available for sendmail 8.9 --
-the class 'R' /etc/mail/relay-domains and the access database
-/etc/mail/access -- take advantage of this new directory. 8.9 will
-serve as a transition release. Beginning with 8.10, all of the files
-will use this directory by default.
+the class {R} /etc/mail/relay-domains and the access database
+/etc/mail/access -- take advantage of this new directory. Beginning with
+8.10, all files will use this directory by default (some options may be
+set by OSTYPE() files). This new directory should help to restore
+uniformity to sendmail's file locations.
+
+Below is a table of some of the common changes:
+
+Old filename New filename
+------------ ------------
+/etc/bitdomain /etc/mail/bitdomain
+/etc/domaintable /etc/mail/domaintable
+/etc/genericstable /etc/mail/genericstable
+/etc/uudomain /etc/mail/uudomain
+/etc/virtusertable /etc/mail/virtusertable
+/etc/userdb /etc/mail/userdb
+
+/etc/aliases /etc/mail/aliases
+/etc/sendmail/aliases /etc/mail/aliases
+/etc/ucbmail/aliases /etc/mail/aliases
+/usr/adm/sendmail/aliases /etc/mail/aliases
+/usr/lib/aliases /etc/mail/aliases
+/usr/lib/mail/aliases /etc/mail/aliases
+/usr/ucblib/aliases /etc/mail/aliases
+
+/etc/sendmail.cw /etc/mail/local-host-names
+/etc/mail/sendmail.cw /etc/mail/local-host-names
+/etc/sendmail/sendmail.cw /etc/mail/local-host-names
+
+/etc/sendmail.ct /etc/mail/trusted-users
+
+/etc/sendmail.oE /etc/mail/error-header
+
+/etc/sendmail.hf /etc/mail/helpfile
+/etc/mail/sendmail.hf /etc/mail/helpfile
+/usr/ucblib/sendmail.hf /etc/mail/helpfile
+/etc/ucbmail/sendmail.hf /etc/mail/helpfile
+/usr/lib/sendmail.hf /etc/mail/helpfile
+/usr/share/lib/sendmail.hf /etc/mail/helpfile
+/usr/share/misc/sendmail.hf /etc/mail/helpfile
+/share/misc/sendmail.hf /etc/mail/helpfile
+
+/etc/service.switch /etc/mail/service.switch
+
+/etc/sendmail.st /etc/mail/statistics
+/etc/mail/sendmail.st /etc/mail/statistics
+/etc/mailer/sendmail.st /etc/mail/statistics
+/etc/sendmail/sendmail.st /etc/mail/statistics
+/usr/lib/sendmail.st /etc/mail/statistics
+/usr/ucblib/sendmail.st /etc/mail/statistics
+
+Note that all of these paths actually use a new m4 macro MAIL_SETTINGS_DIR
+to create the pathnames. The default value of this variable is
+`/etc/mail/'. If you set this macro to a different value, you MUST include
+a trailing slash.
+--------+
| OSTYPE |
@@ -215,31 +241,46 @@ empty). Unfortunately, the list of configuration-supported systems is
not as broad as the list of source-supported systems, since many of
the source contributors do not include corresponding ostype files.
-ALIAS_FILE [/etc/aliases] The location of the text version
+ALIAS_FILE [/etc/mail/aliases] The location of the text version
of the alias file(s). It can be a comma-separated
list of names (but be sure you quote values with
commas in them -- for example, use
define(`ALIAS_FILE', `a,b')
to get "a" and "b" both listed as alias files;
otherwise the define() primitive only sees "a").
-HELP_FILE [/usr/lib/sendmail.hf] The name of the file
+HELP_FILE [/etc/mail/helpfile] The name of the file
containing information printed in response to
the SMTP HELP command.
QUEUE_DIR [/var/spool/mqueue] The directory containing
- queue files.
-STATUS_FILE [/etc/sendmail.st] The file containing status
+ queue files. To use multiple queues, supply
+ a value ending with an asterisk. For
+ example, /var/spool/mqueue/q* will use all of the
+ directories or symbolic links to directories
+ beginning with 'q' in /var/spool/mqueue as queue
+ directories. The names 'qf', 'df', and 'xf' are
+ used as specific subdirectories for the corresponding
+ queue file types.
+STATUS_FILE [/etc/mail/statistics] The file containing status
information.
LOCAL_MAILER_PATH [/bin/mail] The program used to deliver local mail.
-LOCAL_MAILER_FLAGS [rmn9] The flags used by the local mailer. The
- flags lsDFM are always included.
+LOCAL_MAILER_FLAGS [Prmn9] The flags used by the local mailer. The
+ flags lsDFMAw5:/|@q are always included.
LOCAL_MAILER_ARGS [mail -d $u] The arguments passed to deliver local
mail.
LOCAL_MAILER_MAX [undefined] If defined, the maximum size of local
mail that you are willing to accept.
+LOCAL_MAILER_MAXMSGS [undefined] If defined, the maximum number of
+ messages to deliver in a single connection. Only
+ useful for LMTP local mailers.
LOCAL_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
that ARRIVE from an address that resolves to the
local mailer and which are converted to MIME will be
labeled with this character set.
+LOCAL_MAILER_EOL [undefined] If defined, the string to use as the
+ end of line for the local mailer.
+LOCAL_MAILER_DSN_DIAGNOSTIC_CODE
+ [X-Unix] The DSN Diagnostic-Code value for the
+ local mailer. This should be changed with care.
LOCAL_SHELL_PATH [/bin/sh] The shell used to deliver piped email.
LOCAL_SHELL_FLAGS [eu9] The flags used by the shell mailer. The
flags lsDFM are always included.
@@ -249,23 +290,35 @@ LOCAL_SHELL_DIR [$z:/] The directory search path in which the
shell should run.
USENET_MAILER_PATH [/usr/lib/news/inews] The name of the program
used to submit news.
-USENET_MAILER_FLAGS [rlsDFMmn] The mailer flags for the usenet mailer.
+USENET_MAILER_FLAGS [rsDFMmn] The mailer flags for the usenet mailer.
USENET_MAILER_ARGS [-m -h -n] The command line arguments for the
usenet mailer.
USENET_MAILER_MAX [100000] The maximum size of messages that will
be accepted by the usenet mailer.
SMTP_MAILER_FLAGS [undefined] Flags added to SMTP mailer. Default
- flags are `mDFMUX' for all SMTP-based mailers; the
- "esmtp" mailer adds `a' and "smtp8" adds `8'.
+ flags are `mDFMuX' for all SMTP-based mailers; the
+ "esmtp" mailer adds `a'; "smtp8" adds `8'; and
+ "dsmtp" adds `%'.
+RELAY_MAILER_FLAGS [undefined] Flags added to the relay mailer. Default
+ flags are `mDFMuX' for all SMTP-based mailers; the
+ relay mailer adds `a8'. If this is not defined,
+ then SMTP_MAILER_FLAGS is used.
SMTP_MAILER_MAX [undefined] The maximum size of messages that will
- be transported using the smtp, smtp8, or esmtp
+ be transported using the smtp, smtp8, esmtp, or dsmtp
mailers.
+SMTP_MAILER_MAXMSGS [undefined] If defined, the maximum number of
+ messages to deliver in a single connection for the
+ smtp, smtp8, esmtp, or dsmtp mailers.
SMTP_MAILER_ARGS [IPC $h] The arguments passed to the smtp mailer.
About the only reason you would want to change this
would be to change the default port.
ESMTP_MAILER_ARGS [IPC $h] The arguments passed to the esmtp mailer.
SMTP8_MAILER_ARGS [IPC $h] The arguments passed to the smtp8 mailer.
+DSMTP_MAILER_ARGS [IPC $h] The arguments passed to the dsmtp mailer.
RELAY_MAILER_ARGS [IPC $h] The arguments passed to the relay mailer.
+RELAY_MAILER_MAXMSGS [undefined] If defined, the maximum number of
+ messages to deliver in a single connection for the
+ relay mailer.
SMTP_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
that ARRIVE from an address that resolves to one of
the SMTP mailers and which are converted to MIME will
@@ -289,14 +342,14 @@ FAX_MAILER_ARGS [mailfax $u $h $f] The arguments passed to the FAX
FAX_MAILER_MAX [100000] The maximum size message accepted for
transmission by FAX.
POP_MAILER_PATH [/usr/lib/mh/spop] The pathname of the POP mailer.
-POP_MAILER_FLAGS [Penu] Flags added to POP mailer. Flags "lsDFM"
+POP_MAILER_FLAGS [Penu] Flags added to POP mailer. Flags lsDFMq
are always added.
POP_MAILER_ARGS [pop $u] The arguments passed to the POP mailer.
PROCMAIL_MAILER_PATH [/usr/local/bin/procmail] The path to the procmail
program. This is also used by
FEATURE(`local_procmail').
PROCMAIL_MAILER_FLAGS [SPhnu9] Flags added to Procmail mailer. Flags
- ``DFM'' are always set. This is NOT used by
+ DFM are always set. This is NOT used by
FEATURE(`local_procmail'); tweak LOCAL_MAILER_FLAGS
instead.
PROCMAIL_MAILER_ARGS [procmail -Y -m $h $f $u] The arguments passed to
@@ -311,9 +364,10 @@ MAIL11_MAILER_ARGS [mail11 $g $x $h $u] Arguments passed to the mail11
mailer.
PH_MAILER_PATH [/usr/local/etc/phquery] The path to the phquery
program.
-PH_MAILER_FLAGS [ehmu] Flags for the phquery mailer.
+PH_MAILER_FLAGS [ehmu] Flags for the phquery mailer. Flags nrDFM
+ are always set.
PH_MAILER_ARGS [phquery -- $u] -- arguments to the phquery mailer.
-CYRUS_MAILER_FLAGS [A5@/:|] The flags used by the cyrus mailer. The
+CYRUS_MAILER_FLAGS [Ah5@/:|] The flags used by the cyrus mailer. The
flags lsDFMnPq are always included.
CYRUS_MAILER_PATH [/usr/cyrus/bin/deliver] The program used to deliver
cyrus mail.
@@ -323,14 +377,34 @@ CYRUS_MAILER_MAX [undefined] If set, the maximum size message that
will be accepted by the cyrus mailer.
CYRUS_MAILER_USER [cyrus:mail] The user and group to become when
running the cyrus mailer.
-CYRUS_BB_MAILER_FLAGS [undefined] The flags used by the cyrusbb
- mailer. The flags lsDFMnP are always included.
+CYRUS_BB_MAILER_FLAGS [u] The flags used by the cyrusbb mailer.
+ The flags lsDFMnP are always included.
CYRUS_BB_MAILER_ARGS [deliver -e -m $u] The arguments passed
to deliver cyrusbb mail.
confEBINDIR [/usr/libexec] The directory for executables.
Currently used for FEATURE(`local_lmtp') and
FEATURE(`smrsh').
+QPAGE_MAILER_FLAGS [mDFMs] The flags used by the qpage mailer.
+QPAGE_MAILER_PATH [/usr/local/bin/qpage] The program used to deliver
+ qpage mail.
+QPAGE_MAILER_ARGS [qpage -l0 -m -P$u] The arguments passed
+ to deliver qpage mail.
+QPAGE_MAILER_MAX [4096] If set, the maximum size message that
+ will be accepted by the qpage mailer.
+
+Note: to tweak Name_MAILER_FLAGS use the macro MODIFY_MAILER_FLAGS:
+MODIFY_MAILER_FLAGS(`Name', `change') where Name is the first part of
+the macro Name_MAILER_FLAGS and change can be: flags that should
+be used directly (thus overriding the default value), or if it
+starts with `+' (`-') then those flags are added to (removed from)
+the default value. Example:
+ MODIFY_MAILER_FLAGS(`LOCAL', `+e')
+
+will add the flag `e' to LOCAL_MAILER_FLAGS.
+WARNING: The FEATUREs local_lmtp and local_procmail set LOCAL_MAILER_FLAGS
+unconditionally, i.e., without respecting any definitions in an
+OSTYPE setting.
+---------+
@@ -338,7 +412,7 @@ confEBINDIR [/usr/libexec] The directory for executables.
+---------+
You will probably want to collect domain-dependent defines into one
-file, referenced by the DOMAIN macro. For example, our Berkeley
+file, referenced by the DOMAIN macro. For example, the Berkeley
domain file includes definitions for several internal distinguished
hosts:
@@ -360,7 +434,9 @@ LOCAL_RELAY DEPRECATED. The site that will handle unqualified
only works at small sites, and only with some user
agents.
LUSER_RELAY The site that will handle lusers -- that is, apparently
- local names that aren't local accounts or aliases.
+ local names that aren't local accounts or aliases. To
+ specify a local user instead of a site, set this to
+ ``local:username''.
Any of these can be either ``mailer:hostname'' (in which case the
mailer is the internal mailer name, such as ``uucp-new'' and the hostname
@@ -387,10 +463,12 @@ knowledge" into one place.
There are fewer mailers supported in this version than the previous
version, owing mostly to a simpler world. As a general rule, put the
-MAILER definitions last in your .mc file, and always put MAILER(smtp)
-before MAILER(uucp) -- several features and definitions will modify
-the definition of mailers, and the smtp mailer modifies the UUCP
-mailer.
+MAILER definitions last in your .mc file, and always put MAILER(`smtp')
+before MAILER(`uucp') and MAILER(`procmail') -- several features and
+definitions will modify the definition of mailers, and the smtp mailer
+modifies the UUCP mailer. Moreover, MAILER(`cyrus'), MAILER(`pop'),
+MAILER(`phquery'), and MAILER(`usenet') must be defined after
+MAILER(`local').
local The local and prog mailers. You will almost always
need these; the only exception is if you relay ALL
@@ -401,14 +479,14 @@ smtp The Simple Mail Transport Protocol mailer. This does
not hide hosts behind a gateway or another other
such hack; it assumes a world where everyone is
running the name server. This file actually defines
- four mailers: "smtp" for regular (old-style) SMTP to
+ five mailers: "smtp" for regular (old-style) SMTP to
other servers, "esmtp" for extended SMTP to other
servers, "smtp8" to do SMTP to other servers without
converting 8-bit data to MIME (essentially, this is
your statement that you know the other end is 8-bit
- clean even if it doesn't say so), and "relay" for
- transmission to our RELAY_HOST, LUSER_RELAY, or
- MAILER_HUB.
+ clean even if it doesn't say so), "dsmtp" to do on
+ demand delivery, and "relay" for transmission to the
+ RELAY_HOST, LUSER_RELAY, or MAIL_HUB.
uucp The Unix-to-Unix Copy Program mailer. Actually, this
defines two mailers, "uucp-old" (a.k.a. "uucp") and
@@ -419,9 +497,9 @@ uucp The Unix-to-Unix Copy Program mailer. Actually, this
("uucp-dom" and "uucp-uudom") are also defined [warning:
you MUST specify MAILER(smtp) before MAILER(uucp)]. When you
include the uucp mailer, sendmail looks for all names in
- the $=U class and sends them to the uucp-old mailer; all
- names in the $=Y class are sent to uucp-new; and all
- names in the $=Z class are sent to uucp-uudom. Note that
+ class {U} and sends them to the uucp-old mailer; all
+ names in class {Y} are sent to uucp-new; and all
+ names in class {Z} are sent to uucp-uudom. Note that
this is a function of what version of rmail runs on
the receiving end, and hence may be out of your control.
See the section below describing UUCP mailers in more
@@ -474,8 +552,11 @@ cyrus The cyrus and cyrusbb mailers. The cyrus mailer delivers to
"user+detail@local.host" syntax; it will deliver the mail to
the user's "detail" mailbox if the mailbox's ACL permits.
The cyrusbb mailer delivers to a system-wide cyrus mailbox
- if the mailbox's ACL permits.
+ if the mailbox's ACL permits. The cyrus mailer must be
+ defined after the local mailer.
+qpage A mailer for QuickPage, a pager interface. See
+ http://www.qpage.org/ for further information.
The local mailer accepts addresses of the form "user+detail", where
the "+detail" is not used for mailbox matching but is available
@@ -494,53 +575,86 @@ example, the .mc line:
FEATURE(`use_cw_file')
-tells sendmail that you want to have it read an /etc/sendmail.cw
-file to get values for class $=w. The FEATURE may contain a single
-optional parameter -- for example:
+tells sendmail that you want to have it read an /etc/mail/local-host-names
+file to get values for class {w}. The FEATURE may contain up to 9
+optional parameters -- for example:
FEATURE(`mailertable', `dbm /usr/lib/mailertable')
The default database map type for the table features can be set with
-
+
define(`DATABASE_MAP_TYPE', `dbm')
which would set it to use ndbm databases. The default is the Berkeley DB
hash database format. Note that you must still declare a database map type
if you specify an argument to a FEATURE. DATABASE_MAP_TYPE is only used
-if no argument is given for the FEATURE.
+if no argument is given for the FEATURE. It must be specified before any
+feature that uses a map.
Available features are:
-use_cw_file Read the file /etc/sendmail.cw file to get alternate
- names for this host. This might be used if you were
- on a host that MXed for a dynamic set of other
- hosts. If the set is static, just including the line
- "Cw<name1> <name2> ..." (where the names are fully
- qualified domain names) is probably superior.
- The actual filename can be overridden by redefining
- confCW_FILE.
-
-use_ct_file Read the file /etc/sendmail.ct file to get the names
- of users that will be ``trusted'', that is, able to
- set their envelope from address using -f without
- generating a warning message.
- The actual filename can be overridden by redefining
- confCT_FILE.
+use_cw_file Read the file /etc/mail/local-host-names file to get
+ alternate names for this host. This might be used if you
+ were on a host that MXed for a dynamic set of other hosts.
+ If the set is static, just including the line "Cw<name1>
+ <name2> ..." (where the names are fully qualified domain
+ names) is probably superior. The actual filename can be
+ overridden by redefining confCW_FILE.
+
+use_ct_file Read the file /etc/mail/trusted-users file to get the
+ names of users that will be ``trusted'', that is, able to
+ set their envelope from address using -f without generating
+ a warning message. The actual filename can be overridden
+ by redefining confCT_FILE.
redirect Reject all mail addressed to "address.REDIRECT" with
- a ``551 User not local; please try <address>'' message.
+ a ``551 User has moved; please try <address>'' message.
If this is set, you can alias people who have left
to their new address with ".REDIRECT" appended.
-nouucp Don't do anything special with UUCP addresses at all.
-
-nocanonify Don't pass addresses to $[ ... $] for canonification.
- This would generally only be used by sites that only
- act as mail gateways or which have user agents that do
- full canonification themselves. You may also want to
- use "define(`confBIND_OPTS',`-DNSRCH -DEFNAMES')" to
- turn off the usual resolver options that do a similar
- thing.
+nouucp Don't route UUCP addresses. This feature takes one
+ parameter:
+ `reject': reject addresses which have "!" in the local
+ part unless it originates from a system
+ that is allowed to relay.
+ `nospecial': don't do anything special with "!".
+ Warnings: 1. See the NOTICE in the ANTI-SPAM section.
+ 2. don't remove "!" from OperatorChars if `reject' is
+ given as parameter.
+
+nocanonify Don't pass addresses to $[ ... $] for canonification
+ by default. It can be changed by setting the
+ DaemonPortOptions modifiers (M=). That is,
+ FEATURE(`nocanonify') will be overridden by setting the
+ 'c' flag. Conversely, if FEATURE(`nocanonify') is not used,
+ it can be emulated by setting the 'C' flag
+ (DaemonPortOptions=Modifiers=C). This would generally only
+ be used by sites that only act as mail gateways or which have
+ user agents that do full canonification themselves. You may
+ also want to use
+ "define(`confBIND_OPTS', `-DNSRCH -DEFNAMES')" to turn off
+ the usual resolver options that do a similar thing.
+
+ An exception list for FEATURE(`nocanonify') can be
+ specified with CANONIFY_DOMAIN or CANONIFY_DOMAIN_FILE,
+ i.e., a list of domains which are nevertheless passed to
+ $[ ... $] for canonification. This is useful to turn on
+ canonification for local domains, e.g., use
+ CANONIFY_DOMAIN(`my.domain my') to canonify addresses
+ which end in "my.domain" or "my".
+ Another way to require canonification in the local
+ domain is CANONIFY_DOMAIN(`$=m').
+
+ A trailing dot is added to addresses with more than
+ one component in it such that other features which
+ expect a trailing dot (e.g., virtusertable) will
+ still work.
+
+ If `canonify_hosts' is specified as parameter, i.e.,
+ FEATURE(`nocanonify', `canonify_hosts'), then
+ addresses which have only a hostname, e.g.,
+ <user@host>, will be canonified (and hopefully fully
+ qualified), too.
stickyhost If set, email sent to "user@local.host" are marked
as "sticky" -- that is, the local addresses aren't
@@ -552,16 +666,18 @@ stickyhost If set, email sent to "user@local.host" are marked
turn this off.
mailertable Include a "mailer table" which can be used to override
- routing for particular domains. The argument of the
- FEATURE may be the key definition. If none is specified,
- the definition used is:
+ routing for particular domains (which are not in class {w},
+ i.e. local host names). The argument of the FEATURE may be
+ the key definition. If none is specified, the definition
+ used is:
- hash -o /etc/mailertable
+ hash /etc/mail/mailertable
Keys in this database are fully qualified domain names
or partial domains preceded by a dot -- for example,
- "vangogh.CS.Berkeley.EDU" or ".CS.Berkeley.EDU".
- Values must be of the form:
+ "vangogh.CS.Berkeley.EDU" or ".CS.Berkeley.EDU". As a
+ special case of the latter, "." matches any domain not
+ covered by other keys. Values must be of the form:
mailer:domain
where "mailer" is the internal mailer name, and "domain"
is where to send the message. These maps are not
@@ -573,8 +689,10 @@ mailertable Include a "mailer table" which can be used to override
will forward to the original user in the e-mail address
using the local mailer, and
error:code message
- will give an error message with the indicated code and
- message.
+ error:D.S.N:code message
+ will give an error message with the indicated SMTP reply
+ code and message, where D.S.N is an RFC 1893 compliant
+ error code.
domaintable Include a "domain table" which can be used to provide
domain name mapping. Use of this should really be
@@ -584,7 +702,7 @@ domaintable Include a "domain table" which can be used to provide
FEATURE may be the key definition. If none is specified,
the definition used is:
- hash -o /etc/domaintable
+ hash /etc/mail/domaintable
The key in this table is the domain name; the value is
the new (fully qualified) domain. Anything in the
@@ -597,7 +715,7 @@ bitdomain Look up bitnet hosts in a table to try to turn them into
The argument of the FEATURE may be the key definition; if
none is specified, the definition used is:
- hash -o /etc/bitdomain.db
+ hash /etc/mail/bitdomain
Keys are the bitnet hostname; values are the corresponding
internet hostname.
@@ -605,7 +723,7 @@ bitdomain Look up bitnet hosts in a table to try to turn them into
uucpdomain Similar feature for UUCP hosts. The default map definition
is:
- hash -o /etc/uudomain.db
+ hash /etc/mail/uudomain
At the moment there is no automagic tool to build this
database.
@@ -631,13 +749,14 @@ allmasquerade If masquerading is enabled (using MASQUERADE_AS), this
local entries.
limited_masquerade
- Normally, any hosts listed in $=w are masqueraded. If this
- feature is given, only the hosts listed in $=M are masqueraded.
- This is useful if you have several domains with disjoint
- namespaces hosted on the same machine.
+ Normally, any hosts listed in class {w} are masqueraded. If
+ this feature is given, only the hosts listed in class {M} (see
+ below: MASQUERADE_DOMAIN) are masqueraded. This is useful
+ if you have several domains with disjoint namespaces hosted
+ on the same machine.
masquerade_entire_domain
- If masquerading is enabled (using MASQUERADE_AS) and
+ If masquerading is enabled (using MASQUERADE_AS) and
MASQUERADE_DOMAIN (see below) is set, this feature will
cause addresses to be rewritten such that the masquerading
domains are actually entire domains to be hidden. All
@@ -645,9 +764,9 @@ masquerade_entire_domain
to the masquerade name (used in MASQUERADE_AS). For example,
if you have:
- MASQUERADE_AS(masq.com)
- MASQUERADE_DOMAIN(foo.org)
- MASQUERADE_DOMAIN(bar.com)
+ MASQUERADE_AS(`masq.com')
+ MASQUERADE_DOMAIN(`foo.org')
+ MASQUERADE_DOMAIN(`bar.com')
then *foo.org and *bar.com are converted to masq.com. Without
this feature, only foo.org and bar.com are masqueraded.
@@ -655,32 +774,45 @@ masquerade_entire_domain
NOTE: only domains within your jurisdiction and
current hierarchy should be masqueraded using this.
-genericstable This feature will cause certain addresses originating locally
- (i.e. that are unqualified) or a domain listed in $=G to be
- looked up in a map and turned into another ("generic") form,
- which can change both the domain name and the user name. This
- is similar to the userdb functionality. The same types of
- addresses as for masquerading are looked up, i.e. only header
+genericstable This feature will cause unqualified addresses (i.e., without
+ a domain) and addresses with a domain listed in class {G}
+ to be looked up in a map and turned into another ("generic")
+ form, which can change both the domain name and the user name.
+ This is similar to the userdb functionality. The same types of
+ addresses as for masquerading are looked up, i.e., only header
sender addresses unless the allmasquerade and/or
masquerade_envelope features are given. Qualified addresses
- must have the domain part in the list of names given by the
- by the macros GENERICS_DOMAIN or GENERICS_DOMAIN_FILE
- (analogously to MASQUERADE_DOMAIN and MASQUERADE_DOMAIN_FILE,
- see below).
+ must have the domain part in class {G}; entries can
+ be added to this class by the macros GENERICS_DOMAIN or
+ GENERICS_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and
+ MASQUERADE_DOMAIN_FILE, see below).
The argument of FEATURE(`genericstable') may be the map
definition; the default map definition is:
- hash -o /etc/genericstable
+ hash /etc/mail/genericstable
- The key for this table is either the full address or the
- unqualified username (the former is tried first); the
- value is the new user address. If the new user address does
- not include a domain, it will be qualified in the standard
- manner, i.e. using $j or the masquerade name. Note that the
+ The key for this table is either the full address, the domain
+ (with a leading @; the localpart is passed as first argument)
+ or the unqualified username (tried in the order mentioned);
+ the value is the new user address. If the new user address
+ does not include a domain, it will be qualified in the standard
+ manner, i.e., using $j or the masquerade name. Note that the
address being looked up must be fully qualified. For local
mail, it is necessary to use FEATURE(`always_add_domain')
for the addresses to be qualified.
+ The "+detail" of an address is passed as %1, so entries like
+
+ old+*@foo.org new+%1@example.com
+ gen+*@foo.org %1@example.com
+
+ and other forms are possible.
+
+generics_entire_domain
+ If the genericstable is enabled and GENERICS_DOMAIN or
+ GENERICS_DOMAIN_FILE is used, this feature will cause
+ addresses to be searched in the map if their domain
+ parts are subdomains of elements in class {G}.
virtusertable A domain-specific form of aliasing, allowing multiple
virtual domains to be hosted on one machine. For example,
@@ -688,49 +820,83 @@ virtusertable A domain-specific form of aliasing, allowing multiple
info@foo.com foo-info
info@bar.com bar-info
- @baz.org jane@elsewhere.net
+ joe@bar.com error:nouser No such user here
+ jax@bar.com error:D.S.N:unavailable Address invalid
+ @baz.org jane@example.net
then mail addressed to info@foo.com will be sent to the
address foo-info, mail addressed to info@bar.com will be
- delivered to bar-info, and mail addressed to anyone at
- baz.org will be sent to jane@elsewhere.net. The username
- from the original address is passed as %1 allowing:
+ delivered to bar-info, and mail addressed to anyone at baz.org
+ will be sent to jane@example.net, mail to joe@bar.com will
+ be rejected with the specified error message, and mail to
+ jax@bar.com will also have a RFC 1893 compliant error code
+ D.S.N.
+
+ The username from the original address is passed
+ as %1 allowing:
- @foo.org %1@elsewhere.com
+ @foo.org %1@example.com
- meaning someone@foo.org will be sent to someone@elsewhere.com.
+ meaning someone@foo.org will be sent to someone@example.com.
+ Additionally, if the local part consists of "user+detail"
+ then "detail" is passed as %2 when a match against user+*
+ is attempted, so entries like
+
+ old+*@foo.org new+%2@example.com
+ gen+*@foo.org %2@example.com
+ +*@foo.org %1+%2@example.com
+
+ and other forms are possible. Note: to preserve "+detail"
+ for a default case (@domain) +*@domain must be used as
+ exemplified above.
All the host names on the left hand side (foo.com, bar.com,
- and baz.org) must be in $=w. The default map definition is:
+ and baz.org) must be in class {w} or class {VirtHost}, the
+ latter can be defined by the macros VIRTUSER_DOMAIN or
+ VIRTUSER_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and
+ MASQUERADE_DOMAIN_FILE, see below). If VIRTUSER_DOMAIN or
+ VIRTUSER_DOMAIN_FILE is used, then the entries of class
+ {VirtHost} are added to class {R}, i.e., relaying is allowed
+ to (and from) those domains. The default map definition is:
- hash -o /etc/virtusertable
+ hash /etc/mail/virtusertable
A new definition can be specified as the second argument of
the FEATURE macro, such as
- FEATURE(`virtusertable', `dbm -o /etc/mail/virtusers')
+ FEATURE(`virtusertable', `dbm /etc/mail/virtusers')
+
+virtuser_entire_domain
+ If the virtusertable is enabled and VIRTUSER_DOMAIN or
+ VIRTUSER_DOMAIN_FILE is used, this feature will cause
+ addresses to be searched in the map if their domain
+ parts are subdomains of elements in class {VirtHost}.
-nodns We aren't running DNS at our site (for example,
- we are UUCP-only connected). It's hard to consider
+ldap_routing Implement LDAP-based e-mail recipient routing according to
+ the Internet Draft draft-lachman-laser-ldap-mail-routing-01.
+ This provides a method to re-route addresses with a
+ domain portion in class {LDAPRoute} to either a
+ different mail host or a different address. Hosts can
+ be added to this class using LDAPROUTE_DOMAIN and
+ LDAPROUTE_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and
+ MASQUERADE_DOMAIN_FILE, see below).
+
+ See the LDAP ROUTING section below for more information.
+
+nodns If you aren't running DNS at your site (for example,
+ you are UUCP-only connected). It's hard to consider
this a "feature", but hey, it had to go somewhere.
Actually, as of 8.7 this is a no-op -- remove "dns" from
the hosts service switch entry instead.
-nullclient This is a special case -- it creates a stripped down
- configuration file containing nothing but support for
- forwarding all mail to a central hub via a local
- SMTP-based network. The argument is the name of that
- hub.
-
+nullclient This is a special case -- it creates a configuration file
+ containing nothing but support for forwarding all mail to a
+ central hub via a local SMTP-based network. The argument
+ is the name of that hub.
+
The only other feature that should be used in conjunction
- with this one is "nocanonify" (this causes addresses to
- be sent unqualified via the SMTP connection; normally
- they are qualified with the masquerade name, which
- defaults to the name of the hub machine). No mailers
+ with this one is FEATURE(`nocanonify'). No mailers
should be defined. No aliasing or forwarding is done.
- Also, note that absolutely no anti-spam or anti-relaying
- is done in a null client configuration. More information
- can be found in the ANTI-SPAM CONFIGURATION CONTROL section.
local_lmtp Use an LMTP capable local mailer. The argument to this
feature is the pathname of an LMTP capable mailer. By
@@ -739,16 +905,44 @@ local_lmtp Use an LMTP capable local mailer. The argument to this
LMTP capable. The path to mail.local is set by the
confEBINDIR m4 variable -- making the default
LOCAL_MAILER_PATH /usr/libexec/mail.local.
+ WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally,
+ i.e., without respecting any definitions in an OSTYPE setting.
+
+local_procmail Use procmail or another delivery agent as the local mailer.
+ The argument to this feature is the pathname of the
+ delivery agent, which defaults to PROCMAIL_MAILER_PATH.
+ Note that this does NOT use PROCMAIL_MAILER_FLAGS or
+ PROCMAIL_MAILER_ARGS for the local mailer; tweak
+ LOCAL_MAILER_FLAGS and LOCAL_MAILER_ARGS instead, or
+ specify the appropriate parameters. When procmail is used,
+ the local mailer can make use of the
+ "user+indicator@local.host" syntax; normally the +indicator
+ is just tossed, but by default it is passed as the -a
+ argument to procmail.
+
+ This feature can take up to three arguments:
-local_procmail Use procmail as the local mailer. This mailer can
- make use of the "user+indicator@local.host" syntax;
- normally the +indicator is just tossed, but by default
- it is passed as the -a argument to procmail. The
- argument to this feature is the pathname of procmail,
- which defaults to PROCMAIL_MAILER_PATH. Note that this
- does NOT use PROCMAIL_MAILER_FLAGS or PROCMAIL_MAILER_ARGS
- for the local mailer; tweak LOCAL_MAILER_FLAGS and
- LOCAL_MAILER_ARGS instead.
+ 1. Path to the mailer program
+ [default: /usr/local/bin/procmail]
+ 2. Argument vector including name of the program
+ [default: procmail -Y -a $h -d $u]
+ 3. Flags for the mailer [default: SPfhn9]
+
+ Empty arguments cause the defaults to be taken.
+
+ For example, this allows it to use the maildrop
+ (http://www.flounder.net/~mrsam/maildrop/) mailer instead
+ by specifying:
+
+ FEATURE(`local_procmail', `/usr/local/bin/maildrop',
+ `maildrop -d $u')
+
+ or scanmails using:
+
+ FEATURE(`local_procmail', `/usr/local/bin/scanmails')
+
+ WARNING: This feature sets LOCAL_MAILER_FLAGS unconditionally,
+ i.e., without respecting any definitions in an OSTYPE setting.
bestmx_is_local Accept mail as though locally addressed for any host that
lists us as the best possible MX record. This generates
@@ -772,22 +966,23 @@ smrsh Use the SendMail Restricted SHell (smrsh) provided
promiscuous_relay
By default, the sendmail configuration files do not permit
mail relaying (that is, accepting mail from outside your
- domain and sending it to another host outside your domain).
- This option sets your site to allow mail relaying from any
- site to any site. In general, it is better to control the
- relaying more carefully with the access db and the 'R'
- class ($=R). Domains can be added to class 'R' by the
- macros RELAY_DOMAIN or RELAY_DOMAIN_FILE (analogously to
- MASQUERADE_DOMAIN and MASQUERADE_DOMAIN_FILE, see below).
+ local host (class {w}) and sending it to another host than
+ your local host). This option sets your site to allow
+ mail relaying from any site to any site. In almost all
+ cases, it is better to control relaying more carefully
+ with the access map, class {R}, or authentication. Domains
+ can be added to class {R} by the macros RELAY_DOMAIN or
+ RELAY_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and
+ MASQUERADE_DOMAIN_FILE, see below).
relay_entire_domain
By default, only hosts listed as RELAY in the access db
will be allowed to relay. This option also allows any
- host in your domain as defined by the 'm' class ($=m).
+ host in your domain as defined by class {m}.
relay_hosts_only
By default, names that are listed as RELAY in the access
- db and class 'R' ($=R) are domain names, not host names.
+ db and class {R} are domain names, not host names.
For example, if you specify ``foo.com'', then mail to or
from foo.com, abc.foo.com, or a.very.deep.domain.foo.com
will all be accepted for relaying. This feature changes
@@ -808,6 +1003,17 @@ relay_based_on_MX
this is a problem, add entries to the access-table or use
FEATURE(`loose_relay_check').
+relay_mail_from
+ Allows relaying if the mail sender is listed as RELAY in
+ the access map. If an optional argument `domain' is given,
+ the domain portion of the mail sender is checked too.
+ This should only be used if absolutely necessary as the
+ sender address can be easily forged. Use of this feature
+ requires the "From:" tag be prepended to the key in the
+ access map; see the discussion of tags and
+ FEATURE(`relay_mail_from') in the section on ANTI-SPAM
+ CONFIGURATION CONTROL.
+
relay_local_from
Allows relaying if the domain portion of the mail sender
is a local host. This should only be used if absolutely
@@ -816,32 +1022,38 @@ relay_local_from
from your domain (either directly or via a routed address),
and you will go ahead and relay it out to arbitrary hosts
on the Internet.
-
+
accept_unqualified_senders
Normally, MAIL FROM: commands in the SMTP session will be
refused if the connection is a network connection and the
sender address does not include a domain name. If your
- setup sends local mail unqualified (i.e. MAIL FROM: <joe>),
+ setup sends local mail unqualified (i.e., MAIL FROM: <joe>),
you will need to use this feature to accept unqualified
- sender addresses.
-
+ sender addresses. Setting the DaemonPortOptions modifier
+ 'u' overrides the default behavior, i.e., unqualified
+ addresses are accepted even without this FEATURE.
+ If this FEATURE is not used, the DaemonPortOptions modifier
+ 'f' can be used to enforce fully qualified addresses.
+
accept_unresolvable_domains
Normally, MAIL FROM: commands in the SMTP session will be
- refused if the host part of the argument to MAIL FROM: cannot
- be located in the host name service (e.g., DNS). If you are
- inside a firewall that has only a limited view of the
- Internet host name space, this could cause problems. In this
- case you probably want to use this feature to accept all
- domains on input, even if they are unresolvable.
+ refused if the host part of the argument to MAIL FROM:
+ cannot be located in the host name service (e.g., an A or
+ MX record in DNS). If you are inside a firewall that has
+ only a limited view of the Internet host name space, this
+ could cause problems. In this case you probably want to
+ use this feature to accept all domains on input, even if
+ they are unresolvable.
access_db Turns on the access database feature. The access db gives
you the ability to allow or refuse to accept mail from
specified domains for administrative reasons. By default,
the access database specification is:
- hash -o /etc/mail/access
+ hash /etc/mail/access
- The format of the database is described below.
+ The format of the database is described in the anti-spam
+ configuration control section later in this document.
blacklist_recipients
Turns on the ability to block incoming mail for certain
@@ -849,21 +1061,38 @@ blacklist_recipients
example, you can block incoming mail to user nobody,
host foo.mydomain.com, or guest@bar.mydomain.com.
These specifications are put in the access db as
- described below.
-
-rbl Turns on rejection of hosts found in the Realtime Blackhole
- List. If an argument is provided it is used as the
- name sever to contact; otherwise, the main RBL server at
- rbl.maps.vix.com is used. For details, see
+ described in the anti-spam configuration control section
+ later in this document.
+
+rbl This feature is deprecated! Please use dnsbl instead.
+ Turns on rejection of hosts found in the Realtime Blackhole
+ List. If an argument is provided it is used as the domain
+ in which blocked hosts are listed; otherwise, the main
+ RBL domain rbl.maps.vix.com is used. For details, see
http://maps.vix.com/rbl/.
+dnsbl Turns on rejection of hosts found in an DNS based rejection
+ list. If an argument is provided it is used as the domain
+ in which blocked hosts are listed; otherwise it defaults to
+ rbl.maps.vix.com. An explanation for an DNS based rejection
+ list can be found http://maps.vix.com/rbl/. A second argument
+ can be used to change the default error message of
+ Mail from $&{client_addr} refused by blackhole site SERVER
+ where SERVER is replaced by the first argument. This feature
+ can be included several times to query different DNS based
+ rejection lists.
+
loose_relay_check
- Normally, if a recipient using % addressing is used, e.g.
- user%site@othersite, and othersite is in class 'R', the
+ Normally, if % addressing is used for a recipient, e.g.
+ user%site@othersite, and othersite is in class {R}, the
check_rcpt ruleset will strip @othersite and recheck
user@site for relaying. This feature changes that
behavior. It should not be needed for most installations.
+no_default_msa Don't generate the default MSA daemon, i.e.,
+ DAEMON_OPTIONS(`Port=587,Name=MSA,M=E')
+ To define a MSA daemon with other parameters, use this
+ FEATURE and introduce new settings via DAEMON_OPTIONS().
+-------+
| HACKS |
@@ -874,7 +1103,7 @@ they go in the hack subdirectory and are referenced using the HACK
macro. These will tend to be site-dependent. The release
includes the Berkeley-dependent "cssubdomain" hack (that makes
sendmail accept local names in either Berkeley.EDU or CS.Berkeley.EDU;
-this is intended as a short-term aid while we move hosts into
+this is intended as a short-term aid while moving hosts into
subdomains.
@@ -894,54 +1123,40 @@ Complex sites will need more local configuration information, such as
lists of UUCP hosts they speak with directly. This can get a bit more
tricky. For an example of a "complex" site, see cf/ucbvax.mc.
-If your host is known by several different names, you need to augment
-the $=w class. This is a list of names by which you are known, and
-anything sent to an address using a host name in this list will be
-treated as local mail. You can do this in two ways: either create
-the file /etc/sendmail.cw containing a list of your aliases (one per
-line), and use ``FEATURE(`use_cw_file')'' in the .mc file, or add the
-line:
-
- Cw alias.host.name
-
-at the end of that file. See the ``vangogh.mc'' file for an example.
-Be sure you use the fully-qualified name of the host, rather than a
-short name.
-
The SITECONFIG macro allows you to indirectly reference site-dependent
configuration information stored in the siteconfig subdirectory. For
example, the line
- SITECONFIG(uucp.ucbvax, ucbvax, U)
+ SITECONFIG(`uucp.ucbvax', `ucbvax', `U')
reads the file uucp.ucbvax for local connection information. The
second parameter is the local name (in this case just "ucbvax" since
it is locally connected, and hence a UUCP hostname). The third
parameter is the name of both a macro to store the local name (in
-this case, $U) and the name of the class (e.g., $=U) in which to store
+this case, {U}) and the name of the class (e.g., {U}) in which to store
the host information read from the file. Another SITECONFIG line reads
- SITECONFIG(uucp.ucbarpa, ucbarpa.Berkeley.EDU, W)
+ SITECONFIG(`uucp.ucbarpa', `ucbarpa.Berkeley.EDU', `W')
This says that the file uucp.ucbarpa contains the list of UUCP sites
-connected to ucbarpa.Berkeley.EDU. The $=W class will be used to
+connected to ucbarpa.Berkeley.EDU. Class {W} will be used to
store this list, and $W is defined to be ucbarpa.Berkeley.EDU, that
is, the name of the relay to which the hosts listed in uucp.ucbarpa
-are connected. [The machine ucbarpa is gone now, but I've left
-this out-of-date configuration file around to demonstrate how you
-might do this.]
+are connected. [The machine ucbarpa is gone now, but this
+out-of-date configuration file has been left around to demonstrate
+how you might do this.]
Note that the case of SITECONFIG with a third parameter of ``U'' is
special; the second parameter is assumed to be the UUCP name of the
local site, rather than the name of a remote site, and the UUCP name
-is entered into $=w (the list of local hostnames) as $U.UUCP.
+is entered into class {w} (the list of local hostnames) as $U.UUCP.
The siteconfig file (e.g., siteconfig/uucp.ucbvax.m4) contains nothing
more than a sequence of SITE macros describing connectivity. For
example:
- SITE(cnmat)
- SITE(sgi olympus)
+ SITE(`cnmat')
+ SITE(`sgi olympus')
The second example demonstrates that you can use two names on the
same line; these are usually aliases for the same host (or are at
@@ -990,7 +1205,7 @@ The four mailers are:
uucp-dom
This UUCP mailer keeps everything as domain addresses.
Basically, it uses the SMTP mailer rewriting rules. This mailer
- is only included if MAILER(smtp) is also specified.
+ is only included if MAILER(`smtp') is also specified.
Unfortunately, a lot of UUCP mailer transport agents require
bangified addresses in the envelope, although you can use
@@ -1004,13 +1219,13 @@ The four mailers are:
local hostname, unless there is no host name on the address
at all (e.g., "wolf") or the host component is a UUCP host name
instead of a domain name ("somehost!wolf" instead of
- "some.dom.ain!wolf"). This is also included only if MAILER(smtp)
+ "some.dom.ain!wolf"). This is also included only if MAILER(`smtp')
is also specified.
Examples:
-We are on host grasp.insa-lyon.fr (UUCP host name "grasp"). The
-following summarizes the sender rewriting for various mailers.
+On host grasp.insa-lyon.fr (UUCP host name "grasp"), the following
+summarizes the sender rewriting for various mailers.
Mailer sender rewriting in the envelope
------ ------ -------------------------
@@ -1048,8 +1263,8 @@ A common use is to convert old UUCP addresses to SMTP addresses using
the UUCPSMTP macro. For example:
LOCAL_RULE_3
- UUCPSMTP(decvax, decvax.dec.com)
- UUCPSMTP(research, research.att.com)
+ UUCPSMTP(`decvax', `decvax.dec.com')
+ UUCPSMTP(`research', `research.att.com')
will cause addresses of the form "decvax!user" and "research!user"
to be converted to "user@decvax.dec.com" and "user@research.att.com"
@@ -1077,11 +1292,12 @@ You can also tweak rulesets 1 and 2 using LOCAL_RULE_1 and LOCAL_RULE_2.
These rulesets are normally empty.
A similar macro is LOCAL_CONFIG. This introduces lines added after the
-boilerplate option setting but before rulesets, and can be used to
-declare local database maps or whatever. For example:
+boilerplate option setting but before rulesets. Do not declare rulesets in
+the LOCAL_CONFIG section. It can be used to declare local database maps or
+whatever. For example:
LOCAL_CONFIG
- Khostmap hash /etc/hostmap.db
+ Khostmap hash /etc/mail/hostmap
Kyplocal nis -m hosts.byname
@@ -1091,14 +1307,15 @@ declare local database maps or whatever. For example:
You can have your host masquerade as another using
- MASQUERADE_AS(host.domain)
+ MASQUERADE_AS(`host.domain')
This causes mail being sent to be labeled as coming from the
indicated host.domain, rather than $j. One normally masquerades as
-one of one's own subdomains (for example, it's unlikely that I would
-choose to masquerade as an MIT site). This behaviour is modified by
-a plethora of FEATUREs; in particular, see masquerade_envelope,
-allmasquerade, limited_masquerade, and masquerade_entire_domain.
+one of one's own subdomains (for example, it's unlikely that
+Berkeley would choose to masquerade as an MIT site). This
+behaviour is modified by a plethora of FEATUREs; in particular, see
+masquerade_envelope, allmasquerade, limited_masquerade, and
+masquerade_entire_domain.
The masquerade name is not normally canonified, so it is important
that it be your One True Name, that is, fully qualified and not a
@@ -1106,10 +1323,11 @@ CNAME. However, if you use a CNAME, the receiving side may canonify
it for you, so don't think you can cheat CNAME mapping this way.
Normally the only addresses that are masqueraded are those that come
-from this host (that is, are either unqualified or in $=w, the list
-of local domain names). You can augment this list using
+from this host (that is, are either unqualified or in class {w}, the list
+of local domain names). You can augment this list, which is realized
+by class {M} using
- MASQUERADE_DOMAIN(otherhost.domain)
+ MASQUERADE_DOMAIN(`otherhost.domain')
The effect of this is that although mail to user@otherhost.domain
will not be delivered locally, any mail including any user@otherhost.domain
@@ -1118,9 +1336,17 @@ This can be a space-separated list of names.
If these names are in a file, you can use
- MASQUERADE_DOMAIN_FILE(filename)
+ MASQUERADE_DOMAIN_FILE(`filename')
-to read the list of names from the indicated file.
+to read the list of names from the indicated file (i.e., to add
+elements to class {M}).
+
+To exempt hosts or subdomains from being masqueraded, you can use
+
+ MASQUERADE_EXCEPTION(`host.domain')
+
+This can come handy if you want to masquerade a whole domain
+except for one (or a few) host(s).
Normally only header addresses are masqueraded. If you want to
masquerade the envelope as well, use
@@ -1129,13 +1355,14 @@ masquerade the envelope as well, use
There are always users that need to be "exposed" -- that is, their
internal site name should be displayed instead of the masquerade name.
-Root is an example. You can add users to this list using
+Root is an example (which has been "exposed" by default prior to 8.10).
+You can add users to this list using
- EXPOSED_USER(usernames)
+ EXPOSED_USER(`usernames')
-This adds users to class E; you could also use something like
+This adds users to class {E}; you could also use something like
- FE/etc/sendmail.cE
+ FE/etc/mail/exposed-users
You can also arrange to relay all unqualified names (that is, names
without @host) to a relay host. For example, if you have a central
@@ -1149,11 +1376,11 @@ The ``mailer:'' can be omitted, in which case the mailer defaults to
because of local aliases. A common example is root, which may be
locally aliased. You can add entries to this list using
- LOCAL_USER(usernames)
+ LOCAL_USER(`usernames')
-This adds users to class L; you could also use something like
+This adds users to class {L}; you could also use something like
- FL/etc/sendmail.cL
+ FL/etc/mail/local-users
If you want all incoming mail sent to a centralized hub, as for a
shared /var/spool/mail scheme, use
@@ -1163,7 +1390,9 @@ shared /var/spool/mail scheme, use
Again, ``mailer:'' defaults to "relay". If you define both LOCAL_RELAY
and MAIL_HUB _AND_ you have FEATURE(`stickyhost'), unqualified names will
be sent to the LOCAL_RELAY and other local names will be sent to MAIL_HUB.
-Names in $=L will be delivered locally, so you MUST have aliases or
+Note: there is a (long standing) bug which keeps this combination from
+working for addresses of the form user+detail.
+Names in class {L} will be delivered locally, so you MUST have aliases or
.forward files for them.
For example, if you are on machine mastodon.CS.Berkeley.EDU and you have
@@ -1190,7 +1419,9 @@ SMART_HOST as well. Briefly:
LOCAL_RELAY applies to unqualified names (e.g., "eric").
MAIL_HUB applies to names qualified with the name of the
local host (e.g., "eric@mastodon.CS.Berkeley.EDU").
- SMART_HOST applies to names qualified with other hosts.
+ SMART_HOST applies to names qualified with other hosts or
+ bracketed addresses (e.g., "eric@mastodon.CS.Berkeley.EDU"
+ or "eric@[127.0.0.1]").
However, beware that other relays (e.g., UUCP_RELAY, BITNET_RELAY,
DECNET_RELAY, and FAX_RELAY) take precedence over SMART_HOST, so if you
@@ -1205,6 +1436,124 @@ specified with a terminal dot:
note the trailing dot ---^
++--------------+
+| LDAP ROUTING |
++--------------+
+
+FEATURE(`ldap_routing') can be used to implement the IETF Internet Draft
+LDAP Schema for Intranet Mail Routing
+(draft-lachman-laser-ldap-mail-routing-01). This feature enables
+LDAP-based rerouting of a particular address to either a different host
+or a different address. The LDAP lookup is first attempted on the full
+address (e.g., user@example.com) and then on the domain portion
+(e.g., @example.com). Be sure to setup your domain for LDAP routing using
+LDAPROUTE_DOMAIN(), e.g.:
+
+ LDAPROUTE_DOMAIN(`example.com')
+
+By default, the feature will use the schemas as specified in the draft
+and will not reject addresses not found by the LDAP lookup. However,
+this behavior can be changed by giving additional arguments to the FEATURE()
+command:
+
+ FEATURE(`ldap_routing', <mailHost>, <mailRoutingAddress>, <bounce>)
+
+where <mailHost> is a map definition describing how to lookup an alternative
+mail host for a particular address; <mailRoutingAddress> is a map definition
+describing how to lookup an alternative address for a particular address; and
+the <bounce> argument, if present and not the word "passthru", dictates
+that mail should be bounced if neither a mailHost nor mailRoutingAddress
+is found.
+
+The default <mailHost> map definition is:
+
+ ldap -1 -v mailHost -k (&(objectClass=inetLocalMailRecipient)
+ (mailLocalAddress=%0))
+
+The default <mailRoutingAddress> map definition is:
+
+ ldap -1 -v mailRoutingAddress -k (&(objectClass=inetLocalMailRecipient)
+ (mailLocalAddress=%0))
+
+Note that neither includes the LDAP server hostname (-h server) or base DN
+(-b o=org,c=COUNTRY), both necessary for LDAP queries. It is presumed that
+your .mc file contains a setting for the confLDAP_DEFAULT_SPEC option with
+these settings. If this is not the case, the map definitions should be
+changed as described above.
+
+The following possibilities exist as a result of an LDAP lookup on an
+address:
+
+ mailHost is mailRoutingAddress is Results in
+ ----------- --------------------- ----------
+ set to a set mail delivered to
+ "local" host mailRoutingAddress
+
+ set to a not set delivered to
+ "local" host original address
+
+ set to a set mailRoutingAddress
+ remote host relayed to mailHost
+
+ set to a not set original address
+ remote host relayed to mailHost
+
+ not set set mail delivered to
+ mailRoutingAddress
+
+ not set not set delivered to
+ original address *OR*
+ bounced as unknown user
+
+The term "local" host above means the host specified is in class {w}.
+Note that the last case depends on whether the third argument is given
+to the FEATURE() command. The default is to deliver the message to the
+original address.
+
+The LDAP entries should be set up with an objectClass of
+inetLocalMailRecipient and the address be listed in a mailLocalAddress
+attribute. If present, there must be only one mailHost attribute and it
+must contain a fully qualified host name as its value. Similarly, if
+present, there must be only one mailRoutingAddress attribute and it must
+contain an RFC 822 compliant address. Some example LDAP records (in ldif
+format):
+
+ dn: uid=tom, o=example.com, c=US
+ objectClass: inetLocalMailRecipient
+ mailLocalAddress: tom@example.com
+ mailRoutingAddress: thomas@mailhost.example.com
+
+This would deliver mail for tom@example.com to thomas@mailhost.example.com.
+
+ dn: uid=dick, o=example.com, c=US
+ objectClass: inetLocalMailRecipient
+ mailLocalAddress: dick@example.com
+ mailHost: eng.example.com
+
+This would relay mail for dick@example.com to the same address but redirect
+the mail to MX records listed for the host eng.example.com.
+
+ dn: uid=harry, o=example.com, c=US
+ objectClass: inetLocalMailRecipient
+ mailLocalAddress: harry@example.com
+ mailHost: mktmail.example.com
+ mailRoutingAddress: harry@mkt.example.com
+
+This would relay mail for harry@example.com to the MX records listed for
+the host mktmail.example.com using the new address harry@mkt.example.com
+when talking to that host.
+
+ dn: uid=virtual.example.com, o=example.com, c=US
+ objectClass: inetLocalMailRecipient
+ mailLocalAddress: @virtual.example.com
+ mailHost: server.example.com
+ mailRoutingAddress: virtual@example.com
+
+This would send all mail destined for any username @virtual.example.com to
+the machine server.example.com's MX servers and deliver to the address
+virtual@example.com on that relay machine.
+
+
+---------------------------------+
| ANTI-SPAM CONFIGURATION CONTROL |
+---------------------------------+
@@ -1216,20 +1565,26 @@ The primary anti-spam features available in sendmail are:
* Access database.
* Header checks.
-Relaying (transmission of messages from a site outside your domain to
-another site outside your domain) is denied by default. Note that
-this changed in sendmail 8.9; previous versions allowed relaying by
-default. If you want to revert to the old behaviour, you will need
-to use FEATURE(`promiscuous_relay'). You can allow certain domains to
-relay through your server by adding their domain name or IP address to
-class 'R' ($=R) using RELAY_DOMAIN() and RELAY_DOMAIN_FILE() or via the
-access database (described below).
+Relaying (transmission of messages from a site outside your host (class
+{w}) to another site except yours) is denied by default. Note that this
+changed in sendmail 8.9; previous versions allowed relaying by default.
+If you really want to revert to the old behaviour, you will need to use
+FEATURE(`promiscuous_relay'). You can allow certain domains to relay
+through your server by adding their domain name or IP address to class
+{R} using RELAY_DOMAIN() and RELAY_DOMAIN_FILE() or via the access database
+(described below). The file consists (like any other file based class)
+of entries listed on separate lines, e.g.,
+
+ sendmail.org
+ 128.32
+ 1:2:3:4:5:6:7
+ host.mydomain.com
If you use
FEATURE(`relay_entire_domain')
-then any host in any of your local domains (that is, the $=m class)
+then any host in any of your local domains (that is, class {m})
will be relayed (that is, you will accept mail either to or from any
host in your domain).
@@ -1253,11 +1608,21 @@ MAIL FROM: <user@domain>) domain which is a local domain. This a
dangerous feature as it will allow spammers to spam using your mail
server by simply specifying a return address of user@your.domain.com.
It should not be used unless absolutely necessary.
+A slightly better solution is
+
+ FEATURE(`relay_mail_from')
+
+which allows relaying if the mail sender is listed as RELAY in the
+access map. If an optional argument `domain' is given, the domain
+portion of the mail sender is also checked to allowing relaying.
+This option only works together with the tag From: for the LHS of
+the access map entries (see below: Finer control...).
+
If source routing is used in the recipient address (i.e.
RCPT TO: <user%site.com@othersite.com>), sendmail will check
user@site.com for relaying if othersite.com is an allowed relay host
-in either class 'R', class 'm' if FEATURE(`relay_entire_domain') is used,
+in either class {R}, class {m} if FEATURE(`relay_entire_domain') is used,
or the access database if FEATURE(`access_db') is used. To prevent
the address from being stripped down, use:
@@ -1268,10 +1633,22 @@ should only be used for sites which have no control over the addresses
that they provide a gateway for. Use this FEATURE with caution as it
can allow spammers to relay through your server if not setup properly.
+NOTICE: It is possible to relay mail through a system which the anti-relay
+rules do not prevent: the case of a system that does use FEATURE(`nouucp',
+`nospecial') (system A) and relays local messages to a mail hub (e.g., via
+LOCAL_RELAY or LUSER_RELAY) (system B). If system B doesn't use
+FEATURE(`nouucp') at all, addresses of the form
+<example.net!user@local.host> would be relayed to <user@example.net>.
+System A doesn't recognize `!' as an address separator and therefore
+forwards it to the mail hub which in turns relays it because it came from
+a trusted local host. So if a mailserver allows UUCP (bang-format)
+addresses, all systems from which it allows relaying should do the same
+or reject those addresses.
+
As of 8.9, sendmail will refuse mail if the MAIL FROM: parameter has
an unresolvable domain (i.e., one that DNS, your local name service,
or special case rules in ruleset 3 cannot locate). If you want to
-continue to accept such domains, e.g. because you are inside a
+continue to accept such domains, e.g., because you are inside a
firewall that has only a limited view of the Internet host name space
(note that you will not be able to return mail to them unless you have
some "smart host" forwarder), use
@@ -1284,6 +1661,11 @@ want to continue to accept such senders, use
FEATURE(`accept_unqualified_senders')
+Setting the DaemonPortOptions modifier 'u' overrides the default behavior,
+i.e., unqualified addresses are accepted even without this FEATURE. If
+this FEATURE is not used, the DaemonPortOptions modifier 'f' can be used
+to enforce fully qualified addresses.
+
An ``access'' database can be created to accept or reject mail from
selected domains. For example, you may choose to reject all mail
originating from known spammers. To enable such a database, use
@@ -1293,7 +1675,7 @@ originating from known spammers. To enable such a database, use
The FEATURE macro can accept a second parameter giving the key file
definition for the database; for example
- FEATURE(`access_db', `hash -o /etc/mail/access')
+ FEATURE(`access_db', `hash /etc/mail/access')
Remember, since /etc/mail/access is a database, after creating the text
file as described below, you must use makemap to create the database
@@ -1324,33 +1706,57 @@ The value part of the map can contain:
REJECT Reject the sender or recipient with a general
purpose message.
DISCARD Discard the message completely using the
- $#discard mailer. This only works for sender
- addresses (i.e., it indicates that you should
- discard anything received from the indicated
- domain).
+ $#discard mailer. For sender addresses it
+ indicates that you should discard anything
+ received from the indicated domain. If it
+ is used for recipients, it affects only
+ the designated recipients, not the whole
+ message.
### any text where ### is an RFC 821 compliant error code
and "any text" is a message to return for
the command.
+ ERROR:### any text
+ as above, but useful to mark error messages as such.
+ ERROR:D.S.N:### any text
+ where D.S.N is an RFC 1893 compliant error code
+ and the rest as above.
For example:
cyberspammer.com 550 We don't accept mail from spammers
okay.cyberspammer.com OK
- sendmail.org OK
+ sendmail.org RELAY
128.32 RELAY
+ 1:2:3:4:5:6:7 RELAY
+ [127.0.0.3] OK
+ [1:2:3:4:5:6:7:8] OK
-would accept mail from okay.cyberspammer.com, but would reject mail
-from all other hosts at cyberspammer.com with the indicated message.
-It would allow accept mail from any hosts in the sendmail.org domain,
-and allow relaying for the 128.32.*.* network. Note, UUCP users may
-need to add hostname.UUCP to the access database or class 'R' ($=R).
-If you also use:
+would accept mail from okay.cyberspammer.com, but would reject mail from
+all other hosts at cyberspammer.com with the indicated message. It would
+allow relaying mail from and to any hosts in the sendmail.org domain, and
+allow relaying from the 128.32.*.* network and the IPv6 1:2:3:4:5:6:7:*
+network. The latter two entries are for checks against ${client_name} if
+the IP address doesn't resolve to a hostname (or is considered as "may be
+forged").
+
+Warning: if you change the RFC 821 compliant error code from the default
+value of 550, then you should probably also change the RFC 1893 compliant
+error code to match it. For example, if you use
+
+ user@example.com 450 mailbox full
+
+the error returned would be "450 4.0.0 mailbox full" which is wrong.
+Use "450 4.2.2 mailbox full" or "ERROR:4.2.2:450 mailbox full"
+instead.
+
+Note, UUCP users may need to add hostname.UUCP to the access database
+or class {R}. If you also use:
FEATURE(`relay_hosts_only')
then the above example will allow relaying for sendmail.org, but not
hosts within the sendmail.org domain. Note that this will also require
-hosts listed in class 'R' ($=R) to be fully qualified host names.
+hosts listed in class {R} to be fully qualified host names.
You can also use the access database to block sender addresses based on
the username portion of the address. For example:
@@ -1368,16 +1774,19 @@ If you use:
then you can add entries to the map for local users, hosts in your
domains, or addresses in your domain which should not receive mail:
- badlocaluser 550 Mailbox disabled for this username
+ badlocaluser@ 550 Mailbox disabled for this username
host.mydomain.com 550 That host does not accept mail
user@otherhost.mydomain.com 550 Mailbox disabled for this recipient
This would prevent a recipient of badlocaluser@mydomain.com, any
user at host.mydomain.com, and the single address
-user@otherhost.mydomain.com from receiving mail. Enabling this
-feature will keep you from sending mails to all addresses that
-have an error message or REJECT as value part in the access map.
-Taking the example from above:
+user@otherhost.mydomain.com from receiving mail. Please note: a
+local username must be now tagged with an @ (this is consistent
+with the check of the sender address, and hence it is possible to
+distinguish between hostnames and usernames). Enabling this feature
+will keep you from sending mails to all addresses that have an
+error message or REJECT as value part in the access map. Taking
+the example from above:
spammer@aol.com REJECT
cyberspammer.com REJECT
@@ -1388,11 +1797,16 @@ There is also a ``Realtime Blackhole List'' run by the MAPS project
at http://maps.vix.com/. This is a database maintained in DNS of
spammers. To use this database, use
- FEATURE(`rbl')
+ FEATURE(`dnsbl')
This will cause sendmail to reject mail from any site in the
Realtime Blackhole List database. You can specify an alternative
-RBL name server to contact by specifying an argument to the FEATURE.
+RBL domain to check by specifying an argument to the FEATURE.
+A second argument can be used to change the default error message
+Mail from $&{client_addr} refused by blackhole site DOMAIN
+where DOMAIN is replaced by the first argument. This FEATURE can
+be included several times to query different DNS based rejection
+lists, e.g., the dial-up user list (see http://maps.vix.com/dul/).
The features described above make use of the check_relay, check_mail,
and check_rcpt rulesets. If you wish to include your own checks,
@@ -1401,15 +1815,15 @@ Local_check_mail, and Local_check_rcpt. For example if you wanted to
block senders with all numeric usernames (i.e. 2312343@bigisp.com),
you would use Local_check_mail and the new regex map:
- LOCAL_CONFIG
- Kallnumbers regex -a@MATCH ^[0-9]+$
-
- LOCAL_RULESETS
- SLocal_check_mail
- # check address against various regex checks
+ LOCAL_CONFIG
+ Kallnumbers regex -a@MATCH ^[0-9]+$
+
+ LOCAL_RULESETS
+ SLocal_check_mail
+ # check address against various regex checks
R$* $: $>Parse0 $>3 $1
- R$+ < @ bigisp.com. > $* $: $(allnumbers $1 $)
- R@MATCH $#error $: 553 Header Error
+ R$+ < @ bigisp.com. > $* $: $(allnumbers $1 $)
+ R@MATCH $#error $: 553 Header Error
These rules are called with the original arguments of the corresponding
check_* ruleset. If the local ruleset returns $#OK, no further checking
@@ -1418,6 +1832,93 @@ local ruleset resolves to a mailer (such as $#error or $#discard), the
appropriate action is taken. Otherwise, the results of the local
rewriting are ignored.
+Finer control by using tags for the LHS of the access map
+
+Read this section only if the options listed so far are not sufficient
+for your purposes. There is now the option to tag entries in the
+access map according to their type. Three tags are available:
+
+ Connect: connection information (${client_addr}, ${client_name})
+ From: sender
+ To: recipient
+
+If the required item is looked up in a map, it will be tried first
+with the corresponding tag in front, then (as fallback to enable
+backward compatibility) without any tag. For example,
+
+ From:spammer@some.dom REJECT
+ To:friend.domain RELAY
+ Connect:friend.domain OK
+ Connect:from.domain RELAY
+ From:good@another.dom OK
+ From:another.dom REJECT
+
+This would deny mails from spammer@some.dom but you could still
+send mail to that address even if FEATURE(`blacklist_recipients')
+is enabled. Your system will allow relaying to friend.domain, but
+not from it (unless enabled by other means). Connections from that
+domain will be allowed even if it ends up in one of the DNS based
+rejection lists. Relaying is enabled from from.domain but not to
+it (since relaying is based on the connection information for
+outgoing relaying, the tag Connect: must be used; for incoming
+relaying, which is based on the recipient address, To: must be
+used). The last two entries allow mails from good@another.dom but
+reject mail from all other addresses with another.dom as domain
+part.
+
+Delay all checks
+
+By using FEATURE(`delay_checks') the rulesets check_mail and check_relay
+will not be called when a client connects or issues a MAIL command,
+respectively. Instead, those rulesets will be called by the check_rcpt
+ruleset; they will be skipped if a sender has been authenticated using
+a "trusted" mechanism, i.e., one that is defined via TRUST_AUTH_MECH().
+If check_mail returns an error then the RCPT TO command will be rejected
+with that error. If it returns some other result starting with $# then
+check_relay will be skipped. If the sender address (or a part of it) is
+listed in the access map and it has a RHS of OK or RELAY, then check_relay
+will be skipped. This has an interesting side effect: if your domain is
+my.domain and you have
+
+ my.domain RELAY
+
+in the access map, then all e-mail with a sender address of
+<user@my.domain> gets through, even if check_relay would reject it
+(e.g., based on the hostname or IP address). This allows spammers
+to get around DNS based blacklist by faking the sender address. To
+avoid this problem you have to use tagged entries:
+
+ To:my.domain RELAY
+ Connect:my.domain RELAY
+
+if you need those entries at all (class {R} may take care of them).
+
+FEATURE(`delay_checks') can take an optional argument:
+
+ FEATURE(`delay_checks', `friend')
+ enables spamfriend test
+ FEATURE(`delay_checks', `hater')
+ enables spamhater test
+
+If such an argument is given, the recipient will be looked up in the access
+map (using the tag To:). If the argument is `friend', then the other
+rulesets will be skipped if the recipient address is found and has RHS
+spamfriend. If the argument is `hater', then the other rulesets will be
+applied if the recipient address is found and has RHS spamhater.
+
+This allows for simple exceptions from the tests, e.g., by activating
+the spamfriend option and having
+
+ To:abuse@ SPAMFRIEND
+
+in the access map, mail to abuse@localdomain will get through. It is
+also possible to specify a full address or an address with +detail:
+
+ To:abuse@abuse.my.domain SPAMFRIEND
+ To:me+abuse@ SPAMFRIEND
+
+
+Header Checks
You can also reject mail on the basis of the contents of headers.
This is done by adding a ruleset call to the 'H' header definition command
@@ -1431,25 +1932,211 @@ a Message-ID: header:
R< $+ @ $+ > $@ OK
R$* $#error $: 553 Header Error
-Users of FEATURE(`nullclient') who desire to use the anti-spam and
-anti-relaying capabilities should replace FEATURE(`nullclient', `mailhub')
-with:
+The alternative format:
- undefine(`ALIAS_FILE')
- define(`MAIL_HUB', `mailhub')
- define(`SMART_HOST', `mailhub')
- define(`confFORWARD_PATH', `')
+ HSubject: $>+CheckSubject
-where mailhub is the fully qualified hostname for their mail server.
-The above rules will provide the relaying to the mailhub without local
-alias and forward file expansion. To match the other behavior of
-FEATURE(`nullclient'), you should also add these lines along with those
-listed above:
+that is, $>+ instead of $>, gives the full Subject: header including
+comments to the ruleset (comments in parentheses () are stripped
+by default).
- MASQUERADE_AS(`mailhub')
- FEATURE(`allmasquerade')
- FEATURE(`masquerade_envelope')
+A default ruleset for headers which don't have a specific ruleset
+defined for them can be given by:
+
+ H*: $>CheckHdr
+
+After all of the headers are read, the check_eoh ruleset will be called for
+any final header-related checks. The ruleset is called with the number of
+headers and the size of all of the headers in bytes separated by $|. One
+example usage is to reject messages which do not have a Message-Id:
+header. However, the Message-Id: header is *NOT* a required header and is
+not a guaranteed spam indicator. This ruleset is an example and should
+probably not be used in production.
+
+ LOCAL_CONFIG
+ Kstorage macro
+
+ LOCAL_RULESETS
+ HMessage-Id: $>CheckMessageId
+
+ SCheckMessageId
+ # Record the presence of the header
+ R$* $: $(storage {MessageIdCheck} $@ OK $) $1
+ R< $+ @ $+ > $@ OK
+ R$* $#error $: 553 Header Error
+
+ Scheck_eoh
+ # Check the macro
+ R$* $: < $&{MessageIdCheck} >
+ # Clear the macro for the next message
+ R$* $: $(storage {MessageIdCheck} $) $1
+ # Has a Message-Id: header
+ R< $+ > $@ OK
+ # Allow missing Message-Id: from local mail
+ R$* $: < $&{client_name} >
+ R< > $@ OK
+ R< $=w > $@ OK
+ # Otherwise, reject the mail
+ R$* $#error $: 553 Header Error
+
++--------------------------------+
+| STARTTLS |
++--------------------------------+
+
+In this text, cert will be used as an abreviation for X.509 certificate,
+DN is the distinguished name of a cert, and CA is a certification authority.
+
+Macros related to STARTTLS are:
+
+${cert_issuer} holds the DN of the CA (the cert issuer).
+${cert_subject} holds the DN of the cert (called the cert subject).
+${tls_version} the TLS/SSL version used for the connection, e.g., TLSv1,
+ SSLv3, SSLv2.
+${cipher} the cipher used for the connection, e.g., EDH-DSS-DES-CBC3-SHA,
+ EDH-RSA-DES-CBC-SHA, DES-CBC-MD5, DES-CBC3-SHA.
+${cipher_bits} the keylength (in bits) of the symmetric encryption algorithm
+ used for the connection.
+${verify} holds the result of the verification of the presented cert. Possible
+ values are:
+ OK verification succeeded.
+ NO no cert presented.
+ FAIL cert presented but could not be verified, e.g., the signing
+ CA is missing.
+ NONE STARTTLS has not been performed.
+ TEMP temporary error occurred.
+ PROTOCOL some protocol error occurred.
+ SOFTWARE STARTTLS handshake failed.
+${server_name} the name of the server of the current outgoing SMTP
+ connection.
+${server_addr} the address of the server of the current outgoing SMTP
+ connection.
+
+Relaying
+
+SMTP STARTTLS can allow relaying for senders who have successfully
+authenticated themselves. This is done in the ruleset RelayAuth. If the
+verification of the cert failed (${verify} != OK), relaying is subject to
+the usual rules. Otherwise the DN of the issuer is looked up in the access
+map using the tag CERTISSUER. If the resulting value is RELAY, relaying is
+allowed. If it is SUBJECT, the DN of the cert subject is looked up next in
+the access map. using the tag CERTSUBJECT. If the value is RELAY, relaying
+is allowed.
+
+To make things a bit more flexible (or complicated), the values for
+${cert_issuer} and ${cert_subject} can be optionally modified by regular
+expressions defined in the m4 variables _CERT_REGEX_ISSUER_ and
+_CERT_REGEX_SUBJECT_, respectively. To avoid problems with those macros in
+rulesets and map lookups, they are modified as follows: each non-printable
+character and the characters '<', '>', '(', ')', '"', '+' are replaced by
+their HEX value with a leading '+'. For example:
+
+/C=US/ST=California/O=endmail.org/OU=private/CN=Darth Mail (Cert)/Email=
+darth+cert@endmail.org
+
+is encoded as:
+
+/C=US/ST=California/O=endmail.org/OU=private/CN=
+Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org
+
+(line breaks have been inserted for readability).
+
+Of course it is also possible to write a simple rulesets that allows
+relaying for everyone who can present a cert that can be verified, e.g.,
+
+LOCAL_RULESETS
+SLocal_check_rcpt
+R$* $: $&{verify}
+ROK $# OK
+
+Allowing Connections
+
+The rulesets tls_server and tls_client are used to decide whether an SMTP
+connection is accepted (or should continue).
+
+tls_server is called when sendmail acts as client after a STARTTLS command
+(should) have been issued. The parameter is the value of ${verify}.
+
+tls_client is called when sendmail acts as server, after a STARTTLS command
+has been issued, and from check_mail. The parameter is the value of
+${verify} and STARTTLS or MAIL, respectively.
+
+Both rulesets behave the same. If no access map is in use, the connection
+will be accepted unless ${verify} is SOFTWARE, in which case the connection
+is always aborted. Otherwise, ${client_name} (${server_name}) is looked
+up in the access map using the tag TLS_Srv (or TLS_Clt), which is done
+with the ruleset LookUpDomain. If no entry is found, ${client_addr}
+(${server_addr}) is looked up in the access map (same tag, ruleset
+LookUpAddr). If this doesn't result in an entry either, just the tag is
+looked up in the access map (included the trailing :). The result of the
+lookups is then used to call the ruleset tls_connection, which checks the
+requirement specified by the RHS in the access map against the actual
+parameters of the current TLS connection, esp. ${verify} and
+${cipher_bits}. Legal RHSs in the access map are:
+
+VERIFY verification must have succeeded
+VERIFY:bits verification must have succeeded and ${cipher_bits} must
+ be greater than or equal bits.
+ENCR:bits ${cipher_bits} must be greater than or equal bits.
+
+The RHS can optionally be prefixed by TEMP+ or PERM+ to select a temporary
+or permanent error. The default is a temporary error code (403 4.7.0)
+unless the macro TLS_PERM_ERR is set during generation of the .cf file.
+
+If a certain level of encryption is required, then it might also be
+possible that this level is provided by the security layer from a SASL
+algorithm, e.g., DIGEST-MD5.
+
+Example: e-mail send to secure.example.com should only use an encrypted
+connection. e-mail received from hosts within the laptop.example.com domain
+should only be accepted if they have been authenticated.
+TLS_Srv:secure.example.com ENCR:112
+TLS_Clt:laptop.example.com PERM+VERIFY:112
+
+Received: Header
+
+The Received: header reveals whether STARTTLS has been used. It contains an
+extra line:
+
+(using ${tls_version} with cipher ${cipher} (${cipher_bits} bits) verified ${verify})
+
++--------------------------------+
+| SMTP AUTHENTICATION |
++--------------------------------+
+
+The macros ${auth_authen}, ${auth_author}, and ${auth_type} can be
+used in anti-relay rulesets to allow relaying for those users that
+authenticated themselves. A very simple example is:
+
+SLocal_check_rcpt
+R$* $: $&{auth_type}
+R$+ $# OK
+
+which checks whether a user has successfully authenticated using
+any available mechanism. Depending on the setup of the CYRUS SASL
+library, more sophisticated rulesets might be required, e.g.,
+
+SLocal_check_rcpt
+R$* $: $&{auth_type} $| $&{auth_authen}
+RDIGEST-MD5 $| $+@$=w $# OK
+
+to allow relaying for users that authenticated using DIGEST-MD5
+and have an identity in the local domains.
+The ruleset Strust_auth is used to determine whether a given AUTH=
+parameter (that is passed to this ruleset) should be trusted. This
+ruleset may make use of the other ${auth_*} macros. Only if the
+ruleset resolves to the error mailer, the AUTH= parameter is not
+trusted. A user supplied ruleset Local_trust_auth can be written
+to modify the default behavior, which only trust the AUTH=
+parameter if it is identical to the authenticated user.
+
+Per default, relaying is allowed for any user who authenticated
+via a "trusted" mechanism, i.e., one that is defined via
+TRUST_AUTH_MECH(`list of mechanisms')
+
+If the selected mechanism provides a security layer the number of
+bits used for the key of the symmetric cipher is stored in the
+macro ${auth_ssf}.
+--------------------------------+
| ADDING NEW MAILERS OR RULESETS |
@@ -1468,15 +2155,60 @@ LOCAL_RULESETS respectively. For example:
...
+#if _FFR_MILTER
++---------------------------+
+| ADDING NEW MAILER FILTERS |
++---------------------------+
+
+Sendmail supports mail filters to filter incoming SMTP messages according
+to the "Sendmail Mail Filter API" documentation. These filters can be
+configured in your mc file using the two commands:
+
+ MAIL_FILTER(`name', `equates')
+ INPUT_MAIL_FILTER(`name', `equates')
+
+The first command, MAIL_FILTER(), simply defines a filter with the given
+name and equates. For example:
+
+ MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R')
+
+This creates the equivalent sendmail.cf entry:
+
+ Xarchive, S=local:/var/run/archivesock, F=R
+
+The INPUT_MAIL_FILTER() command performs the same actions as MAIL_FILTER
+but also populates the m4 variable `confINPUT_MAIL_FILTERS' with the name
+of the filter such that the filter will actually be called by sendmail.
+
+For example, the two commands:
+
+ INPUT_MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R')
+ INPUT_MAIL_FILTER(`spamcheck', `S=inet:2525@localhost, F=T')
+
+are equivalent to the three commands:
+
+ MAIL_FILTER(`archive', `S=local:/var/run/archivesock, F=R')
+ MAIL_FILTER(`spamcheck', `S=inet:2525@localhost, F=T')
+ define(`confINPUT_MAIL_FILTERS', `archive, spamcheck')
+
+In general, INPUT_MAIL_FILTER() should be used unless you need to define
+more filters than you want to use for `confINPUT_MAIL_FILTERS'.
+
+Note that setting `confINPUT_MAIL_FILTERS' after any INPUT_MAIL_FILTER()
+commands will clear the list created by the prior INPUT_MAIL_FILTER()
+commands.
+#endif /* _FFR_MILTER */
+
+
+-------------------------------+
| NON-SMTP BASED CONFIGURATIONS |
+-------------------------------+
-These configuration files are designed primarily for use by SMTP-based
-sites. I don't pretend that they are well tuned for UUCP-only or
+These configuration files are designed primarily for use by
+SMTP-based sites. They may not be well tuned for UUCP-only or
UUCP-primarily nodes (the latter is defined as a small local net
-connected to the rest of the world via UUCP). However, there is one
-hook to handle some special cases.
+connected to the rest of the world via UUCP). However, there is
+one hook to handle some special cases.
You can define a ``smart host'' that understands a richer address syntax
using:
@@ -1490,12 +2222,12 @@ If you are on a local SMTP-based net that connects to the outside
world via UUCP, you can use LOCAL_NET_CONFIG to add appropriate rules.
For example:
- define(`SMART_HOST', `suucp:uunet')
+ define(`SMART_HOST', `uucp-new:uunet')
LOCAL_NET_CONFIG
R$* < @ $* .$m. > $* $#smtp $@ $2.$m. $: $1 < @ $2.$m. > $3
This will cause all names that end in your domain name ($m) via
-SMTP; anything else will be sent via suucp (smart UUCP) to uunet.
+SMTP; anything else will be sent via uucp-new (smart UUCP) to uunet.
If you have FEATURE(`nocanonify'), you may need to omit the dots after
the $m. If you are running a local DNS inside your domain which is
not otherwise connected to the outside world, you probably want to
@@ -1531,6 +2263,24 @@ name. This is usually done using:
define(`confDOMAIN_NAME', `$w.$m')dnl
++-----------------------------------+
+| ACCEPTING MAIL FOR MULTIPLE NAMES |
++-----------------------------------+
+
+If your host is known by several different names, you need to augment
+class {w}. This is a list of names by which your host is known, and
+anything sent to an address using a host name in this list will be
+treated as local mail. You can do this in two ways: either create the
+file /etc/mail/local-host-names containing a list of your aliases (one per
+line), and use ``FEATURE(`use_cw_file')'' in the .mc file, or add
+``LOCAL_DOMAIN(`alias.host.name')''. Be sure you use the fully-qualified
+name of the host, rather than a short name.
+
+If you want to have different address in different domains, take
+a look at the virtusertable feature, which is also explained at
+http://www.sendmail.org/virtual-hosting.html
+
+
+--------------------+
| USING MAILERTABLES |
+--------------------+
@@ -1540,13 +2290,13 @@ database containing the routing information for various domains.
For example, a mailertable file in text format might be:
.my.domain xnet:%1.my.domain
- uuhost1.my.domain suucp:uuhost1
+ uuhost1.my.domain uucp-new:uuhost1
.bitnet smtp:relay.bit.net
-This should normally be stored in /etc/mailertable. The actual
+This should normally be stored in /etc/mail/mailertable. The actual
database version of the mailertable is built using:
- makemap hash /etc/mailertable.db < /etc/mailertable
+ makemap hash /etc/mail/mailertable < /etc/mail/mailertable
The semantics are simple. Any LHS entry that does not begin with
a dot matches the full host name indicated. LHS entries beginning
@@ -1555,10 +2305,13 @@ they can be thought of as having a leading "*" wildcard. Matching
is done in order of most-to-least qualified -- for example, even
though ".my.domain" is listed first in the above example, an entry
of "uuhost1.my.domain" will match the second entry since it is
-more explicit.
+more explicit. Note: e-mail to "user@my.domain" does not match
+any entry in the above table. You need to have something like:
+
+ my.domain esmtp:host.my.domain
The RHS should always be a "mailer:host" pair. The mailer is the
-configuration name of a mailer (that is, an `M' line in the
+configuration name of a mailer (that is, an {M} line in the
sendmail.cf file). The "host" will be the hostname passed to
that mailer. In domain-based matches (that is, those with leading
dots) the "%1" may be used to interpolate the wildcarded part of
@@ -1588,7 +2341,7 @@ again, which would give you an MX loop.
The user database was not originally intended for mapping full names
to login names (e.g., Eric.Allman => eric), but some people are using
-it that way. (I would recommend that you set up aliases for this
+it that way. (it is recommended that you set up aliases for this
purpose instead -- since you can specify multiple alias files, this
is fairly easy.) The intent was to locate the default maildrop at
a site, but allow you to override this by sending to a specific host.
@@ -1599,20 +2352,18 @@ e-mail sent to Full.Name@local.host.name will be rejected.
To build the internal form of the user database, use:
- makemap btree /usr/data/base.db < /usr/data/base.txt
+ makemap btree /etc/mail/userdb < /etc/mail/userdb.txt
-As a general rule, I am adamantly opposed to using full names as
-e-mail addresses, since they are not in any sense unique. For example,
-the Unix software-development community has two Andy Tannenbaums,
-at least two well-known Peter Deutsches, and at one time Bell Labs
-had two Stephen R. Bournes with offices along the same hallway.
-Which one will be forced to suffer the indignity of being
-Stephen_R_Bourne_2? The less famous of the two, or the one that
-was hired later?
+As a general rule, it is an extremely bad idea to using full names
+as e-mail addresses, since they are not in any sense unique. For
+example, the Unix software-development community has at least two
+well-known Peter Deutsches, and at one time Bell Labs had two
+Stephen R. Bournes with offices along the same hallway. Which one
+will be forced to suffer the indignity of being Stephen_R_Bourne_2?
+The less famous of the two, or the one that was hired later?
Finger should handle full names (and be fuzzy). Mail should use
-handles, and not be fuzzy. [Not that I expect anyone to pay any
-attention to my opinions.]
+handles, and not be fuzzy.
+--------------------------------+
@@ -1634,11 +2385,6 @@ Plussed users
If that is not found, the alias "root+*" will be tried,
then "root".
-LDAP
- For notes on use LDAP in sendmail, see
- http://www.stanford.edu/~bbense/Inst.html
-
-
+----------------+
| SECURITY NOTES |
@@ -1673,7 +2419,7 @@ for. In particular:
files and programs listed in them will be honored).
In general, file giveaways are a mistake -- if you can turn them
-off I recommend you do so.
+off, do so.
+--------------------------------+
@@ -1711,38 +2457,44 @@ confDOMAIN_NAME $j macro If defined, sets $j. This should
domain name.
confCF_VERSION $Z macro If defined, this is appended to the
configuration version name.
-confFROM_HEADER From: [$?x$x <$g>$|$g$.] The format of an
+confFROM_HEADER From: [$?x$x <$g>$|$g$.] The format of an
internally generated From: address.
confRECEIVED_HEADER Received:
[$?sfrom $s $.$?_($?s$|from $.$_)
+ $.$?{auth_type}(authenticated)
$.by $j ($v/$Z)$?r with $r$. id $i$?u
for $u; $|;
$.$b]
The format of the Received: header
in messages passed through this host.
It is unwise to try to change this.
-confCW_FILE Fw class [/etc/sendmail.cw] Name of file used
- to get the local additions to the $=w
- (local host names) class.
-confCT_FILE Ft class [/etc/sendmail.ct] Name of file used
- to get the local additions to the $=t
- (trusted users) class.
+confCW_FILE Fw class [/etc/mail/local-host-names] Name
+ of file used to get the local
+ additions to class {w} (local host
+ names).
+confCT_FILE Ft class [/etc/mail/trusted-users] Name of
+ file used to get the local additions
+ to class {t} (trusted users).
confCR_FILE FR class [/etc/mail/relay-domains] Name of
file used to get the local additions
- to the $=R (hosts allowed to relay)
- class.
+ to class {R} (hosts allowed to relay).
confTRUSTED_USERS Ct class [no default] Names of users to add to
the list of trusted users. This list
always includes root, uucp, and daemon.
See also FEATURE(`use_ct_file').
+confTRUSTED_USER TrustedUser [no default] Trusted user for file
+ ownership and starting the daemon.
+ Not to be confused with
+ confTRUSTED_USERS (see above).
confSMTP_MAILER - [esmtp] The mailer name used when
SMTP connectivity is required.
- One of "smtp", "smtp8", or "esmtp".
+ One of "smtp", "smtp8",
+ "esmtp", or "dsmtp".
confUUCP_MAILER - [uucp-old] The mailer to be used by
default for bang-format recipient
addresses. See also discussion of
- $=U, $=Y, and $=Z in the MAILER(uucp)
- section.
+ class {U}, class {Y}, and class {Z}
+ in the MAILER(`uucp') section.
confLOCAL_MAILER - [local] The mailer name used when
local connectivity is required.
Almost always "local".
@@ -1770,7 +2522,7 @@ confMAX_MESSAGE_SIZE MaxMessageSize [infinite] The maximum size of messages
confBLANK_SUB BlankSub [.] Blank (space) substitution
character.
confCON_EXPENSIVE HoldExpensive [False] Avoid connecting immediately
- to mailers marked expensive?
+ to mailers marked expensive.
confCHECKPOINT_INTERVAL CheckpointInterval
[10] Checkpoint queue files every N
recipients.
@@ -1778,15 +2530,19 @@ confDELIVERY_MODE DeliveryMode [background] Default delivery mode.
confAUTO_REBUILD AutoRebuildAliases
[False] Automatically rebuild alias
file if needed.
+ There is a potential for a denial
+ of service attack if this is set.
+ This option is deprecated and will
+ be removed from a future version.
confERROR_MODE ErrorMode [print] Error message mode.
confERROR_MESSAGE ErrorHeader [undefined] Error message header/file.
confSAVE_FROM_LINES SaveFromLine Save extra leading From_ lines.
confTEMP_FILE_MODE TempFileMode [0600] Temporary file mode.
confMATCH_GECOS MatchGECOS [False] Match GECOS field.
confMAX_HOP MaxHopCount [25] Maximum hop count.
-confIGNORE_DOTS* IgnoreDots [False; always False in -bs or -bd mode]
- Ignore dot as terminator for incoming
- messages?
+confIGNORE_DOTS* IgnoreDots [False; always False in -bs or -bd
+ mode] Ignore dot as terminator for
+ incoming messages?
confBIND_OPTS ResolverOptions [undefined] Default options for DNS
resolver.
confMIME_FORMAT_ERRORS* SendMimeErrors [True] Send error messages as MIME-
@@ -1818,14 +2574,16 @@ confSINGLE_THREAD_DELIVERY SingleThreadDelivery
cached but otherwise idle connection
to a host will prevent other sendmails
from connecting to the other host.
-confUSE_ERRORS_TO* UserErrorsTo [False] Use the Errors-To: header to
+confUSE_ERRORS_TO* UseErrorsTo [False] Use the Errors-To: header to
deliver error messages. This should
not be necessary because of general
acceptance of the envelope/header
distinction.
confLOG_LEVEL LogLevel [9] Log level.
-confME_TOO MeToo [False] Include sender in group
- expansions.
+confME_TOO MeToo [True] Include sender in group
+ expansions. This option is
+ deprecated and will be removed from
+ a future version.
confCHECK_ALIASES CheckAliases [False] Check RHS of aliases when
running newaliases. Since this does
DNS lookups on every address, it can
@@ -1833,8 +2591,9 @@ confCHECK_ALIASES CheckAliases [False] Check RHS of aliases when
considerably on large alias files.
confOLD_STYLE_HEADERS* OldStyleHeaders [True] Assume that headers without
special chars are old style.
-confDAEMON_OPTIONS DaemonPortOptions
- [none] SMTP daemon options.
+confCLIENT_OPTIONS ClientPortOptions
+ [none] Options for outgoing SMTP client
+ connections.
confPRIVACY_FLAGS PrivacyOptions [authwarnings] Privacy flags.
confCOPY_ERRORS_TO PostmasterCopy [undefined] Address for additional
copies of all error messages.
@@ -1880,13 +2639,16 @@ confTO_QUIT Timeout.quit [2m] The timeout waiting for a response
to the QUIT command.
confTO_MISC Timeout.misc [2m] The timeout waiting for a response
to other SMTP commands.
-confTO_COMMAND Timeout.command [1h] In server SMTP, the timeout waiting
- for a command to be issued.
-confTO_IDENT Timeout.ident [30s] The timeout waiting for a response
- to an IDENT query.
+confTO_COMMAND Timeout.command [1h] In server SMTP, the timeout
+ waiting for a command to be issued.
+confTO_IDENT Timeout.ident [5s] The timeout waiting for a
+ response to an IDENT query.
confTO_FILEOPEN Timeout.fileopen
[60s] The timeout waiting for a file
(e.g., :include: file) to be opened.
+confTO_CONTROL Timeout.control
+ [2m] The timeout for a complete
+ control socket transaction to complete.
confTO_QUEUERETURN Timeout.queuereturn
[5d] The timeout before a message is
returned as undeliverable.
@@ -1905,7 +2667,8 @@ confTO_QUEUERETURN_NONURGENT
confTO_QUEUEWARN Timeout.queuewarn
[4h] The timeout before a warning
message is sent to the sender telling
- them that the message has been deferred.
+ them that the message has been
+ deferred.
confTO_QUEUEWARN_NORMAL Timeout.queuewarn.normal
[undefined] As above, for normal
priority messages.
@@ -1923,29 +2686,78 @@ confTO_HOSTSTATUS Timeout.hoststatus
be retried. This applies both within
a single queue run and to persistent
information (see below).
+confTO_RESOLVER_RETRANS Timeout.resolver.retrans
+ [varies] Sets the resolver's
+ retransmition time interval (in
+ seconds). Sets both
+ Timeout.resolver.retrans.first and
+ Timeout.resolver.retrans.normal.
+confTO_RESOLVER_RETRANS_FIRST Timeout.resolver.retrans.first
+ [varies] Sets the resolver's
+ retransmition time interval (in
+ seconds) for the first attempt to
+ deliver a message.
+confTO_RESOLVER_RETRANS_NORMAL Timeout.resolver.retrans.normal
+ [varies] Sets the resolver's
+ retransmition time interval (in
+ seconds) for all resolver lookups
+ except the first delivery attempt.
+confTO_RESOLVER_RETRY Timeout.resolver.retry
+ [varies] Sets the number of times
+ to retransmit a resolver query.
+ Sets both
+ Timeout.resolver.retry.first and
+ Timeout.resolver.retry.normal.
+confTO_RESOLVER_RETRY_FIRST Timeout.resolver.retry.first
+ [varies] Sets the number of times
+ to retransmit a resolver query for
+ the first attempt to deliver a
+ message.
+confTO_RESOLVER_RETRY_NORMAL Timeout.resolver.retry.normal
+ [varies] Sets the number of times
+ to retransmit a resolver query for
+ all resolver lookups except the
+ first delivery attempt.
confTIME_ZONE TimeZoneSpec [USE_SYSTEM] Time zone info -- can be
USE_SYSTEM to use the system's idea,
USE_TZ to use the user's TZ envariable,
or something else to force that value.
confDEF_USER_ID DefaultUser [1:1] Default user id.
confUSERDB_SPEC UserDatabaseSpec
- [undefined] User database specification.
+ [undefined] User database
+ specification.
confFALLBACK_MX FallbackMXhost [undefined] Fallback MX host.
-confTRY_NULL_MX_LIST TryNullMXList [False] If we are the best MX for a
- host and haven't made other
- arrangements, try connecting to the
- host directly; normally this would be
- a config error.
-confQUEUE_LA QueueLA [8] Load average at which queue-only
- function kicks in.
-confREFUSE_LA RefuseLA [12] Load average at which incoming
- SMTP connections are refused.
+confTRY_NULL_MX_LIST TryNullMXList [False] If this host is the best MX
+ for a host and other arrangements
+ haven't been made, try connecting
+ to the host directly; normally this
+ would be a config error.
+confQUEUE_LA QueueLA [varies] Load average at which
+ queue-only function kicks in.
+ Default values is (8 * numproc)
+ where numproc is the number of
+ processors online (if that can be
+ determined).
+confREFUSE_LA RefuseLA [varies] Load average at which
+ incoming SMTP connections are
+ refused. Default values is (12 *
+ numproc) where numproc is the
+ number of processors online (if
+ that can be determined).
+confMAX_ALIAS_RECURSION MaxAliasRecursion
+ [10] Maximum depth of alias recursion.
confMAX_DAEMON_CHILDREN MaxDaemonChildren
[undefined] The maximum number of
children the daemon will permit. After
this number, connections will be
rejected. If not set or <= 0, there is
no limit.
+confMAX_HEADERS_LENGTH MaxHeadersLength
+ [undefined] Maximum length of the sum
+ of all headers.
+confMAX_MIME_HEADER_LENGTH MaxMimeHeaderLength
+ [undefined] Maximum length of
+ certain MIME header field values.
confCONNECTION_RATE_THROTTLE ConnectionRateThrottle
[undefined] The maximum number of
connections permitted per second.
@@ -1955,12 +2767,12 @@ confCONNECTION_RATE_THROTTLE ConnectionRateThrottle
no limit.
confWORK_RECIPIENT_FACTOR
RecipientFactor [30000] Cost of each recipient.
-confSEPARATE_PROC ForkEachJob [False] Run all deliveries in a separate
- process.
+confSEPARATE_PROC ForkEachJob [False] Run all deliveries in a
+ separate process.
confWORK_CLASS_FACTOR ClassFactor [1800] Priority multiplier for class.
confWORK_TIME_FACTOR RetryFactor [90000] Cost of each delivery attempt.
confQUEUE_SORT_ORDER QueueSortOrder [Priority] Queue sort algorithm:
- Priority, Host, or Time.
+ Priority, Host, Filename, or Time.
confMIN_QUEUE_AGE MinQueueAge [0] The minimum amount of time a job
must sit in the queue between queue
runs. This allows you to set the
@@ -1971,9 +2783,10 @@ confDEF_CHAR_SET DefaultCharSet [unknown-8bit] When converting
unlabeled 8 bit input to MIME, the
character set to use by default.
confSERVICE_SWITCH_FILE ServiceSwitchFile
- [/etc/service.switch] The file to use
- for the service switch on systems that
- do not have a system-defined switch.
+ [/etc/mail/service.switch] The file
+ to use for the service switch on
+ systems that do not have a
+ system-defined switch.
confHOSTS_FILE HostsFile [/etc/hosts] The file to use when doing
"file" type access of hosts names.
confDIAL_DELAY DialDelay [0s] If a connection fails, wait this
@@ -2010,7 +2823,7 @@ confCOLON_OK_IN_ADDR ColonOkInAddr [True unless Configuration Level > 6]
confMAX_QUEUE_RUN_SIZE MaxQueueRunSize [0] If set, limit the maximum size of
any given queue run to this number of
entries. Essentially, this will stop
- reading the queue directory after this
+ reading each queue directory after this
number of entries are reached; it does
_not_ pick the highest priority jobs,
so this should be as large as your
@@ -2030,7 +2843,7 @@ confDONT_EXPAND_CNAMES DontExpandCnames
you may not see any effect until your
downstream neighbors stop doing CNAME
lookups as well.
-confFROM_LINE UnixFromLine [From $g $d] The From_ line used
+confFROM_LINE UnixFromLine [From $g $d] The From_ line used
when sending to files or programs.
confSINGLE_LINE_FROM_HEADER SingleLineFromHeader
[False] From: lines that have
@@ -2067,11 +2880,23 @@ confUNSAFE_GROUP_WRITES UnsafeGroupWrites
and files cannot be directly referenced
from such files. World-writable files
are always considered unsafe.
+confCONNECT_ONLY_TO ConnectOnlyTo [undefined] override connection
+ address (for testing).
+confCONTROL_SOCKET_NAME ControlSocketName
+ [undefined] Control socket for daemon
+ management.
confDOUBLE_BOUNCE_ADDRESS DoubleBounceAddress
[postmaster] If an error occurs when
sending an error message, send that
"double bounce" error message to this
address.
+confDEAD_LETTER_DROP DeadLetterDrop [undefined] Filename to save bounce
+ messages which could not be returned
+ to the user or sent to postmaster.
+ If not set, the queue file will
+ be renamed.
+confRRT_IMPLIES_DSN RrtImpliesDsn [False] Return-Receipt-To: header
+ implies DSN request.
confRUN_AS_USER RunAsUser [undefined] If set, become this user
when reading and delivering mail.
Causes all file reads (e.g., .forward
@@ -2091,13 +2916,18 @@ confMAX_RCPTS_PER_MESSAGE MaxRecipientsPerMessage
confDONT_PROBE_INTERFACES DontProbeInterfaces
[False] If set, sendmail will _not_
insert the names and addresses of any
- local interfaces into the $=w class
+ local interfaces into class {w}
(list of known "equivalent" addresses).
If you set this, you must also include
some support for these addresses (e.g.,
in a mailertable entry) -- otherwise,
mail to addresses in this list will
bounce with a configuration error.
+confPID_FILE PidFile [system dependent] Location of pid
+ file.
+confPROCESS_TITLE_PREFIX ProcessTitlePrefix
+ [undefined] Prefix string for the
+ process title shown on 'ps' listings.
confDONT_BLAME_SENDMAIL DontBlameSendmail
[safe] Override sendmail's file
safety checks. This will definitely
@@ -2107,10 +2937,139 @@ confDONT_BLAME_SENDMAIL DontBlameSendmail
confREJECT_MSG - [550 Access denied] The message
given if the access database contains
REJECT in the value portion.
+confDF_BUFFER_SIZE DataFileBufferSize
+ [4096] The maximum size of a
+ memory-buffered data (df) file
+ before a disk-based file is used.
+confXF_BUFFER_SIZE XScriptFileBufferSize
+ [4096] The maximum size of a
+ memory-buffered transcript (xf)
+ file before a disk-based file is
+ used.
+confAUTH_MECHANISMS AuthMechanisms [GSSAPI KERBEROS_V4 DIGEST-MD5
+ CRAM-MD5] List of authentication
+ mechanisms for AUTH (separated by
+ spaces). The advertised list of
+ authentication mechanisms will be the
+ intersection of this list and the list
+ of available mechanisms as determined
+ by the CYRUS SASL library.
+confDEF_AUTH_INFO DefaultAuthInfo [undefined] Filename that contains
+ authentication information for
+ outgoing connections. This file
+ must contain the user id, the
+ authorization id, the password
+ (plain text), and the realm to use,
+ each on a separate line and must be
+ readable by root (or the trusted
+ user) only. If no realm is
+ specified, $j is used.
+
+ NOTE: Currently, AuthMechanisms is
+ used to determine the list of
+ mechanisms to use on an outgoing
+ connection. Sites which require a
+ different list of mechanisms for
+ incoming connections and outgoing
+ connections will have the ability
+ to do this in 8.11 by specifying a
+ list of mechanisms as the fifth
+ line of the DefaultAuthInfo file.
+ If no mechanisms are given in the
+ file, AuthMechanisms is used. The
+ code for doing so is included as
+ in the sendmail source code but
+ disabled. It can be enabled by
+ recompiling sendmail with:
+ -D_FFR_DEFAUTHINFO_MECHS
+confAUTH_OPTIONS AuthOptions [undefined] If this options is 'A'
+ then the AUTH= parameter for the
+ MAIL FROM command is only issued
+ when authentication succeeded.
+confLDAP_DEFAULT_SPEC LDAPDefaultSpec [undefined] Default map
+ specification for LDAP maps. The
+ value should only contain LDAP
+ specific settings such as "-h host
+ -p port -d bindDN", etc. The
+ settings will be used for all LDAP
+ maps unless they are specified in
+ the individual map specification
+ ('K' command).
+confCACERT_PATH CACERTPath [undefined] Path to directory
+ with certs of CAs.
+confCACERT CACERTFile [undefined] File containing one CA
+ cert.
+confSERVER_CERT ServerCertFile [undefined] File containing the
+ cert of the server, i.e., this cert
+ is used when sendmail acts as
+ server.
+confSERVER_KEY ServerKeyFile [undefined] File containing the
+ private key belonging to the server
+ cert.
+confCLIENT_CERT ClientCertFile [undefined] File containing the
+ cert of the client, i.e., this cert
+ is used when sendmail acts as
+ client.
+confCLIENT_KEY ClientKeyFile [undefined] File containing the
+ private key belonging to the client
+ cert.
+confDH_PARAMETERS DHParameters [undefined] File containing the
+ DH parameters.
+confRAND_FILE RandFile [undefined] File containing random
+ data or the name of the Unix socket
+ if EGD is used. STARTTLS requires
+ this option if the compile flag
+ HASURANDOM is not set (see
+ sendmail/README).
See also the description of OSTYPE for some parameters that can be
tweaked (generally pathnames to mailers).
+DaemonPortOptions are a special case since multiple daemons can be
+defined. This can be done via
+
+ DAEMON_OPTIONS(`field1=value1,field2=value2,...')
+
+If DAEMON_OPTIONS is not used, then the default is
+
+ DAEMON_OPTIONS(`Port=smtp, Name=MTA')
+ DAEMON_OPTIONS(`Port=587, Name=MSA, M=E')
+
+If you use one DAEMON_OPTIONS macro, it will alter the parameters
+of the first of these. The second will still be defaulted; it
+represents a "Message Submission Agent" (MSA) as defined by RFC
+2476 (see below). To turn off the default definition for the MSA,
+use FEATURE(`no_default_msa') (see also FEATURES). If you use
+additional DAEMON_OPTIONS macros, they will add additional daemons.
+
+Example 1: To change the port for the SMTP listener, while
+still using the MSA default, use
+ DAEMON_OPTIONS(`Port=925, Name=MTA')
+
+Example 2: To change the port for the MSA daemon, while still
+using the default SMTP port, use
+ FEATURE(`no_default_msa')
+ DAEMON_OPTIONS(`Name=MTA')
+ DAEMON_OPTIONS(`Port=987, Name=MSA, M=E')
+
+Note that if the first of those DAEMON_OPTIONS lines were omitted, then
+there would be no listener on the standard SMTP port.
+
+Example 3: To listen on both IPv4 and IPv6 interfaces, use
+
+ DAEMON_OPTIONS(`Name=MTA-v4, Family=inet')
+ DAEMON_OPTIONS(`Name=MTA-v6, Family=inet6')
+
+A "Message Submission Agent" still uses all of the same rulesets for
+processing the message (and therefore still allows message rejection via
+the check_* rulesets). In accordance with the RFC, the MSA will ensure
+that all domains in the envelope are fully qualified if the message is
+relayed to another MTA. It will also enforce the normal address syntax
+rules and log error messages. Additionally, by using the M=a modifier
+you can require authentication before messages are accepted by the MSA.
+Finally, the M=E modifier shown above disables ETRN as required by RFC
+2476.
+
+-----------+
| HIERARCHY |
@@ -2151,7 +3110,6 @@ feature These hold special orthogonal features that you might
hack Local hacks. These can be referenced using the HACK
macro. They shouldn't be of more than voyeuristic
interest outside the .Berkeley.EDU domain, but who knows?
- We've all got our own peccadillos.
siteconfig Site configuration -- e.g., tables of locally connected
UUCP sites.
@@ -2213,7 +3171,7 @@ MACROS
J
K
L Luser Relay
- M Masquerade (who I claim to be)
+ M Masquerade (who you claim to be)
N
O
P
@@ -2221,10 +3179,10 @@ MACROS
R Relay (for unqualified names)
S Smart Host
T
- U my UUCP name (if I have a UUCP connection)
- V UUCP Relay (class V hosts)
- W UUCP Relay (class W hosts)
- X UUCP Relay (class X hosts)
+ U my UUCP name (if you have a UUCP connection)
+ V UUCP Relay (class {V} hosts)
+ W UUCP Relay (class {W} hosts)
+ X UUCP Relay (class {X} hosts)
Y UUCP Relay (all other hosts)
Z Version number
@@ -2236,7 +3194,7 @@ CLASSES
C
D
E addresses that should not seem to come from $M
- F hosts we forward for
+ F hosts this system forward for
G domains that should be looked up in genericstable
H
I
@@ -2244,11 +3202,11 @@ CLASSES
K
L addresses that should not be forwarded to $R
M domains that should be mapped to $M
- N
+ N host/domains that should not be mapped to $M
O operators that indicate network operations (cannot be in local names)
P top level pseudo-domains: BITNET, DECNET, FAX, UUCP, etc.
Q
- R domains we are willing to relay (pass anti-spam filters)
+ R domains this system is willing to relay (pass anti-spam filters)
S
T
U locally connected UUCP hosts
@@ -2270,5 +3228,7 @@ M4 DIVERSIONS
5 locally interpreted names (overrides $R)
6 local configuration (at top of file)
7 mailer definitions
- 8
+ 8 DNS based blacklists
9 special local rulesets (1 and 2)
+
+$Revision: 8.383.2.1.2.15 $, Last updated $Date: 2000/07/19 22:27:29 $
diff --git a/contrib/sendmail/cf/cf/Build b/contrib/sendmail/cf/cf/Build
index 3a91477cdf10..77055f2dbd83 100755
--- a/contrib/sendmail/cf/cf/Build
+++ b/contrib/sendmail/cf/cf/Build
@@ -1,13 +1,14 @@
#!/bin/sh
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
# the sendmail distribution.
#
#
-# @(#)Build 8.3 (Berkeley) 5/19/1998
+# $Id: Build,v 8.7 1999/03/02 02:37:12 peterh Exp $
#
#
@@ -15,7 +16,7 @@
#
SMROOT=${SMROOT-../..}
-BUILDTOOLS=${BUILDTOOLS-$SMROOT/BuildTools}
+BUILDTOOLS=${BUILDTOOLS-$SMROOT/devtools}
M4=`sh $BUILDTOOLS/bin/find_m4.sh`
ret=$?
diff --git a/contrib/sendmail/cf/cf/Makefile b/contrib/sendmail/cf/cf/Makefile
index 7d0f373d348e..1192228a59e4 100644
--- a/contrib/sendmail/cf/cf/Makefile
+++ b/contrib/sendmail/cf/cf/Makefile
@@ -1,7 +1,7 @@
#
# Makefile for configuration files.
#
-# @(#)Makefile 8.17 (Berkeley) 4/2/1998
+# $Id: Makefile,v 8.40 2000/02/01 22:07:15 gshapiro Exp $
#
#
@@ -24,21 +24,28 @@ RM= rm -f
$(M4) ${CFDIR}/m4/cf.m4 $*.mc > $@ || ( $(RM) $@ && exit 1 )
$(CHMOD) $(ROMODE) $@
-ALL= generic-bsd4.4.cf generic-hpux9.cf generic-hpux10.cf \
+GENERIC=generic-bsd4.4.cf generic-hpux9.cf generic-hpux10.cf \
+ generic-linux.cf \
generic-osf1.cf generic-solaris2.cf \
- generic-sunos4.1.cf generic-ultrix4.cf \
- cs-hpux9.cf cs-osf1.cf cs-solaris2.cf \
- cs-sunos4.1.cf cs-ultrix4.cf \
+ generic-sunos4.1.cf generic-ultrix4.cf
+BERKELEY=cs-hpux9.cf cs-osf1.cf cs-solaris2.cf \
+ cs-sunos4.1.cf cs-ultrix4.cf \
s2k-osf1.cf s2k-ultrix4.cf \
chez.cs.cf huginn.cs.cf mail.cs.cf mail.eecs.cf mailspool.cs.cf \
- python.cs.cf ucbarpa.cf ucbvax.cf vangogh.cs.cf knecht.cf
+ python.cs.cf ucbarpa.cf ucbvax.cf vangogh.cs.cf
+OTHER= knecht.cf
+ALL= $(GENERIC) $(BERKELEY) $(OTHER)
all: $(ALL)
+berkeley: $(BERKELEY)
+generic: $(GENERIC)
+other: $(OTHER)
+
clean cleandir:
$(RM) $(ALL) core
-depend install:
+depend install:
# this is overkill, but....
M4FILES=\
@@ -56,15 +63,19 @@ M4FILES=\
${CFDIR}/feature/bestmx_is_local.m4 \
${CFDIR}/feature/bitdomain.m4 \
${CFDIR}/feature/blacklist_recipients.m4 \
- ${CFDIR}/feature/loose_relay_check.m4 \
+ ${CFDIR}/feature/dnsbl.m4 \
${CFDIR}/feature/domaintable.m4 \
+ ${CFDIR}/feature/generics_entire_domain.m4 \
${CFDIR}/feature/genericstable.m4 \
+ ${CFDIR}/feature/ldap_routing.m4 \
${CFDIR}/feature/limited_masquerade.m4 \
${CFDIR}/feature/local_lmtp.m4 \
${CFDIR}/feature/local_procmail.m4 \
+ ${CFDIR}/feature/loose_relay_check.m4 \
${CFDIR}/feature/mailertable.m4 \
${CFDIR}/feature/masquerade_entire_domain.m4 \
${CFDIR}/feature/masquerade_envelope.m4 \
+ ${CFDIR}/feature/no_default_msa.m4 \
${CFDIR}/feature/nocanonify.m4 \
${CFDIR}/feature/nodns.m4 \
${CFDIR}/feature/notsticky.m4 \
@@ -77,49 +88,57 @@ M4FILES=\
${CFDIR}/feature/relay_entire_domain.m4 \
${CFDIR}/feature/relay_hosts_only.m4 \
${CFDIR}/feature/relay_local_from.m4 \
+ ${CFDIR}/feature/relay_mail_from.m4 \
${CFDIR}/feature/smrsh.m4 \
${CFDIR}/feature/stickyhost.m4 \
${CFDIR}/feature/use_ct_file.m4 \
${CFDIR}/feature/use_cw_file.m4 \
${CFDIR}/feature/uucpdomain.m4 \
+ ${CFDIR}/feature/virtuser_entire_domain.m4 \
${CFDIR}/feature/virtusertable.m4 \
${CFDIR}/hack/cssubdomain.m4 \
${CFDIR}/m4/cf.m4 \
${CFDIR}/m4/cfhead.m4 \
- ${CFDIR}/m4/nullrelay.m4 \
${CFDIR}/m4/proto.m4 \
${CFDIR}/m4/version.m4 \
${CFDIR}/mailer/cyrus.m4 \
${CFDIR}/mailer/fax.m4 \
${CFDIR}/mailer/local.m4 \
${CFDIR}/mailer/mail11.m4 \
+ ${CFDIR}/mailer/phquery.m4 \
${CFDIR}/mailer/pop.m4 \
${CFDIR}/mailer/procmail.m4 \
+ ${CFDIR}/mailer/qpage.m4 \
${CFDIR}/mailer/smtp.m4 \
${CFDIR}/mailer/usenet.m4 \
${CFDIR}/mailer/uucp.m4 \
${CFDIR}/ostype/aix2.m4 \
${CFDIR}/ostype/aix3.m4 \
+ ${CFDIR}/ostype/aix4.m4 \
${CFDIR}/ostype/altos.m4 \
${CFDIR}/ostype/amdahl-uts.m4 \
${CFDIR}/ostype/aux.m4 \
${CFDIR}/ostype/bsd4.3.m4 \
${CFDIR}/ostype/bsd4.4.m4 \
+ ${CFDIR}/ostype/bsdi.m4 \
${CFDIR}/ostype/bsdi1.0.m4 \
${CFDIR}/ostype/bsdi2.0.m4 \
${CFDIR}/ostype/dgux.m4 \
${CFDIR}/ostype/domainos.m4 \
${CFDIR}/ostype/dynix3.2.m4 \
- ${CFDIR}/ostype/gnuhurd.m4 \
+ ${CFDIR}/ostype/gnu.m4 \
${CFDIR}/ostype/hpux10.m4 \
+ ${CFDIR}/ostype/hpux11.m4 \
${CFDIR}/ostype/hpux9.m4 \
${CFDIR}/ostype/irix4.m4 \
${CFDIR}/ostype/irix5.m4 \
${CFDIR}/ostype/irix6.m4 \
+ ${CFDIR}/ostype/isc4.1.m4 \
${CFDIR}/ostype/linux.m4 \
${CFDIR}/ostype/maxion.m4 \
${CFDIR}/ostype/mklinux.m4 \
${CFDIR}/ostype/nextstep.m4 \
+ ${CFDIR}/ostype/openbsd.m4 \
${CFDIR}/ostype/osf1.m4 \
${CFDIR}/ostype/powerux.m4 \
${CFDIR}/ostype/ptx2.m4 \
@@ -127,17 +146,19 @@ M4FILES=\
${CFDIR}/ostype/riscos4.5.m4 \
${CFDIR}/ostype/sco-uw-2.1.m4 \
${CFDIR}/ostype/sco3.2.m4 \
+ ${CFDIR}/ostype/sinix.m4 \
${CFDIR}/ostype/solaris2.m4 \
${CFDIR}/ostype/solaris2.ml.m4 \
+ ${CFDIR}/ostype/solaris2.pre5.m4 \
${CFDIR}/ostype/sunos3.5.m4 \
${CFDIR}/ostype/sunos4.1.m4 \
${CFDIR}/ostype/svr4.m4 \
${CFDIR}/ostype/ultrix4.m4 \
+ ${CFDIR}/ostype/unixware7.m4 \
${CFDIR}/ostype/unknown.m4 \
- ${CFDIR}/ostype/uxpds.m4 \
- ${CFDIR}/siteconfig/uucp.cogsci.m4 \
- ${CFDIR}/siteconfig/uucp.old.arpa.m4 \
- ${CFDIR}/siteconfig/uucp.ucbarpa.m4 \
- ${CFDIR}/siteconfig/uucp.ucbvax.m4 \
+ ${CFDIR}/ostype/uxpds.m4
-$(ALL): $(M4FILES)
+$(ALL): $(M4FILES)
+$(BERKELEY): $(M4FILES)
+$(GENERIC): $(M4FILES)
+$(OTHER): $(M4FILES)
diff --git a/contrib/sendmail/cf/cf/chez.cs.mc b/contrib/sendmail/cf/cf/chez.cs.mc
index a5334b5a50ab..bb335a49096d 100644
--- a/contrib/sendmail/cf/cf/chez.cs.mc
+++ b/contrib/sendmail/cf/cf/chez.cs.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -23,7 +24,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)chez.cs.mc 8.11 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: chez.cs.mc,v 8.14 1999/02/07 07:25:59 gshapiro Exp $')
OSTYPE(bsd4.4)dnl
DOMAIN(CS.Berkeley.EDU)dnl
define(`LOCAL_RELAY', vangogh.CS.Berkeley.EDU)dnl
diff --git a/contrib/sendmail/cf/cf/clientproto.mc b/contrib/sendmail/cf/cf/clientproto.mc
index b0fd9bdf4a5e..ecdbddf2a482 100644
--- a/contrib/sendmail/cf/cf/clientproto.mc
+++ b/contrib/sendmail/cf/cf/clientproto.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -19,15 +20,10 @@ divert(-1)
# To use this, you MUST use the nullclient feature with the name of
# the mail hub as its argument. You MUST also define an `OSTYPE' to
# define the location of the queue directories and the like.
-# In addition, you MAY select the nocanonify feature. This causes
-# addresses to be sent unqualified via the SMTP connection; normally
-# they are qualifed with the masquerade name, which defaults to the
-# name of the hub machine.
-# Other than these, it should never contain any other lines.
#
divert(0)dnl
-VERSIONID(`@(#)clientproto.mc 8.12 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: clientproto.mc,v 8.16 2000/03/21 21:05:26 ca Exp $')
OSTYPE(unknown)
FEATURE(nullclient, mailhost.$m)
diff --git a/contrib/sendmail/cf/cf/cs-hpux10.mc b/contrib/sendmail/cf/cf/cs-hpux10.mc
index 0be009c5b6b1..f384b5f7a0c9 100644
--- a/contrib/sendmail/cf/cf/cs-hpux10.mc
+++ b/contrib/sendmail/cf/cf/cs-hpux10.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -22,7 +23,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)cs-hpux10.mc 8.10 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: cs-hpux10.mc,v 8.13 1999/02/07 07:26:00 gshapiro Exp $')
OSTYPE(hpux10)dnl
DOMAIN(CS.Berkeley.EDU)dnl
define(`MAIL_HUB', mailspool.CS.Berkeley.EDU)dnl
diff --git a/contrib/sendmail/cf/cf/cs-hpux9.mc b/contrib/sendmail/cf/cf/cs-hpux9.mc
index 9b5edfe3ea48..664377e5eaf3 100644
--- a/contrib/sendmail/cf/cf/cs-hpux9.mc
+++ b/contrib/sendmail/cf/cf/cs-hpux9.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -22,7 +23,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)cs-hpux9.mc 8.11 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: cs-hpux9.mc,v 8.14 1999/02/07 07:26:00 gshapiro Exp $')
OSTYPE(hpux9)dnl
DOMAIN(CS.Berkeley.EDU)dnl
define(`MAIL_HUB', mailspool.CS.Berkeley.EDU)dnl
diff --git a/contrib/sendmail/cf/cf/cs-osf1.mc b/contrib/sendmail/cf/cf/cs-osf1.mc
index 230023ceb137..09d6e49160b3 100644
--- a/contrib/sendmail/cf/cf/cs-osf1.mc
+++ b/contrib/sendmail/cf/cf/cs-osf1.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -22,7 +23,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)cs-osf1.mc 8.10 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: cs-osf1.mc,v 8.13 1999/02/07 07:26:00 gshapiro Exp $')
OSTYPE(osf1)dnl
DOMAIN(CS.Berkeley.EDU)dnl
MAILER(local)dnl
diff --git a/contrib/sendmail/cf/cf/cs-solaris2.mc b/contrib/sendmail/cf/cf/cs-solaris2.mc
index 03fd5e275586..c802b50f8923 100644
--- a/contrib/sendmail/cf/cf/cs-solaris2.mc
+++ b/contrib/sendmail/cf/cf/cs-solaris2.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -22,7 +23,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)cs-solaris2.mc 8.9 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: cs-solaris2.mc,v 8.12 1999/02/07 07:26:00 gshapiro Exp $')
OSTYPE(solaris2)dnl
DOMAIN(CS.Berkeley.EDU)dnl
MAILER(local)dnl
diff --git a/contrib/sendmail/cf/cf/cs-sunos4.1.mc b/contrib/sendmail/cf/cf/cs-sunos4.1.mc
index 39136399732a..6263e118e042 100644
--- a/contrib/sendmail/cf/cf/cs-sunos4.1.mc
+++ b/contrib/sendmail/cf/cf/cs-sunos4.1.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -22,7 +23,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)cs-sunos4.1.mc 8.10 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: cs-sunos4.1.mc,v 8.13 1999/02/07 07:26:01 gshapiro Exp $')
OSTYPE(sunos4.1)dnl
DOMAIN(CS.Berkeley.EDU)dnl
MAILER(local)dnl
diff --git a/contrib/sendmail/cf/cf/cs-ultrix4.mc b/contrib/sendmail/cf/cf/cs-ultrix4.mc
index a12b9898ef35..7669823bf33d 100644
--- a/contrib/sendmail/cf/cf/cs-ultrix4.mc
+++ b/contrib/sendmail/cf/cf/cs-ultrix4.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -22,7 +23,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)cs-ultrix4.mc 8.10 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: cs-ultrix4.mc,v 8.13 1999/02/07 07:26:02 gshapiro Exp $')
OSTYPE(ultrix4)dnl
DOMAIN(CS.Berkeley.EDU)dnl
MAILER(local)dnl
diff --git a/contrib/sendmail/cf/cf/cyrusproto.mc b/contrib/sendmail/cf/cf/cyrusproto.mc
index c660898b738f..8fa00ceee8fc 100644
--- a/contrib/sendmail/cf/cf/cyrusproto.mc
+++ b/contrib/sendmail/cf/cf/cyrusproto.mc
@@ -1,17 +1,17 @@
divert(-1)
#
# (C) Copyright 1995 by Carnegie Mellon University
-#
+#
# All Rights Reserved
-#
-# Permission to use, copy, modify, and distribute this software and its
-# documentation for any purpose and without fee is hereby granted,
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose and without fee is hereby granted,
# provided that the above copyright notice appear in all copies and that
-# both that copyright notice and this permission notice appear in
+# both that copyright notice and this permission notice appear in
# supporting documentation, and that the name of CMU not be
# used in advertising or publicity pertaining to distribution of the
-# software without specific, written prior permission.
-#
+# software without specific, written prior permission.
+#
# CMU DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING
# ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL
# CMU BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR
@@ -27,15 +27,14 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)cyrusproto.mc 8.3 (Carnegie Mellon) @(#)cyrusproto.mc 8.3')
+VERSIONID(`$Id: cyrusproto.mc,v 8.7 1999/09/07 14:57:10 ca Exp $')
define(`confBIND_OPTS',`-DNSRCH -DEFNAMES')
-FEATURE(nouucp)
-FEATURE(nocanonify)
-FEATURE(always_add_domain)
-MAILER(smtp)
-MAILER(cyrus)
-
-define(`confLOCAL_MAILER',`cyrus')
+define(`confLOCAL_MAILER', `cyrus')
+FEATURE(`nocanonify')
+FEATURE(`always_add_domain')
+MAILER(`local')
+MAILER(`smtp')
+MAILER(`cyrus')
LOCAL_RULE_0
Rbb + $+ < @ $=w . > $#cyrusbb $: $1
diff --git a/contrib/sendmail/cf/cf/generic-bsd4.4.mc b/contrib/sendmail/cf/cf/generic-bsd4.4.mc
index b09760532d49..18ea8b3b8766 100644
--- a/contrib/sendmail/cf/cf/generic-bsd4.4.mc
+++ b/contrib/sendmail/cf/cf/generic-bsd4.4.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -20,7 +21,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)generic-bsd4.4.mc 8.7 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: generic-bsd4.4.mc,v 8.10 1999/02/07 07:26:02 gshapiro Exp $')
OSTYPE(bsd4.4)dnl
DOMAIN(generic)dnl
MAILER(local)dnl
diff --git a/contrib/sendmail/cf/cf/generic-hpux10.mc b/contrib/sendmail/cf/cf/generic-hpux10.mc
index 200050557c7f..4db6687821dc 100644
--- a/contrib/sendmail/cf/cf/generic-hpux10.mc
+++ b/contrib/sendmail/cf/cf/generic-hpux10.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -19,7 +20,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)generic-hpux10.mc 8.8 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: generic-hpux10.mc,v 8.11 1999/02/07 07:26:02 gshapiro Exp $')
OSTYPE(hpux10)dnl
DOMAIN(generic)dnl
MAILER(local)dnl
diff --git a/contrib/sendmail/cf/cf/generic-hpux9.mc b/contrib/sendmail/cf/cf/generic-hpux9.mc
index 531b4eec5572..739207c71449 100644
--- a/contrib/sendmail/cf/cf/generic-hpux9.mc
+++ b/contrib/sendmail/cf/cf/generic-hpux9.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -19,7 +20,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)generic-hpux9.mc 8.8 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: generic-hpux9.mc,v 8.11 1999/02/07 07:26:02 gshapiro Exp $')
OSTYPE(hpux9)dnl
DOMAIN(generic)dnl
MAILER(local)dnl
diff --git a/contrib/sendmail/cf/cf/generic-linux.mc b/contrib/sendmail/cf/cf/generic-linux.mc
new file mode 100644
index 000000000000..f86e2630823a
--- /dev/null
+++ b/contrib/sendmail/cf/cf/generic-linux.mc
@@ -0,0 +1,27 @@
+divert(-1)
+#
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+#
+
+#
+# This is a generic configuration file for Linux.
+# It has support for local and SMTP mail only. If you want to
+# customize it, copy it to a name appropriate for your environment
+# and do the modifications there.
+#
+
+divert(0)dnl
+VERSIONID(`$Id: generic-linux.mc,v 8.1 1999/09/24 22:48:05 gshapiro Exp $')
+OSTYPE(linux)dnl
+DOMAIN(generic)dnl
+MAILER(local)dnl
+MAILER(smtp)dnl
diff --git a/contrib/sendmail/cf/cf/generic-nextstep3.3.mc b/contrib/sendmail/cf/cf/generic-nextstep3.3.mc
index 1511ce7bb919..14b46d387df0 100644
--- a/contrib/sendmail/cf/cf/generic-nextstep3.3.mc
+++ b/contrib/sendmail/cf/cf/generic-nextstep3.3.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -19,7 +20,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)generic-nextstep3.3.mc 8.7 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: generic-nextstep3.3.mc,v 8.10 1999/02/07 07:26:02 gshapiro Exp $')
OSTYPE(nextstep)dnl
DOMAIN(generic)dnl
MAILER(local)dnl
diff --git a/contrib/sendmail/cf/cf/generic-osf1.mc b/contrib/sendmail/cf/cf/generic-osf1.mc
index 83858d13680a..9cd4e77b6a24 100644
--- a/contrib/sendmail/cf/cf/generic-osf1.mc
+++ b/contrib/sendmail/cf/cf/generic-osf1.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -19,7 +20,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)generic-osf1.mc 8.8 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: generic-osf1.mc,v 8.11 1999/02/07 07:26:02 gshapiro Exp $')
OSTYPE(osf1)dnl
DOMAIN(generic)dnl
MAILER(local)dnl
diff --git a/contrib/sendmail/cf/cf/generic-solaris2.mc b/contrib/sendmail/cf/cf/generic-solaris2.mc
index a696e019a9aa..96d9030ce7e3 100644
--- a/contrib/sendmail/cf/cf/generic-solaris2.mc
+++ b/contrib/sendmail/cf/cf/generic-solaris2.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -19,7 +20,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)generic-solaris2.mc 8.8 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: generic-solaris2.mc,v 8.11 1999/02/07 07:26:03 gshapiro Exp $')
OSTYPE(solaris2)dnl
DOMAIN(generic)dnl
MAILER(local)dnl
diff --git a/contrib/sendmail/cf/cf/generic-sunos4.1.mc b/contrib/sendmail/cf/cf/generic-sunos4.1.mc
index fc0de356137b..a27d099e0442 100644
--- a/contrib/sendmail/cf/cf/generic-sunos4.1.mc
+++ b/contrib/sendmail/cf/cf/generic-sunos4.1.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -19,7 +20,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)generic-sunos4.1.mc 8.8 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: generic-sunos4.1.mc,v 8.11 1999/02/07 07:26:03 gshapiro Exp $')
OSTYPE(sunos4.1)dnl
DOMAIN(generic)dnl
MAILER(local)dnl
diff --git a/contrib/sendmail/cf/cf/generic-ultrix4.mc b/contrib/sendmail/cf/cf/generic-ultrix4.mc
index 6fed36e8af5d..913edb58603f 100644
--- a/contrib/sendmail/cf/cf/generic-ultrix4.mc
+++ b/contrib/sendmail/cf/cf/generic-ultrix4.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -19,7 +20,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)generic-ultrix4.mc 8.8 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: generic-ultrix4.mc,v 8.11 1999/02/07 07:26:03 gshapiro Exp $')
OSTYPE(ultrix4)dnl
DOMAIN(generic)dnl
MAILER(local)dnl
diff --git a/contrib/sendmail/cf/cf/huginn.cs.mc b/contrib/sendmail/cf/cf/huginn.cs.mc
index a58d121f09ae..117a236af0f9 100644
--- a/contrib/sendmail/cf/cf/huginn.cs.mc
+++ b/contrib/sendmail/cf/cf/huginn.cs.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -21,7 +22,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)huginn.cs.mc 8.12 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: huginn.cs.mc,v 8.15 1999/02/07 07:26:03 gshapiro Exp $')
OSTYPE(hpux9)dnl
DOMAIN(CS.Berkeley.EDU)dnl
MASQUERADE_AS(CS.Berkeley.EDU)dnl
diff --git a/contrib/sendmail/cf/cf/knecht.mc b/contrib/sendmail/cf/cf/knecht.mc
index 4ba1471c0012..cd467f65ce6a 100644
--- a/contrib/sendmail/cf/cf/knecht.mc
+++ b/contrib/sendmail/cf/cf/knecht.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -16,8 +17,8 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)knecht.mc 8.31 (Berkeley) 1/30/1999')
-OSTYPE(bsd4.4)dnl
+VERSIONID(`$Id: knecht.mc,v 8.37 1999/11/19 05:18:12 gshapiro Exp $')
+OSTYPE(bsdi)dnl
DOMAIN(generic)dnl
define(`confFORWARD_PATH', `$z/.forward.$w:$z/.forward+$h:$z/.forward')dnl
define(`confDEF_USER_ID', `mailnull')dnl
@@ -27,10 +28,10 @@ define(`confCOPY_ERRORS_TO', `Postmaster')dnl
define(`confTO_QUEUEWARN', `8h')dnl
define(`confTRUSTED_USERS', `www')dnl
define(`confPRIVACY_FLAGS', ``authwarnings,noexpn,novrfy'')dnl
-FEATURE(virtusertable, `hash /etc/mail/virtusertable')dnl
+FEATURE(virtusertable)dnl
FEATURE(access_db)dnl
FEATURE(local_lmtp)dnl
-define(`LOCAL_MAILER_FLAGS', CONCAT(LOCAL_MAILER_FLAGS,P))dnl
+MODIFY_MAILER_FLAGS(`LOCAL', `+P')dnl
MAILER(local)dnl
MAILER(smtp)dnl
@@ -39,10 +40,9 @@ LOCAL_CONFIG
# Regular expression to reject:
# * numeric-only localparts from aol.com and msn.com
# * localparts starting with a digit from juno.com
-# * localparts longer than 10 characters from aol.com
#
Kcheckaddress regex -a@MATCH
- ^([0-9]+<@(aol|msn)\.com|[0-9][^<]*<@juno\.com|.{10}[^<]+<@aol\.com)\.?>
+ ^([0-9]+<@(aol|msn)\.com|[0-9][^<]*<@juno\.com)\.?>
#
# Names that won't be allowed in a To: line (local-part and domains)
diff --git a/contrib/sendmail/cf/cf/mail.cs.mc b/contrib/sendmail/cf/cf/mail.cs.mc
index 8abd9451ca9b..6bd778258c1d 100644
--- a/contrib/sendmail/cf/cf/mail.cs.mc
+++ b/contrib/sendmail/cf/cf/mail.cs.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -21,7 +22,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)mail.cs.mc 8.15 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: mail.cs.mc,v 8.18 1999/02/07 07:26:04 gshapiro Exp $')
OSTYPE(ultrix4)dnl
DOMAIN(Berkeley.EDU)dnl
MASQUERADE_AS(CS.Berkeley.EDU)dnl
diff --git a/contrib/sendmail/cf/cf/mail.eecs.mc b/contrib/sendmail/cf/cf/mail.eecs.mc
index 6522141d265c..bf7d4081ccf2 100644
--- a/contrib/sendmail/cf/cf/mail.eecs.mc
+++ b/contrib/sendmail/cf/cf/mail.eecs.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -21,7 +22,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)mail.eecs.mc 8.15 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: mail.eecs.mc,v 8.18 1999/02/07 07:26:04 gshapiro Exp $')
OSTYPE(ultrix4)dnl
DOMAIN(EECS.Berkeley.EDU)dnl
MASQUERADE_AS(EECS.Berkeley.EDU)dnl
diff --git a/contrib/sendmail/cf/cf/mailspool.cs.mc b/contrib/sendmail/cf/cf/mailspool.cs.mc
index 08dcce6cc9c7..0414e4c3fa89 100644
--- a/contrib/sendmail/cf/cf/mailspool.cs.mc
+++ b/contrib/sendmail/cf/cf/mailspool.cs.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -23,7 +24,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)mailspool.cs.mc 8.9 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: mailspool.cs.mc,v 8.12 1999/02/07 07:26:04 gshapiro Exp $')
OSTYPE(sunos4.1)dnl
DOMAIN(CS.Berkeley.EDU)dnl
MAILER(local)dnl
diff --git a/contrib/sendmail/cf/cf/python.cs.mc b/contrib/sendmail/cf/cf/python.cs.mc
index ddf4fc34300b..c3b3e0da0eb0 100644
--- a/contrib/sendmail/cf/cf/python.cs.mc
+++ b/contrib/sendmail/cf/cf/python.cs.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -23,7 +24,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)python.cs.mc 8.9 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: python.cs.mc,v 8.12 1999/02/07 07:26:04 gshapiro Exp $')
OSTYPE(bsd4.4)dnl
DOMAIN(CS.Berkeley.EDU)dnl
define(`LOCAL_RELAY', vangogh.CS.Berkeley.EDU)dnl
diff --git a/contrib/sendmail/cf/cf/s2k-osf1.mc b/contrib/sendmail/cf/cf/s2k-osf1.mc
index 6f1099a69fd3..6ec08feae87f 100644
--- a/contrib/sendmail/cf/cf/s2k-osf1.mc
+++ b/contrib/sendmail/cf/cf/s2k-osf1.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -22,7 +23,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)s2k-osf1.mc 8.10 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: s2k-osf1.mc,v 8.13 1999/02/07 07:26:04 gshapiro Exp $')
OSTYPE(osf1)dnl
DOMAIN(S2K.Berkeley.EDU)dnl
MAILER(local)dnl
diff --git a/contrib/sendmail/cf/cf/s2k-ultrix4.mc b/contrib/sendmail/cf/cf/s2k-ultrix4.mc
index db8e45599753..4bf493979584 100644
--- a/contrib/sendmail/cf/cf/s2k-ultrix4.mc
+++ b/contrib/sendmail/cf/cf/s2k-ultrix4.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -22,7 +23,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)s2k-ultrix4.mc 8.10 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: s2k-ultrix4.mc,v 8.13 1999/02/07 07:26:04 gshapiro Exp $')
OSTYPE(ultrix4)dnl
DOMAIN(S2K.Berkeley.EDU)dnl
MAILER(local)dnl
diff --git a/contrib/sendmail/cf/cf/tcpproto.mc b/contrib/sendmail/cf/cf/tcpproto.mc
index 692a08fbb375..bdba7ef6f792 100644
--- a/contrib/sendmail/cf/cf/tcpproto.mc
+++ b/contrib/sendmail/cf/cf/tcpproto.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -25,7 +26,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)tcpproto.mc 8.10 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: tcpproto.mc,v 8.13 1999/02/07 07:26:05 gshapiro Exp $')
OSTYPE(unknown)
FEATURE(nouucp)
MAILER(local)
diff --git a/contrib/sendmail/cf/cf/ucbarpa.mc b/contrib/sendmail/cf/cf/ucbarpa.mc
index 40bb6c22636c..26b2ce095d77 100644
--- a/contrib/sendmail/cf/cf/ucbarpa.mc
+++ b/contrib/sendmail/cf/cf/ucbarpa.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -20,7 +21,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)ucbarpa.mc 8.9 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: ucbarpa.mc,v 8.12 1999/02/07 07:26:05 gshapiro Exp $')
DOMAIN(CS.Berkeley.EDU)dnl
OSTYPE(bsd4.4)dnl
MAILER(local)dnl
diff --git a/contrib/sendmail/cf/cf/ucbvax.mc b/contrib/sendmail/cf/cf/ucbvax.mc
index 2395f8264559..235d9aa25bca 100644
--- a/contrib/sendmail/cf/cf/ucbvax.mc
+++ b/contrib/sendmail/cf/cf/ucbvax.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -21,7 +22,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)ucbvax.mc 8.11 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: ucbvax.mc,v 8.14 1999/02/07 07:26:05 gshapiro Exp $')
OSTYPE(bsd4.3)
DOMAIN(CS.Berkeley.EDU)
MASQUERADE_AS(CS.Berkeley.EDU)
diff --git a/contrib/sendmail/cf/cf/uucpproto.mc b/contrib/sendmail/cf/cf/uucpproto.mc
index a547d1037fa6..134c8f41b9ed 100644
--- a/contrib/sendmail/cf/cf/uucpproto.mc
+++ b/contrib/sendmail/cf/cf/uucpproto.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -25,7 +26,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)uucpproto.mc 8.12 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: uucpproto.mc,v 8.15 1999/02/07 07:26:05 gshapiro Exp $')
OSTYPE(unknown)
FEATURE(promiscuous_relay)dnl
FEATURE(accept_unresolvable_domains)dnl
diff --git a/contrib/sendmail/cf/cf/vangogh.cs.mc b/contrib/sendmail/cf/cf/vangogh.cs.mc
index f60dca79c368..3fb48e131e74 100644
--- a/contrib/sendmail/cf/cf/vangogh.cs.mc
+++ b/contrib/sendmail/cf/cf/vangogh.cs.mc
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -22,7 +23,7 @@ divert(-1)
#
divert(0)dnl
-VERSIONID(`@(#)vangogh.cs.mc 8.10 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: vangogh.cs.mc,v 8.13 1999/02/07 07:26:05 gshapiro Exp $')
DOMAIN(CS.Berkeley.EDU)dnl
OSTYPE(bsd4.4)dnl
MAILER(local)dnl
diff --git a/contrib/sendmail/cf/domain/Berkeley.EDU.m4 b/contrib/sendmail/cf/domain/Berkeley.EDU.m4
index 85d5e5be60d5..d0fee24763ef 100644
--- a/contrib/sendmail/cf/domain/Berkeley.EDU.m4
+++ b/contrib/sendmail/cf/domain/Berkeley.EDU.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -11,7 +12,7 @@ divert(-1)
#
#
divert(0)
-VERSIONID(`@(#)Berkeley.EDU.m4 8.14 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: Berkeley.EDU.m4,v 8.17 1999/02/07 07:26:06 gshapiro Exp $')
DOMAIN(berkeley-only)dnl
define(`BITNET_RELAY', `bitnet-relay.Berkeley.EDU')dnl
define(`UUCP_RELAY', `uucp-relay.Berkeley.EDU')dnl
diff --git a/contrib/sendmail/cf/domain/CS.Berkeley.EDU.m4 b/contrib/sendmail/cf/domain/CS.Berkeley.EDU.m4
index 5609ce8464a5..181ced1451cb 100644
--- a/contrib/sendmail/cf/domain/CS.Berkeley.EDU.m4
+++ b/contrib/sendmail/cf/domain/CS.Berkeley.EDU.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -11,7 +12,7 @@ divert(-1)
#
#
divert(0)
-VERSIONID(`@(#)CS.Berkeley.EDU.m4 8.7 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: CS.Berkeley.EDU.m4,v 8.10 1999/02/07 07:26:06 gshapiro Exp $')
DOMAIN(Berkeley.EDU)dnl
HACK(cssubdomain)dnl
define(`confUSERDB_SPEC',
diff --git a/contrib/sendmail/cf/domain/EECS.Berkeley.EDU.m4 b/contrib/sendmail/cf/domain/EECS.Berkeley.EDU.m4
index 095fbc800e6e..41a21ade2e1b 100644
--- a/contrib/sendmail/cf/domain/EECS.Berkeley.EDU.m4
+++ b/contrib/sendmail/cf/domain/EECS.Berkeley.EDU.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -11,6 +12,6 @@ divert(-1)
#
#
divert(0)
-VERSIONID(`@(#)EECS.Berkeley.EDU.m4 8.7 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: EECS.Berkeley.EDU.m4,v 8.10 1999/02/07 07:26:06 gshapiro Exp $')
DOMAIN(Berkeley.EDU)dnl
MASQUERADE_AS(EECS.Berkeley.EDU)dnl
diff --git a/contrib/sendmail/cf/domain/S2K.Berkeley.EDU.m4 b/contrib/sendmail/cf/domain/S2K.Berkeley.EDU.m4
index a951f8b24e34..9a019ce8b4d8 100644
--- a/contrib/sendmail/cf/domain/S2K.Berkeley.EDU.m4
+++ b/contrib/sendmail/cf/domain/S2K.Berkeley.EDU.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -11,6 +12,6 @@ divert(-1)
#
#
divert(0)
-VERSIONID(`@(#)S2K.Berkeley.EDU.m4 8.7 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: S2K.Berkeley.EDU.m4,v 8.10 1999/02/07 07:26:06 gshapiro Exp $')
DOMAIN(CS.Berkeley.EDU)dnl
MASQUERADE_AS(postgres.Berkeley.EDU)dnl
diff --git a/contrib/sendmail/cf/domain/berkeley-only.m4 b/contrib/sendmail/cf/domain/berkeley-only.m4
index 805bab6a682a..b9a73b9b0422 100644
--- a/contrib/sendmail/cf/domain/berkeley-only.m4
+++ b/contrib/sendmail/cf/domain/berkeley-only.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -11,7 +12,7 @@ divert(-1)
#
#
divert(0)
-VERSIONID(`@(#)unspecified-domain.m4 8.7 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: unspecified-domain.m4,v 8.10 1999/02/07 07:26:07 gshapiro Exp $')
errprint(`*** ERROR: You are trying to use the Berkeley sample configuration')
errprint(` files outside of the Computer Science Division at Berkeley.')
errprint(` The configuration (.mc) files must be customized to reference')
diff --git a/contrib/sendmail/cf/domain/generic.m4 b/contrib/sendmail/cf/domain/generic.m4
index 93057d09a98e..caa5a8845fa8 100644
--- a/contrib/sendmail/cf/domain/generic.m4
+++ b/contrib/sendmail/cf/domain/generic.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -19,7 +20,9 @@ divert(-1)
# files.
#
divert(0)
-VERSIONID(`@(#)generic.m4 8.9 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: generic.m4,v 8.15 1999/04/04 00:51:09 ca Exp $')
define(`confFORWARD_PATH', `$z/.forward.$w+$h:$z/.forward+$h:$z/.forward.$w:$z/.forward')dnl
-FEATURE(redirect)dnl
-FEATURE(use_cw_file)dnl
+define(`confMAX_HEADERS_LENGTH', `32768')dnl
+FEATURE(`redirect')dnl
+FEATURE(`use_cw_file')dnl
+EXPOSED_USER(`root')
diff --git a/contrib/sendmail/cf/feature/accept_unqualified_senders.m4 b/contrib/sendmail/cf/feature/accept_unqualified_senders.m4
index bf1b1e798452..4c39884935bf 100644
--- a/contrib/sendmail/cf/feature/accept_unqualified_senders.m4
+++ b/contrib/sendmail/cf/feature/accept_unqualified_senders.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
@@ -9,7 +10,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)accept_unqualified_senders.m4 8.3 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: accept_unqualified_senders.m4,v 8.6 1999/02/07 07:26:07 gshapiro Exp $')
divert(-1)
define(`_ACCEPT_UNQUALIFIED_SENDERS_', 1)
diff --git a/contrib/sendmail/cf/feature/accept_unresolvable_domains.m4 b/contrib/sendmail/cf/feature/accept_unresolvable_domains.m4
index cbc4747d2207..a54507c75498 100644
--- a/contrib/sendmail/cf/feature/accept_unresolvable_domains.m4
+++ b/contrib/sendmail/cf/feature/accept_unresolvable_domains.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
@@ -9,7 +10,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)accept_unresolvable_domains.m4 8.7 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: accept_unresolvable_domains.m4,v 8.10 1999/02/07 07:26:07 gshapiro Exp $')
divert(-1)
define(`_ACCEPT_UNRESOLVABLE_DOMAINS_', 1)
diff --git a/contrib/sendmail/cf/feature/access_db.m4 b/contrib/sendmail/cf/feature/access_db.m4
index 75b5551ac2ce..14a8fe89e734 100644
--- a/contrib/sendmail/cf/feature/access_db.m4
+++ b/contrib/sendmail/cf/feature/access_db.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
@@ -9,10 +10,14 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)access_db.m4 8.8 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: access_db.m4,v 8.15 1999/07/22 17:55:34 gshapiro Exp $')
divert(-1)
-define(`ACCESS_TABLE',
- ifelse(_ARG_, `',
- DATABASE_MAP_TYPE` -o /etc/mail/access',
- `_ARG_'))dnl
+define(`_ACCESS_TABLE_', `')
+define(`_TAG_DELIM_', `:')dnl should be in OperatorChars
+
+LOCAL_CONFIG
+# Access list database (for spam stomping)
+Kaccess ifelse(defn(`_ARG_'), `',
+ DATABASE_MAP_TYPE MAIL_SETTINGS_DIR`access',
+ `_ARG_')
diff --git a/contrib/sendmail/cf/feature/allmasquerade.m4 b/contrib/sendmail/cf/feature/allmasquerade.m4
index ed622dcac6c6..bbb866025f41 100644
--- a/contrib/sendmail/cf/feature/allmasquerade.m4
+++ b/contrib/sendmail/cf/feature/allmasquerade.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,8 +13,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)allmasquerade.m4 8.7 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: allmasquerade.m4,v 8.11 1999/08/06 01:28:26 gshapiro Exp $')
divert(-1)
-
define(`_ALL_MASQUERADE_', 1)
diff --git a/contrib/sendmail/cf/feature/always_add_domain.m4 b/contrib/sendmail/cf/feature/always_add_domain.m4
index 69092e31d008..3ea174bd5147 100644
--- a/contrib/sendmail/cf/feature/always_add_domain.m4
+++ b/contrib/sendmail/cf/feature/always_add_domain.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,7 +13,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)always_add_domain.m4 8.6 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: always_add_domain.m4,v 8.9 1999/02/07 07:26:08 gshapiro Exp $')
divert(-1)
define(`_ALWAYS_ADD_DOMAIN_', 1)
diff --git a/contrib/sendmail/cf/feature/bestmx_is_local.m4 b/contrib/sendmail/cf/feature/bestmx_is_local.m4
index ec4c81c7ea13..22c87233caa2 100644
--- a/contrib/sendmail/cf/feature/bestmx_is_local.m4
+++ b/contrib/sendmail/cf/feature/bestmx_is_local.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,7 +13,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)bestmx_is_local.m4 8.14 (Berkeley) 1/25/1999')
+VERSIONID(`$Id: bestmx_is_local.m4,v 8.24 1999/10/18 21:50:24 ca Exp $')
divert(-1)
define(_BESTMX_IS_LOCAL_, _ARG_)
@@ -20,7 +21,7 @@ define(_BESTMX_IS_LOCAL_, _ARG_)
LOCAL_CONFIG
# turn on bestMX lookup table
Kbestmx bestmx
-ifelse(_ARG_, `', `dnl',`
+ifelse(defn(`_ARG_'), `', `dnl',`
# limit bestmx to these domains
CB`'_ARG_')
@@ -37,13 +38,14 @@ LOCAL_NET_CONFIG
# low to medium traffic hosts. If you use the limited bestmx
# by passing in a set of possible domains it will improve things.
-ifelse(_ARG_, `', `dnl
+ifelse(defn(`_ARG_'), `', `dnl
# unlimited bestmx
R$* < @ $* > $* $: $1 < @ $2 @@ $(bestmx $2 $) > $3',
`dnl
# limit bestmx to $=B
R$* < @ $* $=B . > $* $: $1 < @ $2 $3 . @@ $(bestmx $2 $3 . $) > $4')
-R$* $=O $* < @ $* @@ $=w . > $* $@ $>97 $1 $2 $3
-R< @ $* @@ $=w . > : $* $@ $>97 $3
-R$* < @ $* @@ $=w . > $* $#local $: $1
+R$* $=O $* < @ $* @@ $=w . > $* $@ $>Recurse $1 $2 $3
+R< @ $* @@ $=w . > : $* $@ $>Recurse $3
+dnl we cannot use _LOCAL_ here since it is defined too late
+R$* < @ $* @@ $=w . > $* $@ $>CanonLocal < $1 >
R$* < @ $* @@ $* > $* $: $1 < @ $2 > $4
diff --git a/contrib/sendmail/cf/feature/bitdomain.m4 b/contrib/sendmail/cf/feature/bitdomain.m4
index 7f9a181e4826..7ac7304af06d 100644
--- a/contrib/sendmail/cf/feature/bitdomain.m4
+++ b/contrib/sendmail/cf/feature/bitdomain.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,11 +13,13 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)bitdomain.m4 8.14 (Berkeley) 10/6/1998')
+VERSIONID(`$Id: bitdomain.m4,v 8.23 1999/07/22 17:55:34 gshapiro Exp $')
divert(-1)
-define(`BITDOMAIN_TABLE', ifelse(_ARG_, `',
- ifdef(`_USE_ETC_MAIL_',
- DATABASE_MAP_TYPE` -o /etc/mail/bitdomain',
- DATABASE_MAP_TYPE` -o /etc/bitdomain'),
- `_ARG_'))dnl
+define(`_BITDOMAIN_TABLE_', `')
+
+LOCAL_CONFIG
+# BITNET mapping table
+Kbitdomain ifelse(defn(`_ARG_'), `',
+ DATABASE_MAP_TYPE MAIL_SETTINGS_DIR`bitdomain',
+ `_ARG_')
diff --git a/contrib/sendmail/cf/feature/blacklist_recipients.m4 b/contrib/sendmail/cf/feature/blacklist_recipients.m4
index e3478d36ff1a..d6218d119401 100644
--- a/contrib/sendmail/cf/feature/blacklist_recipients.m4
+++ b/contrib/sendmail/cf/feature/blacklist_recipients.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
@@ -9,10 +10,10 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)blacklist_recipients.m4 8.9 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: blacklist_recipients.m4,v 8.13 1999/04/02 02:25:13 gshapiro Exp $')
divert(-1)
-ifdef(`ACCESS_TABLE',
+ifdef(`_ACCESS_TABLE_',
`define(`_BLACKLIST_RCPT_', 1)',
`errprint(`*** ERROR: FEATURE(blacklist_recipients) requires FEATURE(access_db)
')')
diff --git a/contrib/sendmail/cf/feature/delay_checks.m4 b/contrib/sendmail/cf/feature/delay_checks.m4
new file mode 100644
index 000000000000..15925254525e
--- /dev/null
+++ b/contrib/sendmail/cf/feature/delay_checks.m4
@@ -0,0 +1,22 @@
+divert(-1)
+#
+# Copyright (c) 1999-2000 Sendmail, Inc. and its suppliers.
+# All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+#
+
+divert(0)
+VERSIONID(`$Id: delay_checks.m4,v 8.7 2000/02/26 01:32:02 gshapiro Exp $')
+divert(-1)
+
+define(`_DELAY_CHECKS_', 1)
+ifelse(defn(`_ARG_'), `', `',
+ lower(substr(_ARG_,0,1)), `f', `define(`_SPAM_FRIEND_', 1) define(`_SPAM_FH_', 1)',
+ lower(substr(_ARG_,0,1)), `h', `define(`_SPAM_HATER_', 1) define(`_SPAM_FH_', 1)',
+ `errprint(`*** ERROR: illegal argument _ARG_ for FEATURE(delay_checks)
+')
+ ')
diff --git a/contrib/sendmail/cf/feature/dnsbl.m4 b/contrib/sendmail/cf/feature/dnsbl.m4
new file mode 100644
index 000000000000..fd3ceee682be
--- /dev/null
+++ b/contrib/sendmail/cf/feature/dnsbl.m4
@@ -0,0 +1,25 @@
+divert(-1)
+#
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+#
+
+divert(0)
+ifdef(`_DNSBL_R_',`dnl',`dnl
+VERSIONID(`$Id: dnsbl.m4,v 8.18 1999/08/03 04:30:56 gshapiro Exp $')')
+divert(-1)
+define(`_DNSBL_SRV_', `ifelse(len(X`'_ARG_),`1',`rbl.maps.vix.com',_ARG_)')dnl
+define(`_DNSBL_MSG_', `ifelse(len(X`'_ARG2_),`1',`"550 Mail from " $`'&{client_addr} " refused by blackhole site '_DNSBL_SRV_`"',`_ARG2_')')dnl
+divert(8)
+# DNS based IP address spam list _DNSBL_SRV_
+R$* $: $&{client_addr}
+R::ffff:$-.$-.$-.$- $: <?> $(host $4.$3.$2.$1._DNSBL_SRV_. $: OK $)
+R$-.$-.$-.$- $: <?> $(host $4.$3.$2.$1._DNSBL_SRV_. $: OK $)
+R<?>OK $: OKSOFAR
+R<?>$+ $#error $@ 5.7.1 $: _DNSBL_MSG_
+divert(-1)
diff --git a/contrib/sendmail/cf/feature/domaintable.m4 b/contrib/sendmail/cf/feature/domaintable.m4
index e7303dcdd87c..b609ec9a7732 100644
--- a/contrib/sendmail/cf/feature/domaintable.m4
+++ b/contrib/sendmail/cf/feature/domaintable.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,12 +13,13 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)domaintable.m4 8.9 (Berkeley) 10/6/1998')
+VERSIONID(`$Id: domaintable.m4,v 8.17 1999/07/22 17:55:35 gshapiro Exp $')
divert(-1)
-define(`DOMAIN_TABLE', ifelse(_ARG_, `',
- ifdef(`_USE_ETC_MAIL_',
- DATABASE_MAP_TYPE` -o /etc/mail/domaintable',
- DATABASE_MAP_TYPE` -o /etc/domaintable'),
- `_ARG_'))dnl
+define(`_DOMAIN_TABLE_', `')
+LOCAL_CONFIG
+# Domain table (adding domains)
+Kdomaintable ifelse(defn(`_ARG_'), `',
+ DATABASE_MAP_TYPE MAIL_SETTINGS_DIR`domaintable',
+ `_ARG_')
diff --git a/contrib/sendmail/cf/feature/generics_entire_domain.m4 b/contrib/sendmail/cf/feature/generics_entire_domain.m4
new file mode 100644
index 000000000000..fab586af110c
--- /dev/null
+++ b/contrib/sendmail/cf/feature/generics_entire_domain.m4
@@ -0,0 +1,16 @@
+divert(-1)
+#
+# Copyright (c) 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+#
+
+divert(0)
+VERSIONID(`$Id: generics_entire_domain.m4,v 8.1 1999/03/16 00:43:05 ca Exp $')
+divert(-1)
+
+define(`_GENERICS_ENTIRE_DOMAIN_', 1)
diff --git a/contrib/sendmail/cf/feature/genericstable.m4 b/contrib/sendmail/cf/feature/genericstable.m4
index 654db5d9a168..9104948bdaec 100644
--- a/contrib/sendmail/cf/feature/genericstable.m4
+++ b/contrib/sendmail/cf/feature/genericstable.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,11 +13,13 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)genericstable.m4 8.8 (Berkeley) 10/6/1998')
+VERSIONID(`$Id: genericstable.m4,v 8.16 1999/07/22 17:55:35 gshapiro Exp $')
divert(-1)
-define(`GENERICS_TABLE', ifelse(_ARG_, `',
- ifdef(`_USE_ETC_MAIL_',
- DATABASE_MAP_TYPE` -o /etc/mail/genericstable',
- DATABASE_MAP_TYPE` -o /etc/genericstable'),
- `_ARG_'))dnl
+define(`_GENERICS_TABLE_', `')
+
+LOCAL_CONFIG
+# Generics table (mapping outgoing addresses)
+Kgenerics ifelse(defn(`_ARG_'), `',
+ DATABASE_MAP_TYPE MAIL_SETTINGS_DIR`genericstable',
+ `_ARG_')
diff --git a/contrib/sendmail/cf/feature/ldap_routing.m4 b/contrib/sendmail/cf/feature/ldap_routing.m4
new file mode 100644
index 000000000000..7ea0c861f91d
--- /dev/null
+++ b/contrib/sendmail/cf/feature/ldap_routing.m4
@@ -0,0 +1,34 @@
+divert(-1)
+#
+# Copyright (c) 1999-2000 Sendmail, Inc. and its suppliers.
+# All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+#
+
+divert(0)
+VERSIONID(`$Id: ldap_routing.m4,v 8.5.4.1 2000/07/15 18:05:05 gshapiro Exp $')
+divert(-1)
+
+# Check first two arguments. If they aren't set, may need to warn in proto.m4
+ifelse(len(X`'_ARG1_), `1', `define(`_LDAP_ROUTING_WARN_', `yes')')
+ifelse(len(X`'_ARG2_), `1', `define(`_LDAP_ROUTING_WARN_', `yes')')
+
+# Check for third argument to indicate how to deal with non-existant
+# LDAP records
+ifelse(len(X`'_ARG3_), `1', `define(`_LDAP_ROUTING_', `_PASS_THROUGH_')',
+ _ARG3_, `passthru', `define(`_LDAP_ROUTING_', `_PASS_THROUGH_')',
+ `define(`_LDAP_ROUTING_', `_MUST_EXIST_')')
+
+LOCAL_CONFIG
+# LDAP routing maps
+Kldapmh ifelse(len(X`'_ARG1_), `1',
+ `ldap -1 -v mailHost -k (&(objectClass=inetLocalMailRecipient)(mailLocalAddress=%0))',
+ `_ARG1_')
+
+Kldapmra ifelse(len(X`'_ARG2_), `1',
+ `ldap -1 -v mailRoutingAddress -k (&(objectClass=inetLocalMailRecipient)(mailLocalAddress=%0))',
+ `_ARG2_')
diff --git a/contrib/sendmail/cf/feature/limited_masquerade.m4 b/contrib/sendmail/cf/feature/limited_masquerade.m4
index b036ae134be6..f86ebd4567c9 100644
--- a/contrib/sendmail/cf/feature/limited_masquerade.m4
+++ b/contrib/sendmail/cf/feature/limited_masquerade.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,7 +13,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)limited_masquerade.m4 8.6 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: limited_masquerade.m4,v 8.9 1999/02/07 07:26:09 gshapiro Exp $')
divert(-1)
define(`_LIMITED_MASQUERADE_', 1)
diff --git a/contrib/sendmail/cf/feature/local_lmtp.m4 b/contrib/sendmail/cf/feature/local_lmtp.m4
index f328ce54a293..4b44eab4af78 100644
--- a/contrib/sendmail/cf/feature/local_lmtp.m4
+++ b/contrib/sendmail/cf/feature/local_lmtp.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
@@ -9,12 +10,17 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)local_lmtp.m4 8.5 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: local_lmtp.m4,v 8.15 1999/11/18 05:06:22 ca Exp $')
divert(-1)
+ifdef(`_MAILER_local_',
+ `errprint(`*** FEATURE(local_lmtp) must occur before MAILER(local)
+')')dnl
+
define(`LOCAL_MAILER_PATH',
- ifelse(_ARG_, `',
+ ifelse(defn(`_ARG_'), `',
ifdef(`confEBINDIR', confEBINDIR, `/usr/libexec')`/mail.local',
_ARG_))
-define(`LOCAL_MAILER_FLAGS', `SXfmnz9')
+define(`LOCAL_MAILER_FLAGS', `PSXfmnz9')
define(`LOCAL_MAILER_ARGS', `mail.local -l')
+define(`LOCAL_MAILER_DSN_DIAGNOSTIC_CODE', `SMTP')
diff --git a/contrib/sendmail/cf/feature/local_procmail.m4 b/contrib/sendmail/cf/feature/local_procmail.m4
index 20618dd5551c..29bb98023e9b 100644
--- a/contrib/sendmail/cf/feature/local_procmail.m4
+++ b/contrib/sendmail/cf/feature/local_procmail.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1994 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,14 +13,20 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)local_procmail.m4 8.11 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: local_procmail.m4,v 8.21 1999/11/18 05:06:23 ca Exp $')
divert(-1)
+ifdef(`_MAILER_local_',
+ `errprint(`*** FEATURE(local_procmail) must occur before MAILER(local)
+')')dnl
+
define(`LOCAL_MAILER_PATH',
- ifelse(_ARG_, `',
+ ifelse(defn(`_ARG_'), `',
ifdef(`PROCMAIL_MAILER_PATH',
PROCMAIL_MAILER_PATH,
`/usr/local/bin/procmail'),
_ARG_))
-define(`LOCAL_MAILER_FLAGS', `SPfhn9')
-define(`LOCAL_MAILER_ARGS', `procmail -Y -a $h -d $u')
+define(`LOCAL_MAILER_ARGS',
+ ifelse(len(X`'_ARG2_), `1', `procmail -Y -a $h -d $u', _ARG2_))
+define(`LOCAL_MAILER_FLAGS',
+ ifelse(len(X`'_ARG3_), `1', `SPfhn9', _ARG3_))
diff --git a/contrib/sendmail/cf/feature/loose_relay_check.m4 b/contrib/sendmail/cf/feature/loose_relay_check.m4
index 988e44144f6a..abd1b9c9ff68 100644
--- a/contrib/sendmail/cf/feature/loose_relay_check.m4
+++ b/contrib/sendmail/cf/feature/loose_relay_check.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
@@ -9,7 +10,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)loose_relay_check.m4 8.3 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: loose_relay_check.m4,v 8.6 1999/02/07 07:26:10 gshapiro Exp $')
divert(-1)
define(`_LOOSE_RELAY_CHECK_', 1)
diff --git a/contrib/sendmail/cf/feature/mailertable.m4 b/contrib/sendmail/cf/feature/mailertable.m4
index 71a41adf3a75..08c1bf60eb4e 100644
--- a/contrib/sendmail/cf/feature/mailertable.m4
+++ b/contrib/sendmail/cf/feature/mailertable.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,11 +13,13 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)mailertable.m4 8.10 (Berkeley) 10/6/1998')
+VERSIONID(`$Id: mailertable.m4,v 8.18 1999/07/22 17:55:35 gshapiro Exp $')
divert(-1)
-define(`MAILER_TABLE', ifelse(_ARG_, `',
- ifdef(`_USE_ETC_MAIL_',
- DATABASE_MAP_TYPE` -o /etc/mail/mailertable',
- DATABASE_MAP_TYPE` -o /etc/mailertable'),
- `_ARG_'))dnl
+define(`_MAILER_TABLE_', `')
+
+LOCAL_CONFIG
+# Mailer table (overriding domains)
+Kmailertable ifelse(defn(`_ARG_'), `',
+ DATABASE_MAP_TYPE MAIL_SETTINGS_DIR`mailertable',
+ `_ARG_')
diff --git a/contrib/sendmail/cf/feature/masquerade_entire_domain.m4 b/contrib/sendmail/cf/feature/masquerade_entire_domain.m4
index 4455b9a70851..e2bcc650616e 100644
--- a/contrib/sendmail/cf/feature/masquerade_entire_domain.m4
+++ b/contrib/sendmail/cf/feature/masquerade_entire_domain.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,7 +13,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)masquerade_entire_domain.m4 8.6 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: masquerade_entire_domain.m4,v 8.9 1999/02/07 07:26:10 gshapiro Exp $')
divert(-1)
define(`_MASQUERADE_ENTIRE_DOMAIN_', 1)
diff --git a/contrib/sendmail/cf/feature/masquerade_envelope.m4 b/contrib/sendmail/cf/feature/masquerade_envelope.m4
index 276c7f41d40c..74d3aa056096 100644
--- a/contrib/sendmail/cf/feature/masquerade_envelope.m4
+++ b/contrib/sendmail/cf/feature/masquerade_envelope.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,7 +13,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)masquerade_envelope.m4 8.6 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: masquerade_envelope.m4,v 8.9 1999/02/07 07:26:10 gshapiro Exp $')
divert(-1)
define(`_MASQUERADE_ENVELOPE_', 1)
diff --git a/contrib/sendmail/cf/feature/no_default_msa.m4 b/contrib/sendmail/cf/feature/no_default_msa.m4
new file mode 100644
index 000000000000..3f5752a5458a
--- /dev/null
+++ b/contrib/sendmail/cf/feature/no_default_msa.m4
@@ -0,0 +1,16 @@
+divert(-1)
+#
+# Copyright (c) 1999, 2000 Sendmail, Inc. and its suppliers.
+# All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+#
+
+divert(0)
+VERSIONID(`$Id: no_default_msa.m4,v 8.1 2000/02/01 15:56:30 ca Exp $')
+divert(-1)
+
+define(`_NO_MSA_', `1')
diff --git a/contrib/sendmail/cf/feature/nocanonify.m4 b/contrib/sendmail/cf/feature/nocanonify.m4
index 279a8eaae1bc..05baa7a47b45 100644
--- a/contrib/sendmail/cf/feature/nocanonify.m4
+++ b/contrib/sendmail/cf/feature/nocanonify.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,7 +13,12 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)nocanonify.m4 8.6 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: nocanonify.m4,v 8.12 1999/08/28 00:42:01 ca Exp $')
divert(-1)
define(`_NO_CANONIFY_', 1)
+ifelse(defn(`_ARG_'), `', `',
+ strcasecmp(defn(`_ARG_'), `canonify_hosts'), `1',
+ `define(`_CANONIFY_HOSTS_', 1)',
+ `errprint(`*** ERROR: unknown parameter '"defn(`_ARG_')"` for FEATURE(`nocanonify')
+')')
diff --git a/contrib/sendmail/cf/feature/nodns.m4 b/contrib/sendmail/cf/feature/nodns.m4
index 5d383d5475e7..c5acadf7eceb 100644
--- a/contrib/sendmail/cf/feature/nodns.m4
+++ b/contrib/sendmail/cf/feature/nodns.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,10 +13,10 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)nodns.m4 8.9 (Berkeley) 10/6/1998')
+VERSIONID(`$Id: nodns.m4,v 8.14 1999/07/22 17:55:35 gshapiro Exp $')
divert(-1)
undefine(`confBIND_OPTS')dnl
errprint(`FEATURE(nodns) is no-op.
-Use ServiceSwitchFile ('ifdef(`confSERVICE_SWITCH_FILE',confSERVICE_SWITCH_FILE,ifdef(`_USE_ETC_MAIL_',`/etc/mail/service.switch',`/etc/service.switch'))`) if your OS does not provide its own instead.
+Use ServiceSwitchFile ('ifdef(`confSERVICE_SWITCH_FILE',confSERVICE_SWITCH_FILE,MAIL_SETTINGS_DIR`service.switch')`) if your OS does not provide its own instead.
')
diff --git a/contrib/sendmail/cf/feature/notsticky.m4 b/contrib/sendmail/cf/feature/notsticky.m4
index 5ba6b2f70ce1..1cecca5f13e3 100644
--- a/contrib/sendmail/cf/feature/notsticky.m4
+++ b/contrib/sendmail/cf/feature/notsticky.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,7 +13,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)notsticky.m4 8.8 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: notsticky.m4,v 8.11 1999/02/07 07:26:11 gshapiro Exp $')
#
# This is now the default. Use ``FEATURE(stickyhost)'' if you want
# the old default behaviour.
diff --git a/contrib/sendmail/cf/feature/nouucp.m4 b/contrib/sendmail/cf/feature/nouucp.m4
index 7cf241f77f70..a03104964dd2 100644
--- a/contrib/sendmail/cf/feature/nouucp.m4
+++ b/contrib/sendmail/cf/feature/nouucp.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,7 +13,15 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)nouucp.m4 8.6 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: nouucp.m4,v 8.13 1999/11/24 18:37:07 ca Exp $')
divert(-1)
-define(`_NO_UUCP_', 1)
+ifelse(defn(`_ARG_'), `',
+ `errprint(`*** ERROR: missing argument for FEATURE(nouucp):
+ use `reject' or `nospecial'. See cf/README.
+')define(`_NO_UUCP_', `e')',
+ substr(_ARG_,0,1), `r', `define(`_NO_UUCP_', `r')',
+ substr(_ARG_,0,1), `n', `define(`_NO_UUCP_', `n')',
+ `errprint(`*** ERROR: illegal argument _ARG_ for FEATURE(nouucp)
+')
+ ')
diff --git a/contrib/sendmail/cf/feature/nullclient.m4 b/contrib/sendmail/cf/feature/nullclient.m4
index 99346ae03153..1354e56e7c2b 100644
--- a/contrib/sendmail/cf/feature/nullclient.m4
+++ b/contrib/sendmail/cf/feature/nullclient.m4
@@ -1,6 +1,7 @@
-PUSHDIVERT(-1)
+divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -10,11 +11,8 @@ PUSHDIVERT(-1)
# the sendmail distribution.
#
#
-ifdef(`SMTP_MAILER_FLAGS',, `define(`SMTP_MAILER_FLAGS', `')')
-define(_NULL_CLIENT_ONLY_, `1')
-ifelse(_ARG_, `', `errprint(`Feature "nullclient" requires argument')',
- `define(`MAIL_HUB', _ARG_)')
-POPDIVERT
+ifelse(defn(`_ARG_'), `', `errprint(`Feature "nullclient" requires argument')',
+ `define(`_NULL_CLIENT_', _ARG_)')
#
# This is used only for relaying mail from a client to a hub when
@@ -23,28 +21,17 @@ POPDIVERT
# sendmail.
#
-VERSIONID(`@(#)nullclient.m4 8.12 (Berkeley) 5/19/1998')
+divert(0)
+VERSIONID(`$Id: nullclient.m4,v 8.21.16.1 2000/05/26 18:08:41 gshapiro Exp $')
+divert(-1)
-PUSHDIVERT(6)
-# hub host (to which all mail is sent)
-DH`'ifdef(`MAIL_HUB', MAIL_HUB,
- `errprint(`MAIL_HUB not defined for nullclient feature')')
-ifdef(`MASQUERADE_NAME',, `define(`MASQUERADE_NAME', MAIL_HUB)')dnl
-
-# route-addr separators
-C: : ,
-POPDIVERT
-PUSHDIVERT(7)
-############################################
-### Null Client Mailer specification ###
-############################################
-
-ifdef(`confRELAY_MAILER',,
- `define(`confRELAY_MAILER', `nullclient')')dnl
-ifdef(`confFROM_HEADER',,
- `define(`confFROM_HEADER', <$g>)')dnl
-ifdef(`SMTP_MAILER_ARGS',, `define(`SMTP_MAILER_ARGS', `IPC $h')')dnl
-
-Mnullclient, P=[IPC], F=CONCAT(mDFMuXa, SMTP_MAILER_FLAGS),ifdef(`SMTP_MAILER_MAX', ` M=SMTP_MAILER_MAX,')
- A=SMTP_MAILER_ARGS
-POPDIVERT
+undefine(`ALIAS_FILE')
+define(`MAIL_HUB', _NULL_CLIENT_)
+define(`SMART_HOST', _NULL_CLIENT_)
+define(`confFORWARD_PATH', `')
+define(`_DEF_LOCAL_MAILER_FLAGS', `lsDFM5q')
+MASQUERADE_AS(_NULL_CLIENT_)
+FEATURE(`allmasquerade')
+FEATURE(`masquerade_envelope')
+MAILER(`local')
+MAILER(`smtp')
diff --git a/contrib/sendmail/cf/feature/promiscuous_relay.m4 b/contrib/sendmail/cf/feature/promiscuous_relay.m4
index cc3dae62f639..86db75fe90f7 100644
--- a/contrib/sendmail/cf/feature/promiscuous_relay.m4
+++ b/contrib/sendmail/cf/feature/promiscuous_relay.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
@@ -9,7 +10,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)promiscuous_relay.m4 8.7 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: promiscuous_relay.m4,v 8.10 1999/02/07 07:26:11 gshapiro Exp $')
divert(-1)
define(`_PROMISCUOUS_RELAY_', 1)
diff --git a/contrib/sendmail/cf/feature/rbl.m4 b/contrib/sendmail/cf/feature/rbl.m4
index 0284aa3cbd87..6e5d159fd16e 100644
--- a/contrib/sendmail/cf/feature/rbl.m4
+++ b/contrib/sendmail/cf/feature/rbl.m4
@@ -9,7 +9,10 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)rbl.m4 8.8 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: rbl.m4,v 8.17 1999/04/04 00:51:12 ca Exp $')
divert(-1)
-define(`_RBL_', ifelse(_ARG_, `', `rbl.maps.vix.com', `_ARG_'))dnl
+define(`_RBL_', ifelse(defn(`_ARG_'), `', `rbl.maps.vix.com', `_ARG_'))dnl
+ifelse(defn(`_ARG_'), `', `', `
+errprint(`Warning: FEATURE(`rbl') is deprecated, use FEATURE(`dnsbl') instead
+')')dnl
diff --git a/contrib/sendmail/cf/feature/redirect.m4 b/contrib/sendmail/cf/feature/redirect.m4
index a9b333ff1c88..e167865efefa 100644
--- a/contrib/sendmail/cf/feature/redirect.m4
+++ b/contrib/sendmail/cf/feature/redirect.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,17 +13,14 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)redirect.m4 8.10 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: redirect.m4,v 8.15 1999/08/06 01:47:36 gshapiro Exp $')
divert(-1)
-
-PUSHDIVERT(3)
+LOCAL_RULE_0
# addresses sent to foo@host.REDIRECT will give a 551 error code
R$* < @ $+ .REDIRECT. > $: $1 < @ $2 . REDIRECT . > < ${opMode} >
R$* < @ $+ .REDIRECT. > <i> $: $1 < @ $2 . REDIRECT. >
-R$* < @ $+ .REDIRECT. > < $- > $# error $@ 5.1.1 $: "551 User has moved; please try " <$1@$2>
-POPDIVERT
+R$* < @ $+ .REDIRECT. > < $- > $#error $@ 5.1.1 $: "551 User has moved; please try " <$1@$2>
-PUSHDIVERT(6)
+LOCAL_CONFIG
CPREDIRECT
-POPDIVERT
diff --git a/contrib/sendmail/cf/feature/relay_based_on_MX.m4 b/contrib/sendmail/cf/feature/relay_based_on_MX.m4
index f19e89b6d782..872680a480f5 100644
--- a/contrib/sendmail/cf/feature/relay_based_on_MX.m4
+++ b/contrib/sendmail/cf/feature/relay_based_on_MX.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
@@ -9,7 +10,12 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)relay_based_on_MX.m4 8.7 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: relay_based_on_MX.m4,v 8.11 1999/04/02 02:25:13 gshapiro Exp $')
divert(-1)
define(`_RELAY_MX_SERVED_', 1)
+
+LOCAL_CONFIG
+# MX map (to allow relaying to hosts that we MX for)
+Kmxserved bestmx -z: -T<TEMP>
+
diff --git a/contrib/sendmail/cf/feature/relay_entire_domain.m4 b/contrib/sendmail/cf/feature/relay_entire_domain.m4
index c932a70ab396..a720b167f279 100644
--- a/contrib/sendmail/cf/feature/relay_entire_domain.m4
+++ b/contrib/sendmail/cf/feature/relay_entire_domain.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
@@ -9,7 +10,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)relay_entire_domain.m4 8.7 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: relay_entire_domain.m4,v 8.10 1999/02/07 07:26:12 gshapiro Exp $')
divert(-1)
define(`_RELAY_ENTIRE_DOMAIN_', 1)
diff --git a/contrib/sendmail/cf/feature/relay_hosts_only.m4 b/contrib/sendmail/cf/feature/relay_hosts_only.m4
index 35f7ab528494..867d4eda6408 100644
--- a/contrib/sendmail/cf/feature/relay_hosts_only.m4
+++ b/contrib/sendmail/cf/feature/relay_hosts_only.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
@@ -9,7 +10,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)relay_hosts_only.m4 8.7 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: relay_hosts_only.m4,v 8.10 1999/02/07 07:26:12 gshapiro Exp $')
divert(-1)
define(`_RELAY_HOSTS_ONLY_', 1)
diff --git a/contrib/sendmail/cf/feature/relay_local_from.m4 b/contrib/sendmail/cf/feature/relay_local_from.m4
index ab040f6c2ff3..6e1aa807bf98 100644
--- a/contrib/sendmail/cf/feature/relay_local_from.m4
+++ b/contrib/sendmail/cf/feature/relay_local_from.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
@@ -9,7 +10,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)relay_local_from.m4 8.2 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: relay_local_from.m4,v 8.5 1999/02/07 07:26:12 gshapiro Exp $')
divert(-1)
define(`_RELAY_LOCAL_FROM_', 1)
diff --git a/contrib/sendmail/cf/feature/relay_mail_from.m4 b/contrib/sendmail/cf/feature/relay_mail_from.m4
new file mode 100644
index 000000000000..f66408dd9f1b
--- /dev/null
+++ b/contrib/sendmail/cf/feature/relay_mail_from.m4
@@ -0,0 +1,20 @@
+divert(-1)
+#
+# Copyright (c) 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+#
+
+divert(0)
+VERSIONID(`$Id: relay_mail_from.m4,v 8.2 1999/04/02 02:25:13 gshapiro Exp $')
+divert(-1)
+
+ifdef(`_ACCESS_TABLE_',
+ `define(`_RELAY_DB_FROM_', 1)
+ ifelse(_ARG_,`domain',`define(`_RELAY_DB_FROM_DOMAIN_', 1)')',
+ `errprint(`*** ERROR: FEATURE(relay_mail_from) requires FEATURE(access_db)
+')')
diff --git a/contrib/sendmail/cf/feature/smrsh.m4 b/contrib/sendmail/cf/feature/smrsh.m4
index 3b44fa88a67d..2159ff8580a0 100644
--- a/contrib/sendmail/cf/feature/smrsh.m4
+++ b/contrib/sendmail/cf/feature/smrsh.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,12 +13,14 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)smrsh.m4 8.8 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: smrsh.m4,v 8.14 1999/11/18 05:06:23 ca Exp $')
divert(-1)
ifdef(`_MAILER_local_',
- `errprint(`*** FEATURE(smrsh) must occur before MAILER(local)')')dnl
+ `errprint(`*** FEATURE(smrsh) must occur before MAILER(local)
+')')dnl
define(`LOCAL_SHELL_PATH',
- ifelse(_ARG_, `',
+ ifelse(defn(`_ARG_'), `',
ifdef(`confEBINDIR', confEBINDIR, `/usr/libexec')`/smrsh',
_ARG_))
+_DEFIFNOT(`LOCAL_SHELL_ARGS', `smrsh -c $u')
diff --git a/contrib/sendmail/cf/feature/stickyhost.m4 b/contrib/sendmail/cf/feature/stickyhost.m4
index 1d0d1cd590e4..1e95be44bcc2 100644
--- a/contrib/sendmail/cf/feature/stickyhost.m4
+++ b/contrib/sendmail/cf/feature/stickyhost.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,7 +13,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)stickyhost.m4 8.6 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: stickyhost.m4,v 8.9 1999/02/07 07:26:13 gshapiro Exp $')
divert(-1)
define(`_STICKY_LOCAL_DOMAIN_', 1)
diff --git a/contrib/sendmail/cf/feature/use_ct_file.m4 b/contrib/sendmail/cf/feature/use_ct_file.m4
index 924dd06e0c8f..e87ca625fa70 100644
--- a/contrib/sendmail/cf/feature/use_ct_file.m4
+++ b/contrib/sendmail/cf/feature/use_ct_file.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,7 +13,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)use_ct_file.m4 8.6 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: use_ct_file.m4,v 8.9 1999/02/07 07:26:13 gshapiro Exp $')
divert(-1)
# if defined, the sendmail.cf will read the /etc/sendmail.ct file
diff --git a/contrib/sendmail/cf/feature/use_cw_file.m4 b/contrib/sendmail/cf/feature/use_cw_file.m4
index 5bbbf7b2b07b..c7e1cee91a97 100644
--- a/contrib/sendmail/cf/feature/use_cw_file.m4
+++ b/contrib/sendmail/cf/feature/use_cw_file.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,7 +13,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)use_cw_file.m4 8.6 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: use_cw_file.m4,v 8.9 1999/02/07 07:26:13 gshapiro Exp $')
divert(-1)
# if defined, the sendmail.cf will read the /etc/sendmail.cw file
diff --git a/contrib/sendmail/cf/feature/uucpdomain.m4 b/contrib/sendmail/cf/feature/uucpdomain.m4
index 0c584aa2e59f..cc34032672fd 100644
--- a/contrib/sendmail/cf/feature/uucpdomain.m4
+++ b/contrib/sendmail/cf/feature/uucpdomain.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,11 +13,13 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)uucpdomain.m4 8.14 (Berkeley) 10/6/1998')
+VERSIONID(`$Id: uucpdomain.m4,v 8.22 1999/07/22 17:55:35 gshapiro Exp $')
divert(-1)
-define(`UUDOMAIN_TABLE', ifelse(_ARG_, `',
- ifdef(`_USE_ETC_MAIL_',
- DATABASE_MAP_TYPE` -o /etc/mail/uudomain',
- DATABASE_MAP_TYPE` -o /etc/uudomain'),
- `_ARG_'))dnl
+define(`_UUDOMAIN_TABLE_', `')
+
+LOCAL_CONFIG
+# UUCP domain table
+Kuudomain ifelse(defn(`_ARG_'), `',
+ DATABASE_MAP_TYPE MAIL_SETTINGS_DIR`uudomain',
+ `_ARG_')
diff --git a/contrib/sendmail/cf/feature/virtuser_entire_domain.m4 b/contrib/sendmail/cf/feature/virtuser_entire_domain.m4
new file mode 100644
index 000000000000..5a1d9f0e9fab
--- /dev/null
+++ b/contrib/sendmail/cf/feature/virtuser_entire_domain.m4
@@ -0,0 +1,16 @@
+divert(-1)
+#
+# Copyright (c) 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+#
+
+divert(0)
+VERSIONID(`$Id: virtuser_entire_domain.m4,v 8.2 1999/03/16 00:43:05 ca Exp $')
+divert(-1)
+
+define(`_VIRTUSER_ENTIRE_DOMAIN_', 1)
diff --git a/contrib/sendmail/cf/feature/virtusertable.m4 b/contrib/sendmail/cf/feature/virtusertable.m4
index 316f7ea61dcd..b1f6028860e7 100644
--- a/contrib/sendmail/cf/feature/virtusertable.m4
+++ b/contrib/sendmail/cf/feature/virtusertable.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,11 +13,13 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)virtusertable.m4 8.8 (Berkeley) 10/6/1998')
+VERSIONID(`$Id: virtusertable.m4,v 8.16 1999/07/22 17:55:36 gshapiro Exp $')
divert(-1)
-define(`VIRTUSER_TABLE', ifelse(_ARG_, `',
- ifdef(`_USE_ETC_MAIL_',
- DATABASE_MAP_TYPE` -o /etc/mail/virtusertable',
- DATABASE_MAP_TYPE` -o /etc/virtusertable'),
- `_ARG_'))dnl
+define(`_VIRTUSER_TABLE_', `')
+
+LOCAL_CONFIG
+# Virtual user table (maps incoming users)
+Kvirtuser ifelse(defn(`_ARG_'), `',
+ DATABASE_MAP_TYPE MAIL_SETTINGS_DIR`virtusertable',
+ `_ARG_')
diff --git a/contrib/sendmail/cf/hack/cssubdomain.m4 b/contrib/sendmail/cf/hack/cssubdomain.m4
index 6297d64b6c85..9b0e76a2eb43 100644
--- a/contrib/sendmail/cf/hack/cssubdomain.m4
+++ b/contrib/sendmail/cf/hack/cssubdomain.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -11,7 +12,7 @@ divert(-1)
#
#
divert(0)
-VERSIONID(`@(#)cssubdomain.m4 8.6 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: cssubdomain.m4,v 8.9 1999/02/07 07:26:14 gshapiro Exp $')
divert(2)
# find possible (old & new) versions of our name via short circuit hack
diff --git a/contrib/sendmail/cf/m4/cf.m4 b/contrib/sendmail/cf/m4/cf.m4
index 0b058098e32b..4f5712b1df88 100644
--- a/contrib/sendmail/cf/m4/cf.m4
+++ b/contrib/sendmail/cf/m4/cf.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -25,4 +26,4 @@ ifdef(`_CF_DIR_', `',
divert(0)dnl
ifdef(`OSTYPE', `dnl',
`include(_CF_DIR_`'m4/cfhead.m4)dnl
-VERSIONID(`@(#)cf.m4 8.29 (Berkeley) 5/19/1998')')
+VERSIONID(`$Id: cf.m4,v 8.32 1999/02/07 07:26:14 gshapiro Exp $')')
diff --git a/contrib/sendmail/cf/m4/cfhead.m4 b/contrib/sendmail/cf/m4/cfhead.m4
index 9a5ccd224b25..a43d1f69a477 100644
--- a/contrib/sendmail/cf/m4/cfhead.m4
+++ b/contrib/sendmail/cf/m4/cfhead.m4
@@ -1,5 +1,6 @@
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -15,10 +16,11 @@
#####
##### SENDMAIL CONFIGURATION FILE
#####
-define(`TEMPFILE', maketemp(/tmp/cfXXXXXX))dnl
+ifdef(`unix', `dnl
+ifdef(`TEMPFILE', `dnl', `define(`TEMPFILE', maketemp(/tmp/cfXXXXXX))dnl
syscmd(sh _CF_DIR_`'sh/makeinfo.sh _CF_DIR_ > TEMPFILE)dnl
include(TEMPFILE)dnl
-syscmd(rm -f TEMPFILE)dnl
+syscmd(rm -f TEMPFILE)dnl')', `dnl')
#####
######################################################################
######################################################################
@@ -36,16 +38,85 @@ define(`PUSHDIVERT', `pushdef(`__D__', divnum)divert($1)')
define(`POPDIVERT', `divert(__D__)popdef(`__D__')')
define(`OSTYPE',
`PUSHDIVERT(-1)
- ifdef(`__OSTYPE__', `errprint(`duplicate OSTYPE'($1))')
+ ifdef(`__OSTYPE__', `errprint(`duplicate OSTYPE'($1)
+)')
define(`__OSTYPE__', $1)
define(`_ARG_', $2)
include(_CF_DIR_`'ostype/$1.m4)POPDIVERT`'')
+## helpful functions
+define(`lower', `translit(`$1', `ABCDEFGHIJKLMNOPQRSTUVWXYZ', `abcdefghijklmnopqrstuvwx')')
+define(`strcasecmp', `ifelse(lower($1), lower($2), `1', `0')')
+## new FEATUREs
+define(`_DNSBL_R_',`')
+## access to further arguments in FEATURE/HACK
+define(`_ACC_ARG_1_',`$1')
+define(`_ACC_ARG_2_',`$2')
+define(`_ACC_ARG_3_',`$3')
+define(`_ACC_ARG_4_',`$4')
+define(`_ACC_ARG_5_',`$5')
+define(`_ACC_ARG_6_',`$6')
+define(`_ACC_ARG_7_',`$7')
+define(`_ACC_ARG_8_',`$8')
+define(`_ACC_ARG_9_',`$9')
+define(`_ARG1_',`_ACC_ARG_1_(_ARGS_)')
+define(`_ARG2_',`_ACC_ARG_2_(_ARGS_)')
+define(`_ARG3_',`_ACC_ARG_3_(_ARGS_)')
+define(`_ARG4_',`_ACC_ARG_4_(_ARGS_)')
+define(`_ARG5_',`_ACC_ARG_5_(_ARGS_)')
+define(`_ARG6_',`_ACC_ARG_6_(_ARGS_)')
+define(`_ARG7_',`_ACC_ARG_7_(_ARGS_)')
+define(`_ARG8_',`_ACC_ARG_8_(_ARGS_)')
+define(`_ARG9_',`_ACC_ARG_9_(_ARGS_)')
+dnl define if not yet defined: if `$1' is not defined it will be `$2'
+define(`_DEFIFNOT',`ifdef(`$1',`',`define(`$1',`$2')')')
+dnl ----------------------------------------
+dnl add a char $2 to a string $1 if it is not there
+define(`_ADDCHAR_',`define(`_I_',`eval(index(`$1',`$2') >= 0)')`'ifelse(_I_,`1',`$1',`$1$2')')
+dnl ----
+dnl delete a char $2 from a string $1 if it is there
+define(`_DELCHAR_',`define(`_IDX_',`index(`$1',`$2')')`'define(`_I_',`eval(_IDX_ >= 0)')`'ifelse(_I_,`1',`substr(`$1',0,_IDX_)`'substr(`$1',eval(_IDX_+1))',`$1')')
+dnl ----
+dnl apply a macro to a whole string by recursion (one char at a time)
+dnl $1: macro
+dnl $2: first argument to macro
+dnl $3: list that is split up into characters
+define(`_AP_',`ifelse(`$3',`',`$2',`_AP_(`$1',$1(`$2',substr(`$3',0,1)),substr(`$3',1))')')
+dnl ----
+dnl MODIFY_MAILER_FLAGS: append tail of $2 to $1_MF_A/D_
+dnl A if head($2) = +
+dnl D if head($2) = -
+dnl $1_MF_ is set otherwise; set _A/D_ to `'
+define(`MODIFY_MAILER_FLAGS',`define(`_hd_',`substr(`$2',0,1)')define(`_tl_',`substr(`$2',1)')`'ifelse(_hd_,`+',`ifdef($1`'_MF_A_, `define($1`'_MF_A_,$1_MF_A_`'_tl_)', `define($1`'_MF_A_, _tl_)')',_hd_,`-',`ifdef($1`'_MF_D_, `define($1`'_MF_D_,$1_MF_D_`'_tl_)', `define($1`'_MF_D_,_tl_)')',`define($1`'_MF_,`$2')define($1`'_MF_A_,`')define($1`'_MF_D_,`')')')
+dnl ----
+dnl actually modify flags:
+dnl $1: flags (strings) to modify
+dnl $2: name of flags (just first part) to modify
+dnl WARNING: the order might be important: if someone adds and delete the
+dnl same characters, he does not deserve any better, does he?
+dnl this could be coded more efficiently... (do not apply the macro if _MF_A/D_ is undefined)
+define(`_MODMF_',`ifdef($2`'_MF_,`$2_MF_',`_AP_(`_ADDCHAR_',_AP_(`_DELCHAR_',$1,ifdef($2`'_MF_D_,`$2_MF_D_',`')),ifdef($2`'_MF_A_,`$2_MF_A_',`'))')')
+dnl usage:
+dnl MODIFY_MAILER_FLAGS(`LOCAL',`+FlaGs')dnl
+dnl in MAILER.m4: _MODMF_(LMF,`LOCAL')
+dnl ----------------------------------------
define(`MAILER',
-`ifdef(`_MAILER_$1_', `dnl`'',
-`define(`_MAILER_$1_', `')PUSHDIVERT(7)include(_CF_DIR_`'mailer/$1.m4)POPDIVERT`'')')
-define(`DOMAIN', `PUSHDIVERT(-1)define(`_ARG_', $2)include(_CF_DIR_`'domain/$1.m4)POPDIVERT`'')
-define(`FEATURE', `PUSHDIVERT(-1)define(`_ARG_', $2)include(_CF_DIR_`'feature/$1.m4)POPDIVERT`'')
-define(`HACK', `PUSHDIVERT(-1)define(`_ARG_', $2)include(_CF_DIR_`'hack/$1.m4)POPDIVERT`'')
+`define(`_M_N_', `ifelse(`$2', `', `$1', `$2')')dnl
+ifdef(_MAILER_`'_M_N_`'_, `dnl`'',
+`define(_MAILER_`'_M_N_`'_, `')define(`_ARG_', `$2')define(`_ARGS_', `shift($@)')PUSHDIVERT(7)include(_CF_DIR_`'mailer/$1.m4)POPDIVERT`'')')
+define(`DOMAIN', `PUSHDIVERT(-1)define(`_ARG_', `$2')include(_CF_DIR_`'domain/$1.m4)POPDIVERT`'')
+define(`FEATURE', `PUSHDIVERT(-1)define(`_ARG_', `$2')define(`_ARGS_', `shift($@)')include(_CF_DIR_`'feature/$1.m4)POPDIVERT`'')
+define(`HACK', `PUSHDIVERT(-1)define(`_ARG_', `$2')define(`_ARGS_', `shift($@)')include(_CF_DIR_`'hack/$1.m4)POPDIVERT`'')
+define(`_DPO_',`')
+define(`DAEMON_OPTIONS', `define(`_DPO_', defn(`_DPO_')
+O DaemonPortOptions=`$1')')
+define(`_MAIL_FILTERS_', `')
+define(`MAIL_FILTER', `define(`_MAIL_FILTERS_', defn(`_MAIL_FILTERS_')
+X`'$1`, '`$2')')
+define(`INPUT_MAIL_FILTER', `MAIL_FILTER(`$1', `$2')
+ifelse(defn(`confINPUT_MAIL_FILTERS')X, `X',
+`define(`confINPUT_MAIL_FILTERS', $1)',
+`define(`confINPUT_MAIL_FILTERS', defn(`confINPUT_MAIL_FILTERS')`, '`$1')')')
+define(`CF_LEVEL', `9')dnl
define(`VERSIONID', ``##### $1 #####'')
define(`LOCAL_RULE_0', `divert(3)')
define(`LOCAL_RULE_1',
@@ -54,7 +125,7 @@ define(`LOCAL_RULE_1',
### Ruleset 1 -- Sender Rewriting ###
#######################################
-S1
+Ssender=1
')
define(`LOCAL_RULE_2',
`divert(9)dnl
@@ -62,7 +133,7 @@ define(`LOCAL_RULE_2',
### Ruleset 2 -- Recipient Rewriting ###
##########################################
-S2
+Srecipient=2
')
define(`LOCAL_RULESETS',
`divert(9)
@@ -90,30 +161,65 @@ POPDIVERT`'dnl`'')
define(`MASQUERADE_AS', `define(`MASQUERADE_NAME', $1)')
define(`MASQUERADE_DOMAIN', `PUSHDIVERT(5)CM$1
POPDIVERT`'dnl`'')
+define(`MASQUERADE_EXCEPTION', `PUSHDIVERT(5)CN$1
+POPDIVERT`'dnl`'')
define(`MASQUERADE_DOMAIN_FILE', `PUSHDIVERT(5)FM$1
POPDIVERT`'dnl`'')
+define(`LOCAL_DOMAIN', `PUSHDIVERT(5)Cw$1
+POPDIVERT`'dnl`'')
+define(`CANONIFY_DOMAIN', `PUSHDIVERT(5)C{Canonify}$1
+POPDIVERT`'dnl`'')
+define(`CANONIFY_DOMAIN_FILE', `PUSHDIVERT(5)F{Canonify}$1
+POPDIVERT`'dnl`'')
define(`GENERICS_DOMAIN', `PUSHDIVERT(5)CG$1
POPDIVERT`'dnl`'')
define(`GENERICS_DOMAIN_FILE', `PUSHDIVERT(5)FG$1
POPDIVERT`'dnl`'')
+define(`LDAPROUTE_DOMAIN', `PUSHDIVERT(5)C{LDAPRoute}$1
+POPDIVERT`'dnl`'')
+define(`LDAPROUTE_DOMAIN_FILE', `PUSHDIVERT(5)F{LDAPRoute}$1
+POPDIVERT`'dnl`'')
+define(`VIRTUSER_DOMAIN', `PUSHDIVERT(5)C{VirtHost}$1
+define(`_VIRTHOSTS_')
+POPDIVERT`'dnl`'')
+define(`VIRTUSER_DOMAIN_FILE', `PUSHDIVERT(5)F{VirtHost}$1
+define(`_VIRTHOSTS_')
+POPDIVERT`'dnl`'')
define(`RELAY_DOMAIN', `PUSHDIVERT(5)CR$1
POPDIVERT`'dnl`'')
define(`RELAY_DOMAIN_FILE', `PUSHDIVERT(5)FR$1
POPDIVERT`'dnl`'')
+define(`TRUST_AUTH_MECH', `PUSHDIVERT(5)C{TrustAuthMech}$1
+POPDIVERT`'dnl`'')
define(`_OPTINS', `ifdef(`$1', `$2$1$3')')
+
m4wrap(`include(_CF_DIR_`m4/proto.m4')')
+# default location for files
+ifdef(`MAIL_SETTINGS_DIR', , `define(`MAIL_SETTINGS_DIR', `/etc/mail/')')
+
+# set our default hashed database type
+define(`DATABASE_MAP_TYPE', `hash')
+
# set up default values for options
-define(`ALIAS_FILE', ifdef(`_USE_ETC_MAIL_', `/etc/mail/aliases', `/etc/aliases'))
+define(`ALIAS_FILE', `MAIL_SETTINGS_DIR`'aliases')
define(`confMAILER_NAME', ``MAILER-DAEMON'')
-define(`confFROM_LINE', `From $g $d')
+define(`confFROM_LINE', `From $g $d')
define(`confOPERATORS', `.:%@!^/[]+')
define(`confSMTP_LOGIN_MSG', `$j Sendmail $v/$Z; $b')
-define(`confRECEIVED_HEADER', `$?sfrom $s $.$?_($?s$|from $.$_)
- $.by $j ($v/$Z)$?r with $r$. id $i$?u
- for $u; $|;
+define(`_REC_AUTH_', `$.$?{auth_type}(authenticated')
+define(`_REC_FULL_AUTH_', `$.$?{auth_type}(authenticated as ${auth_authen} $?{auth_author}for ${auth_author} $.with ${auth_type}')
+define(`_REC_HDR_', `$?sfrom $s $.$?_($?s$|from $.$_)')
+define(`_REC_END_', `for $u; $|;
$.$b')
+define(`_REC_TLS_', `(using ${tls_version} with cipher ${cipher} (${cipher_bits} bits) verified ${verify})$.$?u')
+define(`_REC_BY_', `$.by $j ($v/$Z)$?r with $r$. id $i$?{tls_version}')
+define(`confRECEIVED_HEADER', `_REC_HDR_
+ _REC_AUTH_$?{auth_ssf} (${auth_ssf} bits)$.)
+ _REC_BY_
+ _REC_TLS_
+ _REC_END_')
define(`confSEVEN_BIT_INPUT', `False')
define(`confEIGHT_BIT_HANDLING', `pass8')
define(`confALIAS_WAIT', `10')
@@ -133,10 +239,15 @@ define(`confSAFE_QUEUE', `True')
define(`confTO_QUEUERETURN', `5d')
define(`confTO_QUEUEWARN', `4h')
define(`confTIME_ZONE', `USE_SYSTEM')
-define(`confCW_FILE', ifdef(`_USE_ETC_MAIL_', `/etc/mail/local-host-names', `/etc/sendmail.cw'))
+define(`confCW_FILE', `MAIL_SETTINGS_DIR`'local-host-names')
define(`confMIME_FORMAT_ERRORS', `True')
define(`confFORWARD_PATH', `$z/.forward.$w:$z/.forward')
-define(`confCR_FILE', `-o /etc/mail/relay-domains')
+define(`confCR_FILE', `-o MAIL_SETTINGS_DIR`'relay-domains')
+define(`confMILTER_MACROS_CONNECT', ``j, _, {daemon_name}, {if_name}, {if_addr}'')
+define(`confMILTER_MACROS_HELO', ``{tls_version}, {cipher}, {cipher_bits}, {cert_subject}, {cert_issuer}'')
+define(`confMILTER_MACROS_ENVFROM', ``i, {auth_type}, {auth_authen}, {auth_ssf}, {auth_author}, {mail_mailer}, {mail_host}, {mail_addr}'')
+define(`confMILTER_MACROS_ENVRCPT', ``{rcpt_mailer}, {rcpt_host}, {rcpt_addr}'')
+
divert(0)dnl
-VERSIONID(`@(#)cfhead.m4 8.23 (Berkeley) 10/6/1998')
+VERSIONID(`$Id: cfhead.m4,v 8.76.4.9 2000/07/11 23:50:30 geir Exp $')
diff --git a/contrib/sendmail/cf/m4/proto.m4 b/contrib/sendmail/cf/m4/proto.m4
index 863b42cfe1ec..04c1197e0a73 100644
--- a/contrib/sendmail/cf/m4/proto.m4
+++ b/contrib/sendmail/cf/m4/proto.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,17 +13,18 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)proto.m4 8.243 (Berkeley) 2/2/1999')
+VERSIONID(`$Id: proto.m4,v 8.446.2.5.2.12 2000/07/19 21:41:19 gshapiro Exp $')
MAILER(local)dnl
-# level 8 config file format
-V8/ifdef(`VENDOR_NAME', `VENDOR_NAME', `Berkeley')
+# level CF_LEVEL config file format
+V`'CF_LEVEL/ifdef(`VENDOR_NAME', `VENDOR_NAME', `Berkeley')
divert(-1)
# do some sanity checking
ifdef(`__OSTYPE__',,
- `errprint(`*** ERROR: No system type defined (use OSTYPE macro)')')
+ `errprint(`*** ERROR: No system type defined (use OSTYPE macro)
+')')
# pick our default mailers
ifdef(`confSMTP_MAILER',, `define(`confSMTP_MAILER', `esmtp')')
@@ -37,16 +39,15 @@ define(`_LOCAL_', `confLOCAL_MAILER')dnl for readability only
define(`_RELAY_', `confRELAY_MAILER')dnl for readability only
define(`_UUCP_', `confUUCP_MAILER')dnl for readability only
-# set our default hashed database type
-ifdef(`DATABASE_MAP_TYPE',, `define(`DATABASE_MAP_TYPE', `hash')')
-
# back compatibility with old config files
ifdef(`confDEF_GROUP_ID',
- `errprint(`*** confDEF_GROUP_ID is obsolete.')
- errprint(` Use confDEF_USER_ID with a colon in the value instead.')')
+`errprint(`*** confDEF_GROUP_ID is obsolete.
+ Use confDEF_USER_ID with a colon in the value instead.
+')')
ifdef(`confREAD_TIMEOUT',
- `errprint(`*** confREAD_TIMEOUT is obsolete.')
- errprint(` Use individual confTO_<timeout> parameters instead.')')
+`errprint(`*** confREAD_TIMEOUT is obsolete.
+ Use individual confTO_<timeout> parameters instead.
+')')
ifdef(`confMESSAGE_TIMEOUT',
`define(`_ARG_', index(confMESSAGE_TIMEOUT, /))
ifelse(_ARG_, -1,
@@ -56,17 +57,36 @@ ifdef(`confMESSAGE_TIMEOUT',
define(`confTO_QUEUEWARN',
substr(confMESSAGE_TIMEOUT, eval(_ARG_+1)))')')
ifdef(`confMIN_FREE_BLOCKS', `ifelse(index(confMIN_FREE_BLOCKS, /), -1,,
- `errprint(`*** compound confMIN_FREE_BLOCKS is obsolete.')
- errprint(` Use confMAX_MESSAGE_SIZE for the second part of the value.')')')
+`errprint(`*** compound confMIN_FREE_BLOCKS is obsolete.
+ Use confMAX_MESSAGE_SIZE for the second part of the value.
+')')')
+
+
+# Sanity check on ldap_routing feature
+# If the user doesn't specify a new map, they better have given as a
+# default LDAP specification which has the LDAP base (and most likely the host)
+ifdef(`confLDAP_DEFAULT_SPEC',, `ifdef(`_LDAP_ROUTING_WARN_', `errprint(`
+WARNING: Using default FEATURE(ldap_routing) map definition(s)
+without setting confLDAP_DEFAULT_SPEC option.
+')')')dnl
# clean option definitions below....
-define(`_OPTION', `ifdef(`$2', `O $1=$2', `#O $1`'ifelse($3, `',, `=$3')')')dnl
+define(`_OPTION', `ifdef(`$2', `O $1`'ifelse(defn(`$2'), `',, `=$2')', `#O $1`'ifelse(`$3', `',,`=$3')')')dnl
+dnl required to "rename" the check_* rulesets...
+define(`_U_',ifdef(`_DELAY_CHECKS_',`',`_'))
+dnl default relaying denied message
+ifdef(`confRELAY_MSG', `', `define(`confRELAY_MSG', `"550 Relaying denied"')')
divert(0)dnl
-# override file safeties - setting this option compromises system security
-# need to set this now for the sake of class files
-_OPTION(DontBlameSendmail, `confDONT_BLAME_SENDMAIL', safe)
+# override file safeties - setting this option compromises system security,
+# addressing the actual file configuration problem is preferred
+# need to set this before any file actions are encountered in the cf file
+_OPTION(DontBlameSendmail, `confDONT_BLAME_SENDMAIL', `safe')
+
+# default LDAP map specification
+# need to set this now before any LDAP maps are defined
+_OPTION(LDAPDefaultSpec, `confLDAP_DEFAULT_SPEC', `-h localhost')
##################
# local info #
@@ -82,8 +102,6 @@ Fw`'confCW_FILE',
# ... `define' this only if sendmail cannot automatically determine your domain
ifdef(`confDOMAIN_NAME', `Dj`'confDOMAIN_NAME', `#Dj$w.Foo.COM')
-ifdef(`_NULL_CLIENT_ONLY_', `divert(-1)')dnl
-
CP.
ifdef(`UUCP_RELAY',
@@ -129,44 +147,13 @@ C..
# a class with just a left bracket (for identifying domain literals)
C[[
-ifdef(`MAILER_TABLE', `dnl
-# Mailer table (overriding domains)
-Kmailertable MAILER_TABLE',
-`dnl')
-
-ifdef(`DOMAIN_TABLE', `dnl
-# Domain table (adding domains)
-Kdomaintable DOMAIN_TABLE',
-`dnl')
-
-ifdef(`GENERICS_TABLE', `dnl
-# Generics table (mapping outgoing addresses)
-Kgenerics GENERICS_TABLE',
-`dnl')
-
-ifdef(`UUDOMAIN_TABLE', `dnl
-# UUCP domain table
-Kuudomain UUDOMAIN_TABLE',
-`dnl')
-
-ifdef(`BITDOMAIN_TABLE', `dnl
-# BITNET mapping table
-Kbitdomain BITDOMAIN_TABLE',
-`dnl')
-
-ifdef(`VIRTUSER_TABLE', `dnl
-# Virtual user table (maps incoming users)
-Kvirtuser VIRTUSER_TABLE',
-`dnl')
-
-ifdef(`ACCESS_TABLE', `dnl
-# Access list database (for spam stomping)
-Kaccess ACCESS_TABLE',
-`dnl')
-
-ifdef(`_RELAY_MX_SERVED_', `dnl
-# MX map (to allow relaying to hosts that we MX for)
-Kmxserved bestmx -z: -T<TEMP>',
+ifdef(`_ACCESS_TABLE_', `dnl
+# access_db acceptance class
+C{Accept}OK RELAY
+ifdef(`_DELAY_CHECKS_',`dnl
+ifdef(`_BLACKLIST_RCPT_',`dnl
+# possible access_db RHS for spam friends/haters
+C{SpamTag}SPAMFRIEND SPAMHATER')')',
`dnl')
ifdef(`_ACCEPT_UNRESOLVABLE_DOMAINS_',`dnl',`dnl
@@ -178,6 +165,24 @@ ifdef(`confCR_FILE', `dnl
FR`'confCR_FILE',
`dnl')
+define(`TLS_SRV_TAG', `TLS_Srv')dnl
+define(`TLS_CLT_TAG', `TLS_Clt')dnl
+define(`TLS_TRY_TAG', `Try_TLS')dnl
+define(`TLS_OFF_TAG', `Offer_TLS')dnl
+dnl this may be useful in other contexts too
+ifdef(`_ARITH_MAP_', `', `# arithmetic map
+define(`_ARITH_MAP_', `1')dnl
+Karith arith')
+ifdef(`_ACCESS_TABLE_', `dnl
+# possible values for tls_connect in access map
+C{tls}VERIFY ENCR', `dnl')
+ifdef(`_CERT_REGEX_ISSUER_', `dnl
+# extract relevant part from cert issuer
+KCERTIssuer regex _CERT_REGEX_ISSUER_', `dnl')
+ifdef(`_CERT_REGEX_SUBJECT_', `dnl
+# extract relevant part from cert subject
+KCERTSubject regex _CERT_REGEX_SUBJECT_', `dnl')
+
# who I send unqualified names to (null means deliver locally)
DR`'ifdef(`LOCAL_RELAY', LOCAL_RELAY)
@@ -189,12 +194,12 @@ Kdequote dequote
divert(0)dnl # end of nullclient diversion
# class E: names that should be exposed as from this host, even if we masquerade
-ifdef(`_NULL_CLIENT_ONLY_', `#',
-`# class L: names that should be delivered locally, even if we have a relay
+# class L: names that should be delivered locally, even if we have a relay
# class M: domains that should be converted to $M
+# class N: domains that should not be converted to $M
#CL root
-')CE root
undivert(5)dnl
+ifdef(`_VIRTHOSTS_', `CR$={VirtHost}', `dnl')
# who I masquerade as (null for no masquerading) (see also $=M)
DM`'ifdef(`MASQUERADE_NAME', MASQUERADE_NAME)
@@ -202,7 +207,7 @@ DM`'ifdef(`MASQUERADE_NAME', MASQUERADE_NAME)
# my name for error messages
ifdef(`confMAILER_NAME', `Dn`'confMAILER_NAME', `#DnMAILER-DAEMON')
-undivert(6)dnl
+undivert(6)dnl LOCAL_CONFIG
include(_CF_DIR_`m4/version.m4')
###############
@@ -210,148 +215,164 @@ include(_CF_DIR_`m4/version.m4')
###############
# strip message body to 7 bits on input?
-_OPTION(SevenBitInput, `confSEVEN_BIT_INPUT')
+_OPTION(SevenBitInput, `confSEVEN_BIT_INPUT', `False')
# 8-bit data handling
-_OPTION(EightBitMode, `confEIGHT_BIT_HANDLING', adaptive)
+_OPTION(EightBitMode, `confEIGHT_BIT_HANDLING', `adaptive')
-ifdef(`_NULL_CLIENT_ONLY_', `dnl', `
# wait for alias file rebuild (default units: minutes)
-_OPTION(AliasWait, `confALIAS_WAIT', 5m)
+_OPTION(AliasWait, `confALIAS_WAIT', `5m')
# location of alias file
-_OPTION(AliasFile, `ALIAS_FILE', ifdef(`_USE_ETC_MAIL_', /etc/mail/aliases, /etc/aliases))
-')
+_OPTION(AliasFile, `ALIAS_FILE', `MAIL_SETTINGS_DIR`'aliases')
+
# minimum number of free blocks on filesystem
-_OPTION(MinFreeBlocks, `confMIN_FREE_BLOCKS', 100)
+_OPTION(MinFreeBlocks, `confMIN_FREE_BLOCKS', `100')
# maximum message size
-_OPTION(MaxMessageSize, `confMAX_MESSAGE_SIZE', 1000000)
+_OPTION(MaxMessageSize, `confMAX_MESSAGE_SIZE', `1000000')
# substitution for space (blank) characters
-_OPTION(BlankSub, `confBLANK_SUB', _)
+_OPTION(BlankSub, `confBLANK_SUB', `_')
# avoid connecting to "expensive" mailers on initial submission?
-_OPTION(HoldExpensive, `confCON_EXPENSIVE')
+_OPTION(HoldExpensive, `confCON_EXPENSIVE', `False')
# checkpoint queue runs after every N successful deliveries
-_OPTION(CheckpointInterval, `confCHECKPOINT_INTERVAL', 10)
+_OPTION(CheckpointInterval, `confCHECKPOINT_INTERVAL', `10')
# default delivery mode
-_OPTION(DeliveryMode, `confDELIVERY_MODE', background)
+_OPTION(DeliveryMode, `confDELIVERY_MODE', `background')
# automatically rebuild the alias database?
-_OPTION(AutoRebuildAliases, `confAUTO_REBUILD')
+# NOTE: There is a potential for a denial of service attack if this is set.
+# This option is deprecated and will be removed from a future version.
+_OPTION(AutoRebuildAliases, `confAUTO_REBUILD', `False')
# error message header/file
-_OPTION(ErrorHeader, `confERROR_MESSAGE', ifdef(`_USE_ETC_MAIL_', /etc/mail/error-header, /etc/sendmail.oE))
+_OPTION(ErrorHeader, `confERROR_MESSAGE', `MAIL_SETTINGS_DIR`'error-header')
# error mode
-_OPTION(ErrorMode, `confERROR_MODE', print)
+_OPTION(ErrorMode, `confERROR_MODE', `print')
# save Unix-style "From_" lines at top of header?
-_OPTION(SaveFromLine, `confSAVE_FROM_LINES')
+_OPTION(SaveFromLine, `confSAVE_FROM_LINES', `False')
# temporary file mode
-_OPTION(TempFileMode, `confTEMP_FILE_MODE', 0600)
+_OPTION(TempFileMode, `confTEMP_FILE_MODE', `0600')
# match recipients against GECOS field?
-_OPTION(MatchGECOS, `confMATCH_GECOS')
+_OPTION(MatchGECOS, `confMATCH_GECOS', `False')
# maximum hop count
-_OPTION(MaxHopCount, `confMAX_HOP', 17)
+_OPTION(MaxHopCount, `confMAX_HOP', `17')
# location of help file
-O HelpFile=ifdef(`HELP_FILE', HELP_FILE, ifdef(`_USE_ETC_MAIL_', /etc/mail/helpfile, /usr/lib/sendmail.hf))
+O HelpFile=ifdef(`HELP_FILE', HELP_FILE, `MAIL_SETTINGS_DIR`'helpfile')
# ignore dots as terminators in incoming messages?
-_OPTION(IgnoreDots, `confIGNORE_DOTS')
+_OPTION(IgnoreDots, `confIGNORE_DOTS', `False')
# name resolver options
-_OPTION(ResolverOptions, `confBIND_OPTS', +AAONLY)
+_OPTION(ResolverOptions, `confBIND_OPTS', `+AAONLY')
# deliver MIME-encapsulated error messages?
-_OPTION(SendMimeErrors, `confMIME_FORMAT_ERRORS')
+_OPTION(SendMimeErrors, `confMIME_FORMAT_ERRORS', `True')
# Forward file search path
-_OPTION(ForwardPath, `confFORWARD_PATH', /var/forward/$u:$z/.forward.$w:$z/.forward)
+_OPTION(ForwardPath, `confFORWARD_PATH', `/var/forward/$u:$z/.forward.$w:$z/.forward')
# open connection cache size
-_OPTION(ConnectionCacheSize, `confMCI_CACHE_SIZE', 2)
+_OPTION(ConnectionCacheSize, `confMCI_CACHE_SIZE', `2')
# open connection cache timeout
-_OPTION(ConnectionCacheTimeout, `confMCI_CACHE_TIMEOUT', 5m)
+_OPTION(ConnectionCacheTimeout, `confMCI_CACHE_TIMEOUT', `5m')
# persistent host status directory
-_OPTION(HostStatusDirectory, `confHOST_STATUS_DIRECTORY', .hoststat)
+_OPTION(HostStatusDirectory, `confHOST_STATUS_DIRECTORY', `.hoststat')
# single thread deliveries (requires HostStatusDirectory)?
-_OPTION(SingleThreadDelivery, `confSINGLE_THREAD_DELIVERY')
+_OPTION(SingleThreadDelivery, `confSINGLE_THREAD_DELIVERY', `False')
# use Errors-To: header?
-_OPTION(UseErrorsTo, `confUSE_ERRORS_TO')
+_OPTION(UseErrorsTo, `confUSE_ERRORS_TO', `False')
# log level
-_OPTION(LogLevel, `confLOG_LEVEL', 10)
+_OPTION(LogLevel, `confLOG_LEVEL', `10')
# send to me too, even in an alias expansion?
-_OPTION(MeToo, `confME_TOO')
+_OPTION(MeToo, `confME_TOO', `True')
# verify RHS in newaliases?
-_OPTION(CheckAliases, `confCHECK_ALIASES')
+_OPTION(CheckAliases, `confCHECK_ALIASES', `False')
# default messages to old style headers if no special punctuation?
-_OPTION(OldStyleHeaders, `confOLD_STYLE_HEADERS')
+_OPTION(OldStyleHeaders, `confOLD_STYLE_HEADERS', `False')
# SMTP daemon options
-_OPTION(DaemonPortOptions, `confDAEMON_OPTIONS', Port=esmtp)
+ifelse(defn(`confDAEMON_OPTIONS'), `', `dnl',
+`errprint(WARNING: `confDAEMON_OPTIONS' is no longer valid. See cf/README for more information.
+)'dnl
+`DAEMON_OPTIONS(`confDAEMON_OPTIONS')')
+ifelse(defn(`_DPO_'), `', `O DaemonPortOptions=Name=MTA', `_DPO_')
+ifdef(`_NO_MSA_', `dnl', `O DaemonPortOptions=Port=587, Name=MSA, M=E')
+
+# SMTP client options
+_OPTION(ClientPortOptions, `confCLIENT_OPTIONS', `Address=0.0.0.0')
# privacy flags
-_OPTION(PrivacyOptions, `confPRIVACY_FLAGS', authwarnings)
+_OPTION(PrivacyOptions, `confPRIVACY_FLAGS', `authwarnings')
# who (if anyone) should get extra copies of error messages
-_OPTION(PostMasterCopy, `confCOPY_ERRORS_TO', Postmaster)
+_OPTION(PostmasterCopy, `confCOPY_ERRORS_TO', `Postmaster')
# slope of queue-only function
-_OPTION(QueueFactor, `confQUEUE_FACTOR', 600000)
+_OPTION(QueueFactor, `confQUEUE_FACTOR', `600000')
# queue directory
-O QueueDirectory=ifdef(`QUEUE_DIR', QUEUE_DIR, /var/spool/mqueue)
+O QueueDirectory=ifdef(`QUEUE_DIR', QUEUE_DIR, `/var/spool/mqueue')
# timeouts (many of these)
-_OPTION(Timeout.initial, `confTO_INITIAL', 5m)
-_OPTION(Timeout.connect, `confTO_CONNECT', 5m)
-_OPTION(Timeout.iconnect, `confTO_ICONNECT', 5m)
-_OPTION(Timeout.helo, `confTO_HELO', 5m)
-_OPTION(Timeout.mail, `confTO_MAIL', 10m)
-_OPTION(Timeout.rcpt, `confTO_RCPT', 1h)
-_OPTION(Timeout.datainit, `confTO_DATAINIT', 5m)
-_OPTION(Timeout.datablock, `confTO_DATABLOCK', 1h)
-_OPTION(Timeout.datafinal, `confTO_DATAFINAL', 1h)
-_OPTION(Timeout.rset, `confTO_RSET', 5m)
-_OPTION(Timeout.quit, `confTO_QUIT', 2m)
-_OPTION(Timeout.misc, `confTO_MISC', 2m)
-_OPTION(Timeout.command, `confTO_COMMAND', 1h)
-_OPTION(Timeout.ident, `confTO_IDENT', 30s)
-_OPTION(Timeout.fileopen, `confTO_FILEOPEN', 60s)
-_OPTION(Timeout.queuereturn, `confTO_QUEUERETURN', 5d)
-_OPTION(Timeout.queuereturn.normal, `confTO_QUEUERETURN_NORMAL', 5d)
-_OPTION(Timeout.queuereturn.urgent, `confTO_QUEUERETURN_URGENT', 2d)
-_OPTION(Timeout.queuereturn.non-urgent, `confTO_QUEUERETURN_NONURGENT', 7d)
-_OPTION(Timeout.queuewarn, `confTO_QUEUEWARN', 4h)
-_OPTION(Timeout.queuewarn.normal, `confTO_QUEUEWARN_NORMAL', 4h)
-_OPTION(Timeout.queuewarn.urgent, `confTO_QUEUEWARN_URGENT', 1h)
-_OPTION(Timeout.queuewarn.non-urgent, `confTO_QUEUEWARN_NONURGENT', 12h)
-_OPTION(Timeout.hoststatus, `confTO_HOSTSTATUS', 30m)
+_OPTION(Timeout.initial, `confTO_INITIAL', `5m')
+_OPTION(Timeout.connect, `confTO_CONNECT', `5m')
+_OPTION(Timeout.iconnect, `confTO_ICONNECT', `5m')
+_OPTION(Timeout.helo, `confTO_HELO', `5m')
+_OPTION(Timeout.mail, `confTO_MAIL', `10m')
+_OPTION(Timeout.rcpt, `confTO_RCPT', `1h')
+_OPTION(Timeout.datainit, `confTO_DATAINIT', `5m')
+_OPTION(Timeout.datablock, `confTO_DATABLOCK', `1h')
+_OPTION(Timeout.datafinal, `confTO_DATAFINAL', `1h')
+_OPTION(Timeout.rset, `confTO_RSET', `5m')
+_OPTION(Timeout.quit, `confTO_QUIT', `2m')
+_OPTION(Timeout.misc, `confTO_MISC', `2m')
+_OPTION(Timeout.command, `confTO_COMMAND', `1h')
+_OPTION(Timeout.ident, `confTO_IDENT', `5s')
+_OPTION(Timeout.fileopen, `confTO_FILEOPEN', `60s')
+_OPTION(Timeout.control, `confTO_CONTROL', `2m')
+_OPTION(Timeout.queuereturn, `confTO_QUEUERETURN', `5d')
+_OPTION(Timeout.queuereturn.normal, `confTO_QUEUERETURN_NORMAL', `5d')
+_OPTION(Timeout.queuereturn.urgent, `confTO_QUEUERETURN_URGENT', `2d')
+_OPTION(Timeout.queuereturn.non-urgent, `confTO_QUEUERETURN_NONURGENT', `7d')
+_OPTION(Timeout.queuewarn, `confTO_QUEUEWARN', `4h')
+_OPTION(Timeout.queuewarn.normal, `confTO_QUEUEWARN_NORMAL', `4h')
+_OPTION(Timeout.queuewarn.urgent, `confTO_QUEUEWARN_URGENT', `1h')
+_OPTION(Timeout.queuewarn.non-urgent, `confTO_QUEUEWARN_NONURGENT', `12h')
+_OPTION(Timeout.hoststatus, `confTO_HOSTSTATUS', `30m')
+_OPTION(Timeout.resolver.retrans, `confTO_RESOLVER_RETRANS', `5s')
+_OPTION(Timeout.resolver.retrans.first, `confTO_RESOLVER_RETRANS_FIRST', `5s')
+_OPTION(Timeout.resolver.retrans.normal, `confTO_RESOLVER_RETRANS_NORMAL', `5s')
+_OPTION(Timeout.resolver.retry, `confTO_RESOLVER_RETRY', `4')
+_OPTION(Timeout.resolver.retry.first, `confTO_RESOLVER_RETRY_FIRST', `4')
+_OPTION(Timeout.resolver.retry.normal, `confTO_RESOLVER_RETRY_NORMAL', `4')
# should we not prune routes in route-addr syntax addresses?
-_OPTION(DontPruneRoutes, `confDONT_PRUNE_ROUTES')
+_OPTION(DontPruneRoutes, `confDONT_PRUNE_ROUTES', `False')
# queue up everything before forking?
-_OPTION(SuperSafe, `confSAFE_QUEUE')
+_OPTION(SuperSafe, `confSAFE_QUEUE', `True')
# status file
-O StatusFile=ifdef(`STATUS_FILE', `STATUS_FILE', ifdef(`_USE_ETC_MAIL_', /etc/mail/statistics, /etc/sendmail.st))
+O StatusFile=ifdef(`STATUS_FILE', `STATUS_FILE', `MAIL_SETTINGS_DIR`'statistics')
# time zone handling:
# if undefined, use system default
@@ -362,125 +383,185 @@ ifelse(confTIME_ZONE, `USE_SYSTEM', `#O TimeZoneSpec=',
`O TimeZoneSpec=confTIME_ZONE')
# default UID (can be username or userid:groupid)
-_OPTION(DefaultUser, `confDEF_USER_ID', mailnull)
+_OPTION(DefaultUser, `confDEF_USER_ID', `mailnull')
# list of locations of user database file (null means no lookup)
-_OPTION(UserDatabaseSpec, `confUSERDB_SPEC', ifdef(`_USE_ETC_MAIL_', /etc/mail/userdb, /etc/userdb))
+_OPTION(UserDatabaseSpec, `confUSERDB_SPEC', `MAIL_SETTINGS_DIR`'userdb')
# fallback MX host
-_OPTION(FallbackMXhost, `confFALLBACK_MX', fall.back.host.net)
+_OPTION(FallbackMXhost, `confFALLBACK_MX', `fall.back.host.net')
# if we are the best MX host for a site, try it directly instead of config err
-_OPTION(TryNullMXList, `confTRY_NULL_MX_LIST')
+_OPTION(TryNullMXList, `confTRY_NULL_MX_LIST', `False')
# load average at which we just queue messages
-_OPTION(QueueLA, `confQUEUE_LA', 8)
+_OPTION(QueueLA, `confQUEUE_LA', `8')
# load average at which we refuse connections
-_OPTION(RefuseLA, `confREFUSE_LA', 12)
+_OPTION(RefuseLA, `confREFUSE_LA', `12')
# maximum number of children we allow at one time
-_OPTION(MaxDaemonChildren, `confMAX_DAEMON_CHILDREN', 12)
+_OPTION(MaxDaemonChildren, `confMAX_DAEMON_CHILDREN', `12')
# maximum number of new connections per second
-_OPTION(ConnectionRateThrottle, `confCONNECTION_RATE_THROTTLE', 3)
+_OPTION(ConnectionRateThrottle, `confCONNECTION_RATE_THROTTLE', `3')
# work recipient factor
-_OPTION(RecipientFactor, `confWORK_RECIPIENT_FACTOR', 30000)
+_OPTION(RecipientFactor, `confWORK_RECIPIENT_FACTOR', `30000')
# deliver each queued job in a separate process?
-_OPTION(ForkEachJob, `confSEPARATE_PROC')
+_OPTION(ForkEachJob, `confSEPARATE_PROC', `False')
# work class factor
-_OPTION(ClassFactor, `confWORK_CLASS_FACTOR', 1800)
+_OPTION(ClassFactor, `confWORK_CLASS_FACTOR', `1800')
# work time factor
-_OPTION(RetryFactor, `confWORK_TIME_FACTOR', 90000)
+_OPTION(RetryFactor, `confWORK_TIME_FACTOR', `90000')
# shall we sort the queue by hostname first?
-_OPTION(QueueSortOrder, `confQUEUE_SORT_ORDER', priority)
+_OPTION(QueueSortOrder, `confQUEUE_SORT_ORDER', `priority')
# minimum time in queue before retry
-_OPTION(MinQueueAge, `confMIN_QUEUE_AGE', 30m)
+_OPTION(MinQueueAge, `confMIN_QUEUE_AGE', `30m')
# default character set
-_OPTION(DefaultCharSet, `confDEF_CHAR_SET', iso-8859-1)
+_OPTION(DefaultCharSet, `confDEF_CHAR_SET', `iso-8859-1')
# service switch file (ignored on Solaris, Ultrix, OSF/1, others)
-_OPTION(ServiceSwitchFile, `confSERVICE_SWITCH_FILE', ifdef(`_USE_ETC_MAIL_', /etc/mail/service.switch, /etc/service.switch))
+_OPTION(ServiceSwitchFile, `confSERVICE_SWITCH_FILE', `MAIL_SETTINGS_DIR`'service.switch')
# hosts file (normally /etc/hosts)
-_OPTION(HostsFile, `confHOSTS_FILE', /etc/hosts)
+_OPTION(HostsFile, `confHOSTS_FILE', `/etc/hosts')
# dialup line delay on connection failure
-_OPTION(DialDelay, `confDIAL_DELAY', 10s)
+_OPTION(DialDelay, `confDIAL_DELAY', `10s')
# action to take if there are no recipients in the message
-_OPTION(NoRecipientAction, `confNO_RCPT_ACTION', add-to-undisclosed)
+_OPTION(NoRecipientAction, `confNO_RCPT_ACTION', `add-to-undisclosed')
# chrooted environment for writing to files
-_OPTION(SafeFileEnvironment, `confSAFE_FILE_ENV', /arch)
+_OPTION(SafeFileEnvironment, `confSAFE_FILE_ENV', `/arch')
# are colons OK in addresses?
-_OPTION(ColonOkInAddr, `confCOLON_OK_IN_ADDR')
+_OPTION(ColonOkInAddr, `confCOLON_OK_IN_ADDR', `True')
# how many jobs can you process in the queue?
-_OPTION(MaxQueueRunSize, `confMAX_QUEUE_RUN_SIZE', 10000)
+_OPTION(MaxQueueRunSize, `confMAX_QUEUE_RUN_SIZE', `10000')
# shall I avoid expanding CNAMEs (violates protocols)?
-_OPTION(DontExpandCnames, `confDONT_EXPAND_CNAMES')
+_OPTION(DontExpandCnames, `confDONT_EXPAND_CNAMES', `False')
# SMTP initial login message (old $e macro)
-_OPTION(SmtpGreetingMessage, `confSMTP_LOGIN_MSG')
+_OPTION(SmtpGreetingMessage, `confSMTP_LOGIN_MSG', `$j Sendmail $v ready at $b')
# UNIX initial From header format (old $l macro)
-_OPTION(UnixFromLine, `confFROM_LINE')
+_OPTION(UnixFromLine, `confFROM_LINE', `From $g $d')
# From: lines that have embedded newlines are unwrapped onto one line
-_OPTION(SingleLineFromHeader, `confSINGLE_LINE_FROM_HEADER', False)
+_OPTION(SingleLineFromHeader, `confSINGLE_LINE_FROM_HEADER', `False')
# Allow HELO SMTP command that does not `include' a host name
-_OPTION(AllowBogusHELO, `confALLOW_BOGUS_HELO', False)
+_OPTION(AllowBogusHELO, `confALLOW_BOGUS_HELO', `False')
# Characters to be quoted in a full name phrase (@,;:\()[] are automatic)
-_OPTION(MustQuoteChars, `confMUST_QUOTE_CHARS', .)
+_OPTION(MustQuoteChars, `confMUST_QUOTE_CHARS', `.')
# delimiter (operator) characters (old $o macro)
-_OPTION(OperatorChars, `confOPERATORS')
+_OPTION(OperatorChars, `confOPERATORS', `.:@[]')
# shall I avoid calling initgroups(3) because of high NIS costs?
-_OPTION(DontInitGroups, `confDONT_INIT_GROUPS')
+_OPTION(DontInitGroups, `confDONT_INIT_GROUPS', `False')
# are group-writable `:include:' and .forward files (un)trustworthy?
-_OPTION(UnsafeGroupWrites, `confUNSAFE_GROUP_WRITES')
+_OPTION(UnsafeGroupWrites, `confUNSAFE_GROUP_WRITES', `True')
# where do errors that occur when sending errors get sent?
-_OPTION(DoubleBounceAddress, `confDOUBLE_BOUNCE_ADDRESS', postmaster)
+_OPTION(DoubleBounceAddress, `confDOUBLE_BOUNCE_ADDRESS', `postmaster')
+
+# where to save bounces if all else fails
+_OPTION(DeadLetterDrop, `confDEAD_LETTER_DROP', `/var/tmp/dead.letter')
# what user id do we assume for the majority of the processing?
-_OPTION(RunAsUser, `confRUN_AS_USER', sendmail)
+_OPTION(RunAsUser, `confRUN_AS_USER', `sendmail')
# maximum number of recipients per SMTP envelope
-_OPTION(MaxRecipientsPerMessage, `confMAX_RCPTS_PER_MESSAGE', 100)
+_OPTION(MaxRecipientsPerMessage, `confMAX_RCPTS_PER_MESSAGE', `100')
# shall we get local names from our installed interfaces?
-_OPTION(DontProbeInterfaces, `confDONT_PROBE_INTERFACES')
+_OPTION(DontProbeInterfaces, `confDONT_PROBE_INTERFACES', `False')
-ifdef(`confTRUSTED_USER',
-`# Trusted user for file ownership and starting the daemon
-O TrustedUser=confTRUSTED_USER
-')
-ifdef(`confCONTROL_SOCKET_NAME',
-`# Control socket for daemon management
-O ControlSocketName=confCONTROL_SOCKET_NAME
-')
-ifdef(`confMAX_MIME_HEADER_LENGTH',
-`# Maximum MIME header length to protect MUAs
-O MaxMimeHeaderLength=confMAX_MIME_HEADER_LENGTH
-')
-ifdef(`confMAX_HEADERS_LENGTH',
-`# Maximum length of the sum of all headers
-O MaxHeadersLength=confMAX_HEADERS_LENGTH
+# Return-Receipt-To: header implies DSN request
+_OPTION(RrtImpliesDsn, `confRRT_IMPLIES_DSN', `False')
+
+# override connection address (for testing)
+_OPTION(ConnectOnlyTo, `confCONNECT_ONLY_TO', `0.0.0.0')
+
+# Trusted user for file ownership and starting the daemon
+_OPTION(TrustedUser, `confTRUSTED_USER', `root')
+
+# Control socket for daemon management
+_OPTION(ControlSocketName, `confCONTROL_SOCKET_NAME', `/var/spool/mqueue/.control')
+
+# Maximum MIME header length to protect MUAs
+_OPTION(MaxMimeHeaderLength, `confMAX_MIME_HEADER_LENGTH', `0/0')
+
+# Maximum length of the sum of all headers
+_OPTION(MaxHeadersLength, `confMAX_HEADERS_LENGTH', `32768')
+
+# Maximum depth of alias recursion
+_OPTION(MaxAliasRecursion, `confMAX_ALIAS_RECURSION', `10')
+
+# location of pid file
+_OPTION(PidFile, `confPID_FILE', `/var/run/sendmail.pid')
+
+# Prefix string for the process title shown on 'ps' listings
+_OPTION(ProcessTitlePrefix, `confPROCESS_TITLE_PREFIX', `prefix')
+
+# Data file (df) memory-buffer file maximum size
+_OPTION(DataFileBufferSize, `confDF_BUFFER_SIZE', `4096')
+
+# Transcript file (xf) memory-buffer file maximum size
+_OPTION(XscriptFileBufferSize, `confXF_BUFFER_SIZE', `4096')
+
+# list of authentication mechanisms
+_OPTION(AuthMechanisms, `confAUTH_MECHANISMS', `GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5')
+
+# default authentication information for outgoing connections
+_OPTION(DefaultAuthInfo, `confDEF_AUTH_INFO', `MAIL_SETTINGS_DIR`'default-auth-info')
+
+# SMTP AUTH flags
+_OPTION(AuthOptions, `confAUTH_OPTIONS', `')
+
+ifdef(`_FFR_MILTER', `
+# Input mail filters
+_OPTION(InputMailFilters, `confINPUT_MAIL_FILTERS', `')
+
+# Milter options
+_OPTION(Milter.macros.connect, `confMILTER_MACROS_CONNECT', `')
+_OPTION(Milter.macros.helo, `confMILTER_MACROS_HELO', `')
+_OPTION(Milter.macros.envfrom, `confMILTER_MACROS_ENVFROM', `')
+_OPTION(Milter.macros.envrcpt, `confMILTER_MACROS_ENVRCPT', `')')
+
+# CA directory
+_OPTION(CACERTPath, `confCACERT_PATH', `')
+# CA file
+_OPTION(CACERTFile, `confCACERT', `')
+# Server Cert
+_OPTION(ServerCertFile, `confSERVER_CERT', `')
+# Server private key
+_OPTION(ServerKeyFile, `confSERVER_KEY', `')
+# Client Cert
+_OPTION(ClientCertFile, `confCLIENT_CERT', `')
+# Client private key
+_OPTION(ClientKeyFile, `confCLIENT_KEY', `')
+# DHParameters (only required if DSA/DH is used)
+_OPTION(DHParameters, `confDH_PARAMETERS', `')
+# Random data source (required for systems without /dev/urandom under OpenSSL)
+_OPTION(RandFile, `confRAND_FILE', `')
+
+ifdef(`confQUEUE_FILE_MODE',
+`# queue file mode (qf files)
+O QueueFileMode=confQUEUE_FILE_MODE
')
###########################
@@ -498,7 +579,7 @@ Pjunk=-100
#####################
# this is equivalent to setting class "t"
-ifdef(`_USE_CT_FILE_', `', `#')Ft`'ifdef(`confCT_FILE', confCT_FILE, ifdef(`_USE_ETC_MAIL_', `/etc/mail/trusted-users', `/etc/sendmail.ct'))
+ifdef(`_USE_CT_FILE_', `', `#')Ft`'ifdef(`confCT_FILE', confCT_FILE, `MAIL_SETTINGS_DIR`'trusted-users')
Troot
Tdaemon
ifdef(`_NO_UUCP_', `dnl', `Tuucp')
@@ -520,9 +601,7 @@ H?x?Full-Name: $x
# H?l?Received-Date: $b
H?M?Resent-Message-Id: <$t.$i@$j>
H?M?Message-Id: <$t.$i@$j>
-ifdef(`_NULL_CLIENT_ONLY_',
- `include(_CF_DIR_`'m4/nullrelay.m4)m4exit',
- `dnl')
+
#
######################################################################
######################################################################
@@ -535,7 +614,7 @@ ifdef(`_NULL_CLIENT_ONLY_',
############################################
### Ruleset 3 -- Name Canonicalization ###
############################################
-S3
+Scanonify=3
# handle null input (translate to <@> special case)
R$@ $@ <@>
@@ -546,7 +625,7 @@ R$* < $* > $* <@> $: $1 < $2 > $3 unmark <addr>
R@ $* <@> $: @ $1 unmark @host:...
R$* :: $* <@> $: $1 :: $2 unmark node::addr
R:`include': $* <@> $: :`include': $1 unmark :`include':...
-R$* [ $* : $* ] <@> $: $1 [ $2 : $3 ] unmark IPv6 addrs
+R$* [ IPv6 $- ] <@> $: $1 [ IPv6 $2 ] unmark IPv6 addr
R$* : $* [ $* ] $: $1 : $2 [ $3 ] <@> remark if leading colon
R$* : $* <@> $: $2 strip colon if marked
R$* <@> $: $1 unmark
@@ -563,71 +642,84 @@ R< $* > $+ < $1 > strip excess on right
R<> $@ < @ > MAIL FROM:<> case
R< $+ > $: $1 remove housekeeping <>
+ifdef(`_USE_DEPRECATED_ROUTE_ADDR_',`dnl
# make sure <@a,@b,@c:user@d> syntax is easy to parse -- undone later
R@ $+ , $+ @ $1 : $2 change all "," to ":"
# localize and dispose of route-based addresses
-R@ $+ : $+ $@ $>96 < @$1 > : $2 handle <route-addr>
+R@ $+ : $+ $@ $>Canonify2 < @$1 > : $2 handle <route-addr>
+dnl',`dnl
+# strip route address <@a,@b,@c:user@d> -> <user@d>
+R@ $+ , $+ $2
+R@ $+ : $+ $2
+dnl')
# find focus for list syntax
-R $+ : $* ; @ $+ $@ $>96 $1 : $2 ; < @ $3 > list syntax
+R $+ : $* ; @ $+ $@ $>Canonify2 $1 : $2 ; < @ $3 > list syntax
R $+ : $* ; $@ $1 : $2; list syntax
# find focus for @ syntax addresses
R$+ @ $+ $: $1 < @ $2 > focus on domain
R$+ < $+ @ $+ > $1 $2 < @ $3 > move gaze right
-R$+ < @ $+ > $@ $>96 $1 < @ $2 > already canonical
+R$+ < @ $+ > $@ $>Canonify2 $1 < @ $2 > already canonical
# do some sanity checking
R$* < @ $* : $* > $* $1 < @ $2 $3 > $4 nix colons in addrs
ifdef(`_NO_UUCP_', `dnl',
`# convert old-style addresses to a domain-based address
-R$- ! $+ $@ $>96 $2 < @ $1 .UUCP > resolve uucp names
-R$+ . $- ! $+ $@ $>96 $3 < @ $1 . $2 > domain uucps
-R$+ ! $+ $@ $>96 $2 < @ $1 .UUCP > uucp subdomains
+R$- ! $+ $@ $>Canonify2 $2 < @ $1 .UUCP > resolve uucp names
+R$+ . $- ! $+ $@ $>Canonify2 $3 < @ $1 . $2 > domain uucps
+R$+ ! $+ $@ $>Canonify2 $2 < @ $1 .UUCP > uucp subdomains
')
ifdef(`_USE_DECNET_SYNTAX_',
`# convert node::user addresses into a domain-based address
-R$- :: $+ $@ $>96 $2 < @ $1 .DECNET > resolve DECnet names
-R$- . $- :: $+ $@ $>96 $3 < @ $1.$2 .DECNET > numeric DECnet addr
+R$- :: $+ $@ $>Canonify2 $2 < @ $1 .DECNET > resolve DECnet names
+R$- . $- :: $+ $@ $>Canonify2 $3 < @ $1.$2 .DECNET > numeric DECnet addr
',
`dnl')
# if we have % signs, take the rightmost one
R$* % $* $1 @ $2 First make them all @s.
R$* @ $* @ $* $1 % $2 @ $3 Undo all but the last.
-R$* @ $* $@ $>96 $1 < @ $2 > Insert < > and finish
+R$* @ $* $@ $>Canonify2 $1 < @ $2 > Insert < > and finish
# else we must be a local name
-R$* $@ $>96 $1
+R$* $@ $>Canonify2 $1
################################################
### Ruleset 96 -- bottom half of ruleset 3 ###
################################################
-S96
+SCanonify2=96
# handle special cases for local names
R$* < @ localhost > $* $: $1 < @ $j . > $2 no domain at all
R$* < @ localhost . $m > $* $: $1 < @ $j . > $2 local domain
ifdef(`_NO_UUCP_', `dnl',
`R$* < @ localhost . UUCP > $* $: $1 < @ $j . > $2 .UUCP domain')
+
+# check for IPv6 domain literal (save quoted form)
+R$* < @ [ IPv6 $- ] > $* $: $2 $| $1 < @@ [ $(dequote $2 $) ] > $3 mark IPv6 addr
+R$- $| $* < @@ $=w > $* $: $2 < @ $j . > $4 self-literal
+R$- $| $* < @@ [ $+ ] > $* $@ $2 < @ [ IPv6 $1 ] > $4 canon IP addr
+
+# check for IPv4 domain literal
R$* < @ [ $+ ] > $* $: $1 < @@ [ $2 ] > $3 mark [a.b.c.d]
R$* < @@ $=w > $* $: $1 < @ $j . > $3 self-literal
R$* < @@ $+ > $* $@ $1 < @ $2 > $3 canon IP addr
-ifdef(`DOMAIN_TABLE', `dnl
+ifdef(`_DOMAIN_TABLE_', `dnl
# look up domains in the domain table
R$* < @ $+ > $* $: $1 < @ $(domaintable $2 $) > $3', `dnl')
-undivert(2)dnl
+undivert(2)dnl LOCAL_RULE_3
-ifdef(`BITDOMAIN_TABLE', `dnl
+ifdef(`_BITDOMAIN_TABLE_', `dnl
# handle BITNET mapping
R$* < @ $+ .BITNET > $* $: $1 < @ $(bitdomain $2 $: $2.BITNET $) > $3', `dnl')
-ifdef(`UUDOMAIN_TABLE', `dnl
+ifdef(`_UUDOMAIN_TABLE_', `dnl
# handle UUCP mapping
R$* < @ $+ .UUCP > $* $: $1 < @ $(uudomain $2 $: $2.UUCP $) > $3', `dnl')
@@ -652,31 +744,69 @@ ifdef(`_NO_CANONIFY_', `dnl', `dnl
R$* < @ $+ . UUCP > $* $: $1 < @ $[ $2 $] . UUCP . > $3
R$* < @ $+ . . UUCP . > $* $@ $1 < @ $2 . > $3')
')')
-ifdef(`_NO_CANONIFY_', `dnl', `dnl
+# hostnames ending in class P are always canonical
+R$* < @ $* $=P > $* $: $1 < @ $2 $3 . > $4
+dnl apply the next rule only for hostnames not in class P
+dnl this even works for phrases in class P since . is in class P
+dnl which daemon flags are set?
+R$* < @ $* $~P > $* $: $&{daemon_flags} $| $1 < @ $2 $3 > $4
+dnl the other rules in this section only apply if the hostname
+dnl does not end in class P hence no further checks are done here
+dnl if this ever changes make sure the lookups are "protected" again!
+ifdef(`_NO_CANONIFY_', `dnl
+dnl do not canonify unless:
+dnl domain ends in class {Canonify} (this does not work if the intersection
+dnl with class P is non-empty)
+dnl or {daemon_flags} has c set
+# pass to name server to make hostname canonical if in class {Canonify}
+R$* $| $* < @ $* $={Canonify} > $* $: $2 < @ $[ $3 $4 $] > $5
+# pass to name server to make hostname canonical if requested
+R$* c $* $| $* < @ $* > $* $: $3 < @ $[ $4 $] > $5
+dnl trailing dot? -> do not apply _CANONIFY_HOSTS_
+R$* $| $* < @ $+ . > $* $: $2 < @ $3 . > $4
+# add a trailing dot to qualified hostnames so other rules will work
+R$* $| $* < @ $+.$+ > $* $: $2 < @ $3.$4 . > $5
+ifdef(`_CANONIFY_HOSTS_', `dnl
+dnl this should only apply to unqualified hostnames
+dnl but if a valid character inside an unqualified hostname is an OperatorChar
+dnl then $- does not work.
+# lookup unqualified hostnames
+R$* $| $* < @ $* > $* $: $2 < @ $[ $3 $] > $4', `dnl')', `dnl
+dnl _NO_CANONIFY_ is not set: canonify unless:
+dnl {daemon_flags} contains CC (do not canonify)
+R$* CC $* $| $* $: $3
# pass to name server to make hostname canonical
-R$* < @ $* $~P > $* $: $1 < @ $[ $2 $3 $] > $4')
+R$* $| $* < @ $* > $* $: $2 < @ $[ $3 $] > $4')
+dnl remove {daemon_flags} for other cases
+R$* $| $* $: $2
# local host aliases and pseudo-domains are always canonical
R$* < @ $=w > $* $: $1 < @ $2 . > $3
-R$* < @ $j > $* $: $1 < @ $j . > $2
ifdef(`_MASQUERADE_ENTIRE_DOMAIN_',
`R$* < @ $* $=M > $* $: $1 < @ $2 $3 . > $4',
`R$* < @ $=M > $* $: $1 < @ $2 . > $3')
-R$* < @ $* $=P > $* $: $1 < @ $2 $3 . > $4
+ifdef(`_VIRTUSER_TABLE_', `dnl
+dnl virtual hosts are also canonical
+ifdef(`_VIRTUSER_ENTIRE_DOMAIN_',
+`R$* < @ $* $={VirtHost} > $* $: $1 < @ $2 $3 . > $4',
+`R$* < @ $={VirtHost} > $* $: $1 < @ $2 . > $3')',
+`dnl')
+dnl remove superfluous dots (maybe repeatedly) which may have been added
+dnl by one of the rules before
R$* < @ $* . . > $* $1 < @ $2 . > $3
##################################################
### Ruleset 4 -- Final Output Post-rewriting ###
##################################################
-S4
+Sfinal=4
R$* <@> $@ handle <> and list:;
# strip trailing dot off possibly canonical name
R$* < @ $+ . > $* $1 < @ $2 > $3
-# eliminate internal code -- should never get this far!
+# eliminate internal code
R$* < @ *LOCAL* > $* $1 < @ $j > $2
# externalize local domain info
@@ -702,20 +832,20 @@ R$+ % $=w @ $=w $1 @ $2 u%host@host => u@host
### (used for recursive calls) ###
##############################################################
-S`'97
-R$* $: $>3 $1
-R$* $@ $>0 $1
+SRecurse=97
+R$* $: $>canonify $1
+R$* $@ $>parse $1
######################################
### Ruleset 0 -- Parse Address ###
######################################
-S0
+Sparse=0
R$* $: $>Parse0 $1 initial parsing
R<@> $#_LOCAL_ $: <@> special case error msgs
-R$* $: $>98 $1 handle local hacks
+R$* $: $>ParseLocal $1 handle local hacks
R$* $: $>Parse1 $1 final parsing
#
@@ -727,26 +857,28 @@ R$* $: $>Parse1 $1 final parsing
SParse0
R<@> $@ <@> special case error msgs
-R$* : $* ; <@> $#error $@ 5.1.3 $: "List:; syntax illegal for recipient addresses"
-#R@ <@ $* > < @ $1 > catch "@@host" bogosity
-R<@ $+> $#error $@ 5.1.3 $: "User address required"
+R$* : $* ; <@> $#error $@ 5.1.3 $: "553 List:; syntax illegal for recipient addresses"
+R@ <@ $* > < @ $1 > catch "@@host" bogosity
+R<@ $+> $#error $@ 5.1.3 $: "553 User address required"
R$* $: <> $1
R<> $* < @ [ $+ ] > $* $1 < @ [ $2 ] > $3
-R<> $* <$* : $* > $* $#error $@ 5.1.3 $: "Colon illegal in host name part"
+R<> $* <$* : $* > $* $#error $@ 5.1.3 $: "553 Colon illegal in host name part"
R<> $* $1
-R$* < @ . $* > $* $#error $@ 5.1.2 $: "Invalid host name"
-R$* < @ $* .. $* > $* $#error $@ 5.1.2 $: "Invalid host name"
+R$* < @ . $* > $* $#error $@ 5.1.2 $: "553 Invalid host name"
+R$* < @ $* .. $* > $* $#error $@ 5.1.2 $: "553 Invalid host name"
+dnl comma only allowed before @; this check is not complete
+R$* , $~O $* $#error $@ 5.1.2 $: "553 Invalid route address"
# now delete the local info -- note $=O to find characters that cause forwarding
-R$* < @ > $* $@ $>Parse0 $>3 $1 user@ => user
-R< @ $=w . > : $* $@ $>Parse0 $>3 $2 @here:... -> ...
+R$* < @ > $* $@ $>Parse0 $>canonify $1 user@ => user
+R< @ $=w . > : $* $@ $>Parse0 $>canonify $2 @here:... -> ...
R$- < @ $=w . > $: $(dequote $1 $) < @ $2 . > dequote "foo"@here
-R< @ $+ > $#error $@ 5.1.3 $: "User address required"
-R$* $=O $* < @ $=w . > $@ $>Parse0 $>3 $1 $2 $3 ...@here -> ...
+R< @ $+ > $#error $@ 5.1.3 $: "553 User address required"
+R$* $=O $* < @ $=w . > $@ $>Parse0 $>canonify $1 $2 $3 ...@here -> ...
R$- $: $(dequote $1 $) < @ *LOCAL* > dequote "foo"
-R< @ *LOCAL* > $#error $@ 5.1.3 $: "User address required"
+R< @ *LOCAL* > $#error $@ 5.1.3 $: "553 User address required"
R$* $=O $* < @ *LOCAL* >
- $@ $>Parse0 $>3 $1 $2 $3 ...@*LOCAL* -> ...
+ $@ $>Parse0 $>canonify $1 $2 $3 ...@*LOCAL* -> ...
R$* < @ *LOCAL* > $: $1
#
@@ -754,64 +886,90 @@ R$* < @ *LOCAL* > $: $1
#
SParse1
+ifdef(`_LDAP_ROUTING_', `dnl
+# handle LDAP routing for hosts in $={LDAPRoute}
+R$+ < @ $={LDAPRoute} . > $: $>LDAPExpand <$1 < @ $2 . >> <$1 @ $2>',
+`dnl')
+
+
ifdef(`_MAILER_smtp_',
`# handle numeric address spec
-R$* < @ [ $+ ] > $* $: $>98 $1 < @ [ $2 ] > $3 numeric internet spec
-R$* < @ [ $+ ] > $* $#_SMTP_ $@ [$2] $: $1 < @ [$2] > $3 still numeric: send',
+dnl there is no check whether this is really an IP number
+R$* < @ [ $+ ] > $* $: $>ParseLocal $1 < @ [ $2 ] > $3 numeric internet spec
+R$* < @ [ $+ ] > $* $1 < @ [ $2 ] : $S > $3 Add smart host to path
+R$* < @ [ IPv6 $- ] : > $*
+ $#_SMTP_ $@ [ $(dequote $2 $) ] $: $1 < @ [IPv6 $2 ] > $3 no smarthost: send
+R$* < @ [ $+ ] : > $* $#_SMTP_ $@ [$2] $: $1 < @ [$2] > $3 no smarthost: send
+R$* < @ [ $+ ] : $- : $*> $* $#$3 $@ $4 $: $1 < @ [$2] > $5 smarthost with mailer
+R$* < @ [ $+ ] : $+ > $* $#_SMTP_ $@ $3 $: $1 < @ [$2] > $4 smarthost without mailer',
`dnl')
-ifdef(`VIRTUSER_TABLE', `dnl
+ifdef(`_VIRTUSER_TABLE_', `dnl
# handle virtual users
-R$+ < @ $=w . > $: < $(virtuser $1 @ $2 $@ $1 $: @ $) > $1 < @ $2 . >
+R$+ $: <!> $1 Mark for lookup
+ifdef(`_VIRTUSER_ENTIRE_DOMAIN_',
+`R<!> $+ < @ $* $={VirtHost} . > $: < $(virtuser $1 @ $2 $3 $@ $1 $: @ $) > $1 < @ $2 $3 . >',
+`R<!> $+ < @ $={VirtHost} . > $: < $(virtuser $1 @ $2 $@ $1 $: @ $) > $1 < @ $2 . >')
+R<!> $+ < @ $=w . > $: < $(virtuser $1 @ $2 $@ $1 $: @ $) > $1 < @ $2 . >
R<@> $+ + $* < @ $* . >
- $: < $(virtuser $1 + * @ $3 $@ $1 $: @ $) > $1 + $2 < @ $3 . >
+ $: < $(virtuser $1 + * @ $3 $@ $1 $@ $2 $: @ $) > $1 + $2 < @ $3 . >
R<@> $+ + $* < @ $* . >
$: < $(virtuser $1 @ $3 $@ $1 $: @ $) > $1 + $2 < @ $3 . >
+dnl try default entry: @domain
+dnl +*@domain
+R<@> $+ + $+ < @ $+ . > $: < $(virtuser + * @ $3 $@ $1 $@ $2 $: @ $) > $1 + $2 < @ $3 . >
+dnl @domain if +detail exists
+R<@> $+ + $* < @ $+ . > $: < $(virtuser @ $3 $@ $1 $@ $2 $: @ $) > $1 + $2 < @ $3 . >
+dnl without +detail (or no match)
R<@> $+ < @ $+ . > $: < $(virtuser @ $2 $@ $1 $: @ $) > $1 < @ $2 . >
R<@> $+ $: $1
+R<!> $+ $: $1
+R< error : $-.$-.$- : $+ > $* $#error $@ $1.$2.$3 $: $4
R< error : $- $+ > $* $#error $@ $(dequote $1 $) $: $2
-R< $+ > $+ < @ $+ > $: $>97 $1',
+R< $+ > $+ < @ $+ > $: $>Recurse $1',
`dnl')
# short circuit local delivery so forwarded email works
ifdef(`_MAILER_usenet_', `dnl
-R$+ . USENET < @ $=w . > $#usenet $: $1 handle usenet specially', `dnl')
+R$+ . USENET < @ $=w . > $#usenet $@ usenet $: $1 handle usenet specially', `dnl')
ifdef(`_STICKY_LOCAL_DOMAIN_',
`R$+ < @ $=w . > $: < $H > $1 < @ $2 . > first try hub
-R< $+ > $+ < $+ > $>95 < $1 > $2 < $3 > yep ....
+R< $+ > $+ < $+ > $>MailerToTriple < $1 > $2 < $3 > yep ....
+dnl $H empty (but @$=w.)
R< > $+ + $* < $+ > $#_LOCAL_ $: $1 + $2 plussed name?
R< > $+ < $+ > $#_LOCAL_ $: @ $1 nope, local address',
-`R$=L < @ $=w . > $#_LOCAL_ $: @ $1 special local names
+`R$=L < @ $=w . > $#_LOCAL_ $: @ $1 special local names
R$+ < @ $=w . > $#_LOCAL_ $: $1 regular local name')
-ifdef(`MAILER_TABLE', `dnl
+ifdef(`_MAILER_TABLE_', `dnl
# not local -- try mailer table lookup
R$* <@ $+ > $* $: < $2 > $1 < @ $2 > $3 extract host name
R< $+ . > $* $: < $1 > $2 strip trailing dot
R< $+ > $* $: < $(mailertable $1 $) > $2 lookup
-R< $~[ : $* > $* $>95 < $1 : $2 > $3 check -- resolved?
-R< $+ > $* $: $>90 <$1> $2 try domain',
+dnl it is $~[ instead of $- to avoid matches on IPv6 addresses
+R< $~[ : $* > $* $>MailerToTriple < $1 : $2 > $3 check -- resolved?
+R< $+ > $* $: $>Mailertable <$1> $2 try domain',
`dnl')
-undivert(4)dnl
+undivert(4)dnl UUCP rules from `MAILER(uucp)'
ifdef(`_NO_UUCP_', `dnl',
`# resolve remotely connected UUCP links (if any)
ifdef(`_CLASS_V_',
-`R$* < @ $=V . UUCP . > $* $: $>95 < $V > $1 <@$2.UUCP.> $3',
+`R$* < @ $=V . UUCP . > $* $: $>MailerToTriple < $V > $1 <@$2.UUCP.> $3',
`dnl')
ifdef(`_CLASS_W_',
-`R$* < @ $=W . UUCP . > $* $: $>95 < $W > $1 <@$2.UUCP.> $3',
+`R$* < @ $=W . UUCP . > $* $: $>MailerToTriple < $W > $1 <@$2.UUCP.> $3',
`dnl')
ifdef(`_CLASS_X_',
-`R$* < @ $=X . UUCP . > $* $: $>95 < $X > $1 <@$2.UUCP.> $3',
+`R$* < @ $=X . UUCP . > $* $: $>MailerToTriple < $X > $1 <@$2.UUCP.> $3',
`dnl')')
# resolve fake top level domains by forwarding to other hosts
ifdef(`BITNET_RELAY',
-`R$*<@$+.BITNET.>$* $: $>95 < $B > $1 <@$2.BITNET.> $3 user@host.BITNET',
+`R$*<@$+.BITNET.>$* $: $>MailerToTriple < $B > $1 <@$2.BITNET.> $3 user@host.BITNET',
`dnl')
ifdef(`DECNET_RELAY',
-`R$*<@$+.DECNET.>$* $: $>95 < $C > $1 <@$2.DECNET.> $3 user@host.DECNET',
+`R$*<@$+.DECNET.>$* $: $>MailerToTriple < $C > $1 <@$2.DECNET.> $3 user@host.DECNET',
`dnl')
ifdef(`_MAILER_pop_',
`R$+ < @ POP. > $#pop $: $1 user@POP',
@@ -819,19 +977,19 @@ ifdef(`_MAILER_pop_',
ifdef(`_MAILER_fax_',
`R$+ < @ $+ .FAX. > $#fax $@ $2 $: $1 user@host.FAX',
`ifdef(`FAX_RELAY',
-`R$*<@$+.FAX.>$* $: $>95 < $F > $1 <@$2.FAX.> $3 user@host.FAX',
+`R$*<@$+.FAX.>$* $: $>MailerToTriple < $F > $1 <@$2.FAX.> $3 user@host.FAX',
`dnl')')
ifdef(`UUCP_RELAY',
`# forward non-local UUCP traffic to our UUCP relay
-R$*<@$*.UUCP.>$* $: $>95 < $Y > $1 <@$2.UUCP.> $3 uucp mail',
+R$*<@$*.UUCP.>$* $: $>MailerToTriple < $Y > $1 <@$2.UUCP.> $3 uucp mail',
`ifdef(`_MAILER_uucp_',
`# forward other UUCP traffic straight to UUCP
R$* < @ $+ .UUCP. > $* $#_UUCP_ $@ $2 $: $1 < @ $2 .UUCP. > $3 user@host.UUCP',
`dnl')')
ifdef(`_MAILER_usenet_', `
# addresses sent to net.group.USENET will get forwarded to a newsgroup
-R$+ . USENET $#usenet $: $1',
+R$+ . USENET $#usenet $@ usenet $: $1',
`dnl')
ifdef(`_LOCAL_RULES_',
@@ -839,22 +997,26 @@ ifdef(`_LOCAL_RULES_',
undivert(1)', `dnl')
# pass names that still have a host to a smarthost (if defined)
-R$* < @ $* > $* $: $>95 < $S > $1 < @ $2 > $3 glue on smarthost name
+R$* < @ $* > $* $: $>MailerToTriple < $S > $1 < @ $2 > $3 glue on smarthost name
# deal with other remote names
ifdef(`_MAILER_smtp_',
-`R$* < @$* > $* $#_SMTP_ $@ $2 $: $1 < @ $2 > $3 user@host.domain',
-`R$* < @$* > $* $#error $@ 5.1.2 $: "Unrecognized host name " $2')
+`R$* < @$* > $* $#_SMTP_ $@ $2 $: $1 < @ $2 > $3 user@host.domain',
+`R$* < @$* > $* $#error $@ 5.1.2 $: "553 Unrecognized host name " $2')
# handle locally delivered names
-R$=L $#_LOCAL_ $: @ $1 special local names
+R$=L $#_LOCAL_ $: @ $1 special local names
R$+ $#_LOCAL_ $: $1 regular local names
###########################################################################
### Ruleset 5 -- special rewriting after aliases have been expanded ###
###########################################################################
-S5
+SLocal_localaddr
+Slocaladdr=5
+R$+ $: $1 $| $>"Local_localaddr" $1
+R$+ $| $#$* $#$2
+R$+ $| $* $: $1
# deal with plussed users so aliases work nicely
R$+ + * $#_LOCAL_ $@ $&h $: $1
@@ -865,61 +1027,87 @@ R$+ $: <> $1
ifdef(`LUSER_RELAY', `dnl
# send unrecognized local users to a relay host
-R< > $+ $: < $L . > $(user $1 $) look up user
-R< $* > $+ <> $* $: < > $2 $3 found; strip $L
-R< $* . > $+ $: < $1 > $2 strip extra dot',
+R< > $+ $: < $L > $(user $1 $) look up user
+R< $* > $+ <> $: < > $2 found; strip $L',
`dnl')
# see if we have a relay or a hub
R< > $+ $: < $H > $1 try hub
R< > $+ $: < $R > $1 try relay
-R< > $+ $: < > < $1 $&h > nope, restore +detail
+R< > $+ $: < > < $1 <> $&h > nope, restore +detail
+R< > < $+ <> + $* > $: < > < $1 + $2 > check whether +detail
+R< > < $+ <> $* > $: < > < $1 > else discard
R< > < $+ + $* > $* < > < $1 > + $2 $3 find the user part
R< > < $+ > + $* $#_LOCAL_ $@ $2 $: @ $1 strip the extra +
R< > < $+ > $@ $1 no +detail
R$+ $: $1 <> $&h add +detail back in
R$+ <> + $* $: $1 + $2 check whether +detail
R$+ <> $* $: $1 else discard
-R< local : $* > $* $: $>95 < local : $1 > $2 no host extension
-R< error : $* > $* $: $>95 < error : $1 > $2 no host extension
-R< $- : $+ > $+ $: $>95 < $1 : $2 > $3 < @ $2 >
-R< $+ > $+ $@ $>95 < $1 > $2 < @ $1 >
+R< local : $* > $* $: $>MailerToTriple < local : $1 > $2 no host extension
+R< error : $* > $* $: $>MailerToTriple < error : $1 > $2 no host extension
+R< $- : $+ > $+ $: $>MailerToTriple < $1 : $2 > $3 < @ $2 >
+R< $+ > $+ $@ $>MailerToTriple < $1 > $2 < @ $1 >
-ifdef(`MAILER_TABLE', `dnl
+ifdef(`_MAILER_TABLE_', `dnl
###################################################################
### Ruleset 90 -- try domain part of mailertable entry ###
+dnl input: LeftPartOfDomain <RightPartOfDomain> FullAddress
###################################################################
-S90
+SMailertable=90
+dnl shift and check
+dnl %2 is not documented in cf/README
R$* <$- . $+ > $* $: $1$2 < $(mailertable .$3 $@ $1$2 $@ $2 $) > $4
-R$* <$~[ : $* > $* $>95 < $2 : $3 > $4 check -- resolved?
-R$* < . $+ > $* $@ $>90 $1 . <$2> $3 no -- strip & try again
+dnl it is $~[ instead of $- to avoid matches on IPv6 addresses
+R$* <$~[ : $* > $* $>MailerToTriple < $2 : $3 > $4 check -- resolved?
+R$* < . $+ > $* $@ $>Mailertable $1 . <$2> $3 no -- strip & try again
+dnl is $2 always empty?
R$* < $* > $* $: < $(mailertable . $@ $1$2 $) > $3 try "."
-R< $~[ : $* > $* $>95 < $1 : $2 > $3 "." found?
+R< $~[ : $* > $* $>MailerToTriple < $1 : $2 > $3 "." found?
+dnl return full address
R< $* > $* $@ $2 no mailertable match',
`dnl')
###################################################################
### Ruleset 95 -- canonify mailer:[user@]host syntax to triple ###
+dnl input: in general: <[mailer:]host> lp<@domain>rest
+dnl <> address -> address
+dnl <error:d.s.n:text> -> error
+dnl <error:text> -> error
+dnl <mailer:user@host> lp<@domain>rest -> mailer host user
+dnl <mailer:host> address -> mailer host address
+dnl <localdomain> address -> address
+dnl <[IPv6 number]> address -> relay number address
+dnl <host> address -> relay host address
###################################################################
-S95
+SMailerToTriple=95
R< > $* $@ $1 strip off null relay
+R< error : $-.$-.$- : $+ > $* $#error $@ $1.$2.$3 $: $4
R< error : $- $+ > $* $#error $@ $(dequote $1 $) $: $2
R< local : $* > $* $>CanonLocal < $1 > $2
R< $- : $+ @ $+ > $*<$*>$* $# $1 $@ $3 $: $2<@$3> use literal user
R< $- : $+ > $* $# $1 $@ $2 $: $3 try qualified mailer
R< $=w > $* $@ $2 delete local host
+R< [ IPv6 $+ ] > $* $#_RELAY_ $@ $(dequote $1 $) $: $2 use unqualified mailer
R< $+ > $* $#_RELAY_ $@ $1 $: $2 use unqualified mailer
###################################################################
### Ruleset CanonLocal -- canonify local: syntax ###
+dnl input: <user> address
+dnl <x> <@host> : rest -> Recurse rest
+dnl <x> p1 $=O p2 <@host> -> Recurse p1 $=O p2
+dnl <> user <@host> rest -> local user@host user
+dnl <> user -> local user user
+dnl <user@host> lp <@domain> rest -> <user> lp <@host> [cont]
+dnl <user> lp <@host> rest -> local lp@host user
+dnl <user> lp -> local lp user
###################################################################
SCanonLocal
# strip local host from routed addresses
-R< $* > < @ $+ > : $+ $@ $>97 $3
-R< $* > $+ $=O $+ < @ $+ > $@ $>97 $2 $3 $4
+R< $* > < @ $+ > : $+ $@ $>Recurse $3
+R< $* > $+ $=O $+ < @ $+ > $@ $>Recurse $2 $3 $4
# strip trailing dot from any host name that may appear
R< $* > $* < @ $* . > $: < $1 > $2 < @ $3 >
@@ -939,21 +1127,42 @@ R< $+ > $* $#_LOCAL_ $@ $2 $: $1
### Ruleset 93 -- convert header names to masqueraded form ###
###################################################################
-S93
+SMasqHdr=93
-ifdef(`GENERICS_TABLE', `dnl
+ifdef(`_GENERICS_TABLE_', `dnl
# handle generics database
ifdef(`_GENERICS_ENTIRE_DOMAIN_',
+dnl if generics should be applied add a @ as mark
`R$+ < @ $* $=G . > $: < $1@$2$3 > $1 < @ $2$3 . > @ mark',
`R$+ < @ $=G . > $: < $1@$2 > $1 < @ $2 . > @ mark')
R$+ < @ *LOCAL* > $: < $1@$j > $1 < @ *LOCAL* > @ mark
-R< $+ > $+ < $* > @ $: < $(generics $1 $: $) > $2 < $3 >
+dnl workspace: either user<@domain> or <user@domain> user <@domain> @
+dnl ignore the first case for now
+dnl if it has the mark lookup full address
+R< $+ > $+ < $* > @ $: < $(generics $1 $: @ $1 $) > $2 < $3 >
+dnl workspace: ... or <match|@user@domain> user <@domain>
+dnl no match, try user+detail@domain
+R<@$+ + $* @ $+> $+ < @ $+ >
+ $: < $(generics $1+*@$3 $@ $2 $:@$1 + $2@$3 $) > $4 < @ $5 >
+R<@$+ + $* @ $+> $+ < @ $+ >
+ $: < $(generics $1@$3 $: $) > $4 < @ $5 >
+dnl no match, remove mark
+R<@$+ > $+ < @ $+ > $: < > $2 < @ $3 >
+dnl no match, try @domain for exceptions
+R< > $+ < @ $+ . > $: < $(generics @$2 $@ $1 $: $) > $1 < @ $2 . >
+dnl workspace: ... or <match> user <@domain>
+dnl no match, try local part
R< > $+ < @ $+ > $: < $(generics $1 $: $) > $1 < @ $2 >
-R< $* @ $* > $* < $* > $@ $>3 $1 @ $2 found qualified
-R< $+ > $* < $* > $: $>3 $1 @ *LOCAL* found unqualified
+R< > $+ + $* < @ $+ > $: < $(generics $1+* $@ $2 $: $) > $1 + $2 < @ $3 >
+R< > $+ + $* < @ $+ > $: < $(generics $1 $: $) > $1 + $2 < @ $3 >
+R< $* @ $* > $* < $* > $@ $>canonify $1 @ $2 found qualified
+R< $+ > $* < $* > $: $>canonify $1 @ *LOCAL* found unqualified
R< > $* $: $1 not found',
`dnl')
+# do not masquerade anything in class N
+R$* < @ $* $=N . > $@ $1 < @ $2 $3 . >
+
# special case the users that should be exposed
R$=E < @ *LOCAL* > $@ $1 < @ $j . > leave exposed
ifdef(`_MASQUERADE_ENTIRE_DOMAIN_',
@@ -976,34 +1185,95 @@ R$* < @ $+ @ $+ > $* $: $1 < @ $3 . > $4 $M is not null
### Ruleset 94 -- convert envelope names to masqueraded form ###
###################################################################
-S94
+SMasqEnv=94
ifdef(`_MASQUERADE_ENVELOPE_',
-`R$+ $@ $>93 $1',
+`R$+ $@ $>MasqHdr $1',
`R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2')
###################################################################
### Ruleset 98 -- local part of ruleset zero (can be null) ###
###################################################################
-S98
-undivert(3)dnl
+SParseLocal=98
+undivert(3)dnl LOCAL_RULE_0
+
+ifdef(`_LDAP_ROUTING_', `dnl
+SLDAPExpand
+# do the LDAP lookups
+R<$+><$+> $: <$(ldapmra $2 $: $)> <$(ldapmh $2 $: $)> <$1> <$2>
+
+# if mailRoutingAddress and local or non-existant mailHost,
+# return the new mailRoutingAddress
+R< $+ > < $=w > < $+ > < $+ > $@ $>Parse0 $>canonify $1
+R< $+ > < > < $+ > < $+ > $@ $>Parse0 $>canonify $1
+
+# if mailRoutingAddress and non-local mailHost,
+# relay to mailHost with new mailRoutingAddress
+R< $+ > < $+ > < $+ > < $+ > $#_RELAY_ $@ $2 $: $>canonify $1
-ifelse(substr(confDELIVERY_MODE,0,1), `d', `errprint(`WARNING: Antispam rules not available in deferred delivery mode.')')
-ifdef(`ACCESS_TABLE', `dnl
+# if no mailRoutingAddress and local mailHost,
+# return original address
+R< > < $=w > <$+> <$+> $@ $2
+
+# if no mailRoutingAddress and non-local mailHost,
+# relay to mailHost with original address
+R< > < $+ > <$+> <$+> $#_RELAY_ $@ $1 $: $2
+
+# if no mailRoutingAddress and no mailHost,
+# try @domain
+R< > < > <$+> <$+ @ $+> $@ $>LDAPExpand <$1> <@ $3>
+
+# if no mailRoutingAddress and no mailHost and this was a domain attempt,
+ifelse(_LDAP_ROUTING_, `_MUST_EXIST_', `dnl
+# user does not exist
+R< > < > <$+> <@ $+> $#error $@ nouser $: "550 User unknown"',
+`dnl
+# return the original address
+R< > < > <$+> <@ $+> $@ $1')',
+`dnl')
+
+ifelse(substr(confDELIVERY_MODE,0,1), `d', `errprint(`WARNING: Antispam rules not available in deferred delivery mode.
+')')
+ifdef(`_ACCESS_TABLE_', `dnl
######################################################################
### LookUpDomain -- search for domain in access database
###
### Parameters:
### <$1> -- key (domain name)
### <$2> -- default (what to return if not found in db)
+dnl must not be empty
### <$3> -- passthru (additional data passed unchanged through)
+### <$4> -- mark (must be <(!|+) single-token>)
+### ! does lookup only with tag
+### + does lookup with and without tag
+dnl returns: <default> <passthru>
+dnl <result> <passthru>
######################################################################
SLookUpDomain
-R<$+> <$+> <$*> $: < $(access $1 $: ? $) > <$1> <$2> <$3>
-R<?> <$+.$+> <$+> <$*> $@ $>LookUpDomain <$2> <$3> <$4>
-R<?> <$+> <$+> <$*> $@ <$2> <$3>
-R<$*> <$+> <$+> <$*> $@ <$1> <$4>
+dnl remove IPv6 mark and dequote address
+dnl it is a bit ugly because it is checked on each "iteration"
+R<[IPv6 $-]> <$+> <$*> <$*> $: <[$(dequote $1 $)]> <$2> <$3> <$4>
+dnl workspace <key> <default> <passthru> <mark>
+dnl lookup with tag (in front, no delimiter here)
+R<$*> <$+> <$*> <$- $-> $: < $(access $5`'_TAG_DELIM_`'$1 $: ? $) > <$1> <$2> <$3> <$4 $5>
+dnl workspace <result-of-lookup|?> <key> <default> <passthru> <mark>
+ifdef(`_FFR_LOOKUPDOTDOMAIN', `dnl omit first component: lookup .rest
+R<?> <$+.$+> <$+> <$*> <$- $-> $: < $(access $5`'_TAG_DELIM_`'.$2 $: ? $) > <$1.$2> <$3> <$4> <$5 $6>', `dnl')
+dnl lookup without tag?
+R<?> <$+> <$+> <$*> <+ $*> $: < $(access $1 $: ? $) > <$1> <$2> <$3> <+ $4>
+ifdef(`_FFR_LOOKUPDOTDOMAIN', `dnl omit first component: lookup .rest
+R<?> <$+.$+> <$+> <$*> <+ $*> $: < $(access .$2 $: ? $) > <$1.$2> <$3> <$4> <+ $5>', `dnl')
+dnl lookup IP address (no check is done whether it is an IP number!)
+R<?> <[$+.$-]> <$+> <$*> <$*> $@ $>LookUpDomain <[$1]> <$3> <$4> <$5>
+dnl lookup IPv6 address
+R<?> <[$+:$-]> <$+> <$*> <$*> $: $>LookUpDomain <[$1]> <$3> <$4> <$5>
+dnl not found, but subdomain: try again
+R<?> <$+.$+> <$+> <$*> <$*> $@ $>LookUpDomain <$2> <$3> <$4> <$5>
+dnl not found, no subdomain: return default
+R<?> <$+> <$+> <$*> <$*> $@ <$2> <$3>
+dnl return result of lookup
+R<$*> <$+> <$+> <$*> <$*> $@ <$1> <$4>
######################################################################
### LookUpAddress -- search for host address in access database
@@ -1011,14 +1281,28 @@ R<$*> <$+> <$+> <$*> $@ <$1> <$4>
### Parameters:
### <$1> -- key (dot quadded host address)
### <$2> -- default (what to return if not found in db)
+dnl must not be empty
### <$3> -- passthru (additional data passed through)
+### <$4> -- mark (must be <(!|+) single-token>)
+### ! does lookup only with tag
+### + does lookup with and without tag
+dnl returns: <default> <passthru>
+dnl <result> <passthru>
######################################################################
SLookUpAddress
-R<$+> <$+> <$*> $: < $(access $1 $: ? $) > <$1> <$2> <$3>
-R<?> <$+.$-> <$+> <$*> $@ $>LookUpAddress <$1> <$3> <$4>
-R<?> <$+> <$+> <$*> $@ <$2> <$3>
-R<$*> <$+> <$+> <$*> $@ <$1> <$4>',
+dnl lookup with tag
+R<$+> <$+> <$*> <$- $+> $: < $(access $5`'_TAG_DELIM_`'$1 $: ? $) > <$1> <$2> <$3> <$4 $5>
+dnl lookup without tag
+R<?> <$+> <$+> <$*> <+ $+> $: < $(access $1 $: ? $) > <$1> <$2> <$3> <+ $4>
+dnl no match; IPv6: remove last part
+R<?> <$+:$-> <$+> <$*> <$*> $@ $>LookUpAddress <$1> <$3> <$4> <$5>
+dnl no match; IPv4: remove last part
+R<?> <$+.$-> <$+> <$*> <$*> $@ $>LookUpAddress <$1> <$3> <$4> <$5>
+dnl no match: return default
+R<?> <$+> <$+> <$*> <$*> $@ <$2> <$3>
+dnl match: return result
+R<$*> <$+> <$+> <$*> <$*> $@ <$1> <$4>',
`dnl')
######################################################################
@@ -1031,13 +1315,17 @@ R<$*> <$+> <$+> <$*> $@ <$1> <$4>',
###
### Returns:
### parsed address, not in source route form
+dnl user%host%host<@domain>
+dnl host!user<@domain>
######################################################################
SCanonAddr
-R$* $: $>Parse0 $>3 $1 make domain canonical
+R$* $: $>Parse0 $>canonify $1 make domain canonical
+ifdef(`_USE_DEPRECATED_ROUTE_ADDR_',`dnl
R< @ $+ > : $* @ $* < @ $1 > : $2 % $3 change @ to % in src route
R$* < @ $+ > : $* : $* $3 $1 < @ $2 > : $4 change to % hack.
R$* < @ $+ > : $* $3 $1 < @ $2 >
+dnl')
######################################################################
### ParseRecipient -- Strip off hosts in $=R as well as possibly
@@ -1052,42 +1340,56 @@ R$* < @ $+ > : $* $3 $1 < @ $2 >
######################################################################
SParseRecipient
+dnl mark and canonify address
R$* $: <?> $>CanonAddr $1
+dnl workspace: <?> localpart<@domain[.]>
R<?> $* < @ $* . > <?> $1 < @ $2 > strip trailing dots
+dnl workspace: <?> localpart<@domain>
R<?> $- < @ $* > $: <?> $(dequote $1 $) < @ $2 > dequote local part
# if no $=O character, no host in the user portion, we are done
R<?> $* $=O $* < @ $* > $: <NO> $1 $2 $3 < @ $4>
+dnl no $=O in localpart: return
R<?> $* $@ $1
+dnl workspace: <?> localpart<@domain>, where localpart contains $=O
+dnl mark everything which has an "authorized" domain with <RELAY>
ifdef(`_RELAY_ENTIRE_DOMAIN_', `dnl
# if we relay, check username portion for user%host so host can be checked also
R<NO> $* < @ $* $=m > $: <RELAY> $1 < @ $2 $3 >', `dnl')
ifdef(`_RELAY_MX_SERVED_', `dnl
+dnl do "we" ($=w) act as backup MX server for the destination domain?
R<NO> $* < @ $+ > $: <MX> < : $(mxserved $2 $) : > < $1 < @$2 > >
R<MX> < : $* <TEMP> : > $* $#error $@ 4.7.1 $: "450 Can not check MX records for recipient host " $1
+dnl yes: mark it as <RELAY>
R<MX> < $* : $=w. : $* > < $+ > $: <RELAY> $4
+dnl no: put old <NO> mark back
R<MX> < : $* : > < $+ > $: <NO> $2', `dnl')
+dnl workspace: <(NO|RELAY)> localpart<@domain>, where localpart contains $=O
+dnl if mark is <NO> then change it to <RELAY> if domain is "authorized"
ifdef(`_RELAY_HOSTS_ONLY_',
`R<NO> $* < @ $=R > $: <RELAY> $1 < @ $2 >
-ifdef(`ACCESS_TABLE', `dnl
+ifdef(`_ACCESS_TABLE_', `dnl
+R<NO> $* < @ $+ > $: <$(access To:$2 $: NO $)> $1 < @ $2 >
R<NO> $* < @ $+ > $: <$(access $2 $: NO $)> $1 < @ $2 >',`dnl')',
`R<NO> $* < @ $* $=R > $: <RELAY> $1 < @ $2 $3 >
-ifdef(`ACCESS_TABLE', `dnl
-R<NO> $* < @ $+ > $: $>LookUpDomain <$2> <NO> <$1 < @ $2 >>
+ifdef(`_ACCESS_TABLE_', `dnl
+R<NO> $* < @ $+ > $: $>LookUpDomain <$2> <NO> <$1 < @ $2 >> <+To>
R<$+> <$+> $: <$1> $2',`dnl')')
+
R<RELAY> $* < @ $* > $@ $>ParseRecipient $1
R<$-> $* $@ $2
+
######################################################################
### check_relay -- check hostname/address on SMTP startup
######################################################################
SLocal_check_relay
-Scheck_relay
+Scheck`'_U_`'relay
R$* $: $1 $| $>"Local_check_relay" $1
R$* $| $* $| $#$* $#$3
R$* $| $* $| $* $@ $>"Basic_check_relay" $1 $| $2
@@ -1098,30 +1400,35 @@ R$* $: < ${deliveryMode} > $1
R< d > $* $@ deferred
R< $* > $* $: $2
-ifdef(`ACCESS_TABLE', `dnl
-R$+ $| $+ $: $>LookUpDomain < $1 > <?> < $2 >
-R<?> < $+ > $: $>LookUpAddress < $1 > <?> < $1 >
-R<?> < $+ > $: $1
-R<OK> < $* > $@ OK
-R<RELAY> < $* > $@ RELAY
-R<REJECT> $* $#error $@ 5.7.1 $: "ifdef(`confREJECT_MSG', `confREJECT_MSG', `550 Access denied')"
+ifdef(`_ACCESS_TABLE_', `dnl
+R$+ $| $+ $: $>LookUpDomain < $1 > <?> < $2 > <+Connect>
+R<?> <$+> $: $>LookUpAddress < $1 > <?> < $1 > <+Connect> no: another lookup
+R<?> < $+ > $: $1 found nothing
+R<$={Accept}> < $* > $@ $1
+R<REJECT> $* $#error ifdef(`confREJECT_MSG', `$: "confREJECT_MSG"', `$@ 5.7.1 $: "550 Access denied"')
R<DISCARD> $* $#discard $: discard
-R<$+> $* $#error $@ 5.7.1 $: $1', `dnl')
-
-ifdef(`_RBL_', `dnl
-# DNS based IP address spam lists
+dnl error tag
+R<ERROR:$-.$-.$-:$+> $* $#error $@ $1.$2.$3 $: $4
+R<ERROR:$+> $* $#error $: $1
+dnl generic error from access map
+R<$+> $* $#error $: $1', `dnl')
+
+ifdef(`_RBL_',`dnl
+# DNS based IP address spam list
R$* $: $&{client_addr}
-R$-.$-.$-.$- $: $(host $4.$3.$2.$1._RBL_. $: OK $)
-ROK $@ OK
-R$+ $#error $@ 5.7.1 $: "Mail from " $&{client_addr} " refused by blackhole site _RBL_"',
+R::ffff:$-.$-.$-.$- $: <?> $(host $4.$3.$2.$1._RBL_. $: OK $)
+R$-.$-.$-.$- $: <?> $(host $4.$3.$2.$1._RBL_. $: OK $)
+R<?>OK $: OKSOFAR
+R<?>$+ $#error $@ 5.7.1 $: "550 Mail from " $&{client_addr} " refused by blackhole site _RBL_"',
`dnl')
+undivert(8)
######################################################################
### check_mail -- check SMTP ``MAIL FROM:'' command argument
######################################################################
SLocal_check_mail
-Scheck_mail
+Scheck`'_U_`'mail
R$* $: $1 $| $>"Local_check_mail" $1
R$* $| $#$* $#$2
R$* $| $* $@ $>"Basic_check_mail" $1
@@ -1132,63 +1439,124 @@ R$* $: < ${deliveryMode} > $1
R< d > $* $@ deferred
R< $* > $* $: $2
-R<> $@ <OK>
-R$* $: <?> $>CanonAddr $1
-R<?> $* < @ $+ . > <?> $1 < @ $2 > strip trailing dots
-# handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc)
-R<?> $* < $* $=P > $* $: <OK> $1 < @ $2 $3 > $4
-ifdef(`_ACCEPT_UNRESOLVABLE_DOMAINS_',
-`R<?> $* < @ $+ > $* $: <OK> $1 < @ $2 > $3 ... unresolvable OK',
-`R<?> $* < @ $+ > $* $: <? $(resolve $2 $: $2 <PERM> $) > $1 < @ $2 > $3
-R<? $* <$->> $* < @ $+ > $*
- $: <$2> $3 < @ $4 > $5')
+# authenticated?
+dnl done first: we can require authentication for every mail transaction
+dnl workspace: address as given by MAIL FROM: (sender)
+R$* $: $1 $| $>"tls_client" $&{verify} $| MAIL
+R$* $| $#$+ $#$2
+dnl undo damage: remove result of tls_client call
+R$* $| $* $: $1
+dnl workspace: address as given by MAIL FROM:
+R<> $@ <OK> we MUST accept <> (RFC 1123)
ifdef(`_ACCEPT_UNQUALIFIED_SENDERS_',`dnl',`dnl
+dnl do some additional checks
+dnl no user@host
+dnl no user@localhost (if nonlocal sender)
+dnl this is a pretty simple canonification, it will not catch every case
+dnl just make sure the address has <> around it (which is required by
+dnl the RFC anyway, maybe we should complain if they are missing...)
+dnl dirty trick: if it is user@host, just add a dot: user@host. this will
+dnl not be modified by host lookups.
+R$+ $: <?> $1
+R<?><$+> $: <@> <$1>
+R<?>$+ $: <@> <$1>
+dnl workspace: <@> <address>
+dnl prepend daemon_flags
+R$* $: $&{daemon_flags} $| $1
+dnl workspace: ${daemon_flags} $| <@> <address>
+dnl do not allow these at all or only from local systems?
+R$* f $* $| <@> < $* @ $- > $: < ? $&{client_name} > < $3 @ $4 >
+dnl accept unqualified sender: change mark to avoid test
+R$* u $* $| <@> < $* > $: <?> < $3 >
+dnl workspace: ${daemon_flags} $| <@> <address>
+dnl or: <? ${client_name} > <address>
+dnl or: <?> <address>
+dnl remove daemon_flags
+R$* $| $* $: $2
# handle case of @localhost on address
-R<$+> $* < @localhost > $: < ? $&{client_name} > <$1> $2 < @localhost >
-R<$+> $* < @localhost.$m >
- $: < ? $&{client_name} > <$1> $2 < @localhost.$m >
+R<@> < $* @ localhost > $: < ? $&{client_name} > < $1 @ localhost >
+R<@> < $* @ [127.0.0.1] >
+ $: < ? $&{client_name} > < $1 @ [127.0.0.1] >
+R<@> < $* @ localhost.$m >
+ $: < ? $&{client_name} > < $1 @ localhost.$m >
ifdef(`_NO_UUCP_', `dnl',
-`R<$+> $* < @localhost.UUCP >
- $: < ? $&{client_name} > <$1> $2 < @localhost.UUCP >')
-R<? $=w> <$+> $* <?> <$2> $3
-R<? $+> <$+> $* $#error $@ 5.5.4 $: "553 Real domain name required"
-R<?> <$+> $* $: <$1> $2')
-
-ifdef(`ACCESS_TABLE', `dnl
-# lookup localpart (user@)
-R<$+> $* < @ $+ > $* $: <USER $(access $2@ $: ? $) > <$1> $2 < @ $3 > $4
-# no match, try full address (user@domain rest)
-R<USER ?> <$+> $* < @ $* > $*
- $: <USER $(access $2@$3$4 $: ? $) > <$1> $2 < @ $3 > $4
-# no match, try address (user@domain)
-R<USER ?> <$+> $+ < @ $+ > $*
- $: <USER $(access $2@$3 $: ? $) > <$1> $2 < @ $3 > $4
-# no match, try (sub)domain (domain)
-R<USER ?> <$+> $* < @ $+ > $*
- $: $>LookUpDomain <$3> <$1> <>
-# check unqualified user in access database
-R<?> $* $: <USER $(access $1@ $: ? $) > <?> $1
+`R<@> < $* @ localhost.UUCP >
+ $: < ? $&{client_name} > < $1 @ localhost.UUCP >')
+dnl workspace: < ? $&{client_name} > <user@localhost|host>
+dnl or: <@> <address>
+dnl or: <?> <address> (thanks to u in ${daemon_flags})
+R<@> $* $: $1 no localhost as domain
+dnl workspace: < ? $&{client_name} > <user@localhost|host>
+dnl or: <address>
+dnl or: <?> <address> (thanks to u in ${daemon_flags})
+R<? $=w> $* $: $2 local client: ok
+R<? $+> <$+> $#error $@ 5.5.4 $: "553 Real domain name required"
+dnl remove <?> (happens only if ${client_name} == "" or u in ${daemon_flags})
+R<?> $* $: $1')
+dnl workspace: address (or <address>)
+R$* $: <?> $>CanonAddr $1 canonify sender address and mark it
+dnl workspace: <?> CanonicalAddress (i.e. address in canonical form localpart<@host>)
+dnl there is nothing behind the <@host> so no trailing $* needed
+R<?> $* < @ $+ . > <?> $1 < @ $2 > strip trailing dots
+# handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc)
+R<?> $* < @ $* $=P > $: <OK> $1 < @ $2 $3 >
+dnl workspace <mark> CanonicalAddress where mark is ? or OK
+ifdef(`_ACCEPT_UNRESOLVABLE_DOMAINS_',
+`R<?> $* < @ $+ > $: <OK> $1 < @ $2 > ... unresolvable OK',
+`R<?> $* < @ $+ > $: <? $(resolve $2 $: $2 <PERM> $) > $1 < @ $2 >
+R<? $* <$->> $* < @ $+ >
+ $: <$2> $3 < @ $4 >')
+dnl workspace <mark> CanonicalAddress where mark is ?, OK, PERM, TEMP
+dnl mark is ? iff the address is user (wo @domain)
+
+ifdef(`_ACCESS_TABLE_', `dnl
+# check sender address: user@address, user@, address
+dnl should we remove +ext from user?
+dnl workspace: <mark> CanonicalAddress where mark is: ?, OK, PERM, TEMP
+R<$+> $+ < @ $* > $: @<$1> <$2 < @ $3 >> $| <F:$2@$3> <U:$2@> <H:$3>
+R<$+> $+ $: @<$1> <$2> $| <U:$2@>
+dnl workspace: @<mark> <CanonicalAddress> $| <@type:address> ....
+dnl $| is used as delimiter, otherwise false matches may occur: <user<@domain>>
+dnl will only return user<@domain when "reversing" the args
+R@ <$+> <$*> $| <$+> $: <@> <$1> <$2> $| $>SearchList <+From> $| <$3> <>
+dnl workspace: <@><mark> <CanonicalAddress> $| <result>
+R<@> <$+> <$*> $| <$*> $: <$3> <$1> <$2> reverse result
+dnl workspace: <result> <mark> <CanonicalAddress>
# retransform for further use
-R<USER $+> <$+> $* $: <$1> $3',
-`dnl')
+dnl required form:
+dnl <ResultOfLookup|mark> CanonicalAddress
+R<?> <$+> <$*> $: <$1> $2 no match
+R<$+> <$+> <$*> $: <$1> $3 relevant result, keep it', `dnl')
+dnl workspace <ResultOfLookup|mark> CanonicalAddress
+dnl mark is ? iff the address is user (wo @domain)
ifdef(`_ACCEPT_UNQUALIFIED_SENDERS_',`dnl',`dnl
# handle case of no @domain on address
+dnl prepend daemon_flags
+R<?> $* $: $&{daemon_flags} $| <?> $1
+dnl accept unqualified sender: change mark to avoid test
+R$* u $* $| <?> $* $: <OK> $3
+dnl remove daemon_flags
+R$* $| $* $: $2
R<?> $* $: < ? $&{client_name} > $1
R<?> $* $@ <OK> ...local unqualed ok
R<? $+> $* $#error $@ 5.5.4 $: "553 Domain name required"
...remote is not')
# check results
-R<?> $* $@ <OK>
+R<?> $* $: @ $1 mark address: nothing known about it
R<OK> $* $@ <OK>
-R<TEMP> $* $#error $@ 4.1.8 $: "451 Sender domain must resolve"
-R<PERM> $* $#error $@ 5.1.8 $: "501 Sender domain must exist"
-ifdef(`ACCESS_TABLE', `dnl
-R<RELAY> $* $@ <RELAY>
+R<TEMP> $* $#error $@ 4.1.8 $: "451 Domain of sender address " $&f " does not resolve"
+R<PERM> $* $#error $@ 5.1.8 $: "501 Domain of sender address " $&f " does not exist"
+ifdef(`_ACCESS_TABLE_', `dnl
+R<$={Accept}> $* $# $1
R<DISCARD> $* $#discard $: discard
-R<REJECT> $* $#error $@ 5.7.1 $: "ifdef(`confREJECT_MSG', `confREJECT_MSG', `550 Access denied')"
-R<$+> $* $#error $@ 5.7.1 $: $1 error from access db',
+R<REJECT> $* $#error ifdef(`confREJECT_MSG', `$: "confREJECT_MSG"', `$@ 5.7.1 $: "550 Access denied"')
+dnl error tag
+R<ERROR:$-.$-.$-:$+> $* $#error $@ $1.$2.$3 $: $4
+R<ERROR:$+> $* $#error $: $1
+dnl generic error from access map
+R<$+> $* $#error $: $1 error from access db',
`dnl')
######################################################################
@@ -1196,7 +1564,7 @@ R<$+> $* $#error $@ 5.7.1 $: $1 error from access db',
######################################################################
SLocal_check_rcpt
-Scheck_rcpt
+Scheck`'_U_`'rcpt
R$* $: $1 $| $>"Local_check_rcpt" $1
R$* $| $#$* $#$2
R$* $| $* $@ $>"Basic_check_rcpt" $1
@@ -1207,6 +1575,22 @@ R$* $: < ${deliveryMode} > $1
R< d > $* $@ deferred
R< $* > $* $: $2
+ifdef(`_REQUIRE_QUAL_RCPT_', `dnl
+# require qualified recipient?
+R$+ $: <?> $1
+R<?><$+> $: <@> <$1>
+R<?>$+ $: <@> <$1>
+dnl prepend daemon_flags
+R$* $: $&{daemon_flags} $| $1
+dnl workspace: ${daemon_flags} $| <@> <address>
+dnl do not allow these at all or only from local systems?
+R$* r $* $| <@> < $* @ $- > $: < ? $&{client_name} > < $3 @ $4 >
+R<?> < $* > $: <$1>
+R<? $=w> < $* > $: <$1>
+R<? $+> <$+> $#error $@ 5.5.4 $: "553 Domain name required"
+dnl remove daemon_flags for other cases
+R$* $| <@> $* $: $2', `dnl')
+
ifdef(`_LOOSE_RELAY_CHECK_',`dnl
R$* $: $>CanonAddr $1
R$* < @ $* . > $1 < @ $2 > strip trailing dots',
@@ -1219,49 +1603,89 @@ R$* < @ $* > $* $: $1 < @ $2 @@ $(bestmx $2 $) > $3',
`dnl
# limit bestmx to $=B
R$* < @ $* $=B > $* $: $1 < @ $2 $3 @@ $(bestmx $2 $3 $) > $4')
-R$* $=O $* < @ $* @@ $=w . > $* $@ $>Basic_check_rcpt $1 $2 $3
+R$* $=O $* < @ $* @@ $=w . > $* $@ $>"Basic_check_rcpt" $1 $2 $3
R$* < @ $* @@ $=w . > $* $: $1 < @ $3 > $4
R$* < @ $* @@ $* > $* $: $1 < @ $2 > $4')
ifdef(`_BLACKLIST_RCPT_',`dnl
-ifdef(`ACCESS_TABLE', `dnl
+ifdef(`_ACCESS_TABLE_', `dnl
# blacklist local users or any host from receiving mail
R$* $: <?> $1
-R<?> $+ < @ $=w > $: <> <USER $1> <FULL $1@$2> <HOST $2> <$1 < @ $2 >>
-R<?> $+ < @ $* > $: <> <FULL $1@$2> <HOST $2> <$1 < @ $2 >>
-R<?> $+ $: <> <USER $1> <$1>
-R<> <USER $+> $* $: <$(access $1 $: $)> $2
-R<> <FULL $+> $* $: <$(access $1 $: $)> $2
-R<OK> <FULL $+> $* $: <$(access $1 $: $)> $2
-R<> <HOST $+> $* $: <$(access $1 $: $)> $2
-R<OK> <HOST $+> $* $: <$(access $1 $: $)> $2
-R<> <$*> $: $1
-R<OK> <$*> $: $1
-R<RELAY> <$*> $: $1
+dnl user is now tagged with @ to be consistent with check_mail
+dnl and to distinguish users from hosts (com would be host, com@ would be user)
+R<?> $+ < @ $=w > $: <> <$1 < @ $2 >> $| <F:$1@$2> <U:$1@> <H:$2>
+R<?> $+ < @ $* > $: <> <$1 < @ $2 >> $| <F:$1@$2> <H:$2>
+R<?> $+ $: <> <$1> $| <U:$1@>
+dnl $| is used as delimiter, otherwise false matches may occur: <user<@domain>>
+dnl will only return user<@domain when "reversing" the args
+R<> <$*> $| <$+> $: <@> <$1> $| $>SearchList <+To> $| <$2> <>
+R<@> <$*> $| <$*> $: <$2> <$1> reverse result
+R<?> <$*> $: @ $1 mark address as no match
+R<$={Accept}> <$*> $: @ $2 mark address as no match
+ifdef(`_DELAY_CHECKS_',`dnl
+dnl we have to filter these because otherwise they would be interpreted
+dnl as generic error message...
+dnl error messages should be "tagged" by prefixing them with error: !
+dnl that would make a lot of things easier.
+dnl maybe we should stop checks already here (if SPAM_xyx)?
+R<$={SpamTag}> <$*> $: @ $2 mark address as no match')
R<REJECT> $* $#error $@ 5.2.1 $: "550 Mailbox disabled for this recipient"
-R<$+> $* $#error $@ 5.2.1 $: $1 error from access db', `dnl')', `dnl')
-
-ifdef(`_PROMISCUOUS_RELAY_', `dnl', `dnl
+R<DISCARD> $* $#discard $: discard
+dnl error tag
+R<ERROR:$-.$-.$-:$+> $* $#error $@ $1.$2.$3 $: $4
+R<ERROR:$+> $* $#error $: $1
+dnl generic error from access map
+R<$+> $* $#error $: $1 error from access db
+R@ $* $1 remove mark', `dnl')', `dnl')
+
+ifdef(`_PROMISCUOUS_RELAY_', `divert(-1)')
+# authenticated?
+dnl do this unconditionally? this requires to manage CAs carefully
+dnl just because someone has a CERT signed by a "trusted" CA
+dnl does not mean we want to allow relaying for her,
+dnl either use a subroutine or provide something more sophisticated
+dnl this could for example check the DN (maybe an access map lookup)
+R$* $: $1 $| $>RelayAuth $1 $| $&{verify} client authenticated?
+R$* $| $# $+ $# $2 error/ok?
+R$* $| $* $: $1 no
+
+# authenticated by a trusted mechanism?
+R$* $: $1 $| $&{auth_type}
+dnl empty ${auth_type}?
+R$* $| $: $1
+dnl mechanism ${auth_type} accepted?
+dnl use $# to override further tests (delay_checks): see check_rcpt below
+R$* $| $={TrustAuthMech} $# RELAYAUTH
+dnl undo addition of ${auth_type}
+R$* $| $* $: $1
+dnl workspace: localpart<@domain>
+ifelse(defn(`_NO_UUCP_'), `r',
+`R$* ! $* < @ $* > $: <REMOTE> $2 < @ BANG_PATH >', `dnl')
# anything terminating locally is ok
ifdef(`_RELAY_ENTIRE_DOMAIN_', `dnl
-R$+ < @ $* $=m > $@ OK', `dnl')
-R$+ < @ $=w > $@ OK
+R$+ < @ $* $=m > $@ RELAYTO', `dnl')
+R$+ < @ $=w > $@ RELAYTO
ifdef(`_RELAY_HOSTS_ONLY_',
-`R$+ < @ $=R > $@ OK
-ifdef(`ACCESS_TABLE', `dnl
-R$+ < @ $* > $: <$(access $2 $: ? $)> <$1 < @ $2 >>',`dnl')',
-`R$+ < @ $* $=R > $@ OK
-ifdef(`ACCESS_TABLE', `dnl
-R$+ < @ $* > $: $>LookUpDomain <$2> <?> <$1 < @ $2 >>',`dnl')')
-ifdef(`ACCESS_TABLE', `dnl
-R<RELAY> $* $@ RELAY
+`R$+ < @ $=R > $@ RELAYTO
+ifdef(`_ACCESS_TABLE_', `dnl
+R$+ < @ $+ > $: <$(access To:$2 $: ? $)> <$1 < @ $2 >>
+dnl workspace: <Result-of-lookup | ?> <localpart<@domain>>
+R<?> <$+ < @ $+ >> $: <$(access $2 $: ? $)> <$1 < @ $2 >>',`dnl')',
+`R$+ < @ $* $=R > $@ RELAYTO
+ifdef(`_ACCESS_TABLE_', `dnl
+R$+ < @ $+ > $: $>LookUpDomain <$2> <?> <$1 < @ $2 >> <+To>',`dnl')')
+ifdef(`_ACCESS_TABLE_', `dnl
+dnl workspace: <Result-of-lookup | ?> <localpart<@domain>>
+R<RELAY> $* $@ RELAYTO
R<$*> <$*> $: $2',`dnl')
+
ifdef(`_RELAY_MX_SERVED_', `dnl
# allow relaying for hosts which we MX serve
-R$+ < @ $* > $: < : $(mxserved $2 $) : > $1 < @ $2 >
+R$+ < @ $+ > $: < : $(mxserved $2 $) : > $1 < @ $2 >
+dnl this must not necessarily happen if the client is checked first...
R< : $* <TEMP> : > $* $#error $@ 4.7.1 $: "450 Can not check MX records for recipient host " $1
-R<$* : $=w . : $*> $* $@ OK
+R<$* : $=w . : $*> $* $@ RELAYTO
R< : $* : > $* $: $2',
`dnl')
@@ -1269,55 +1693,374 @@ R< : $* : > $* $: $2',
R$* $: <?> $1
R<?> $* < @ $+ > $: <REMOTE> $1 < @ $2 >
# local user is ok
-R<?> $+ $@ OK
+dnl is it really? the standard requires user@domain, not just user
+dnl but we should accept it anyway (maybe making it an option:
+dnl RequireFQDN ?)
+dnl postmaster must be accepted without domain (DRUMS)
+ifdef(`_REQUIRE_QUAL_RCPT_', `dnl
+R<?> postmaster $@ TOPOSTMASTER
+# require qualified recipient?
+dnl prepend daemon_flags
+R<?> $+ $: $&{daemon_flags} $| <?> $1
+dnl workspace: ${daemon_flags} $| <?> localpart
+dnl do not allow these at all or only from local systems?
+dnl r flag? add client_name
+R$* r $* $| <?> $+ $: < ? $&{client_name} > <?> $3
+dnl no r flag: relay to local user (only local part)
+# no qualified recipient required
+R$* $| <?> $+ $@ RELAYTOLOCAL
+dnl client_name is empty
+R<?> <?> $+ $@ RELAYTOLOCAL
+dnl client_name is local
+R<? $=w> <?> $+ $@ RELAYTOLOCAL
+dnl client_name is not local
+R<? $+> $+ $#error $@ 5.5.4 $: "553 Domain name required"', `dnl
+dnl no qualified recipient required
+R<?> $+ $@ RELAYTOLOCAL')
+dnl it is a remote user: remove mark and then check client
R<$+> $* $: $2
+dnl currently the recipient address is not used below
# anything originating locally is ok
+# check IP address
+R$* $: $&{client_addr}
+R$@ $@ RELAYFROM originated locally
+R0 $@ RELAYFROM originated locally
+R$=R $* $@ RELAYFROM relayable IP address
+ifdef(`_ACCESS_TABLE_', `dnl
+R$* $: $>LookUpAddress <$1> <?> <$1> <+Connect>
+R<RELAY> $* $@ RELAYFROM relayable IP address
+R<$*> <$*> $: $2', `dnl')
+R$* $: [ $1 ] put brackets around it...
+R$=w $@ RELAYFROM ... and see if it is local
+
+ifdef(`_RELAY_DB_FROM_', `define(`_RELAY_MAIL_FROM_', `1')')dnl
+ifdef(`_RELAY_LOCAL_FROM_', `define(`_RELAY_MAIL_FROM_', `1')')dnl
+ifdef(`_RELAY_MAIL_FROM_', `dnl
+dnl input: {client_addr} or something "broken"
+dnl just throw the input away; we do not need it.
+# check whether FROM is allowed to use system as relay
+R$* $: <?> $>CanonAddr $&f
+ifdef(`_RELAY_LOCAL_FROM_', `dnl
+# check whether local FROM is ok
+R<?> $+ < @ $=w . > $@ RELAYFROMMAIL FROM local', `dnl')
+ifdef(`_RELAY_DB_FROM_', `dnl
+R<?> $+ < @ $+ . > <?> $1 < @ $2 > remove trailing dot
+R<?> $+ < @ $+ > $: $1 < @ $2 > $| $>SearchList <! From> $| <F:$1@$2> ifdef(`_RELAY_DB_FROM_DOMAIN_', `<H:$2>') <>
+R$* <RELAY> $@ RELAYFROMMAIL RELAY FROM sender ok', `dnl
+ifdef(`_RELAY_DB_FROM_DOMAIN_', `errprint(`*** ERROR: _RELAY_DB_FROM_DOMAIN_ requires _RELAY_DB_FROM_
+')',
+`dnl')
+dnl')', `dnl')
+
+# check client name: first: did it resolve?
+dnl input: ignored
+R$* $: < $&{client_resolve} >
+R<TEMP> $#error $@ 4.7.1 $: "450 Relaying temporarily denied. Cannot resolve PTR record for " $&{client_addr}
+R<FORGED> $#error $@ 5.7.1 $: "550 Relaying denied. IP name possibly forged " $&{client_name}
+R<FAIL> $#error $@ 5.7.1 $: "550 Relaying denied. IP name lookup failed " $&{client_name}
+dnl ${client_resolve} should be OK, so go ahead
R$* $: <?> $&{client_name}
-# check if bracketed IP address (forward lookup != reverse lookup)
-R<?> [$+] $: <BAD> [$1]
# pass to name server to make hostname canonical
-R<?> $* $~P $: <?> $[ $1 $2 $]
-R<$-> $* $: $2
-R$* . $1 strip trailing dots
-R$@ $@ OK
+R<?> $* $~P $:<?> $[ $1 $2 $]
+R$* . $1 strip trailing dots
+dnl should not be necessary since it has been done for client_addr already
+R<?> $@ RELAYFROM
ifdef(`_RELAY_ENTIRE_DOMAIN_', `dnl
-R$* $=m $@ OK', `dnl')
-R$=w $@ OK
+R<?> $* $=m $@ RELAYFROM', `dnl')
+R<?> $=w $@ RELAYFROM
ifdef(`_RELAY_HOSTS_ONLY_',
-`R$=R $@ OK
-ifdef(`ACCESS_TABLE', `dnl
-R$* $: <$(access $1 $: ? $)> <$1>',`dnl')',
-`R$* $=R $@ OK
-ifdef(`ACCESS_TABLE', `dnl
-R$* $: $>LookUpDomain <$1> <?> <$1>',`dnl')')
-ifdef(`ACCESS_TABLE', `dnl
-R<RELAY> $* $@ RELAY
+`R<?> $=R $@ RELAYFROM
+ifdef(`_ACCESS_TABLE_', `dnl
+R<?> $* $: <$(access Connect:$1 $: ? $)> <$1>
+R<?> <$*> $: <$(access $1 $: ? $)> <$1>',`dnl')',
+`R<?> $* $=R $@ RELAYFROM
+ifdef(`_ACCESS_TABLE_', `dnl
+R<?> $* $: $>LookUpDomain <$1> <?> <$1> <+Connect>',`dnl')')
+ifdef(`_ACCESS_TABLE_', `dnl
+R<RELAY> $* $@ RELAYFROM
R<$*> <$*> $: $2',`dnl')
-# check IP address
-R$* $: $&{client_addr}
-R$@ $@ OK originated locally
-R0 $@ OK originated locally
-R$=R $* $@ OK relayable IP address
-ifdef(`ACCESS_TABLE', `dnl
-R$* $: $>LookUpAddress <$1> <?> <$1>
-R<RELAY> $* $@ RELAY relayable IP address
-R<$*> <$*> $: $2', `dnl')
-R$* $: [ $1 ] put brackets around it...
-R$=w $@ OK ... and see if it is local
-
-ifdef(`_RELAY_LOCAL_FROM_', `dnl
-# anything with a local FROM is ok
-R$* $: $1 $| $>CanonAddr $&f
-R$* $| $+ < @ $=w . > $@ OK FROM local
+# anything else is bogus
+R$* $#error $@ 5.7.1 $: confRELAY_MSG
+divert(0)
+ifdef(`_DELAY_CHECKS_',`dnl
+# turn a canonical address in the form user<@domain>
+# qualify unqual. addresses with $j
+dnl it might have been only user (without <@domain>)
+SFullAddr
+R$* <@ $+ . > $1 <@ $2 >
+R$* <@ $* > $@ $1 <@ $2 >
+R$+ $@ $1 <@ $j >
+
+# call all necessary rulesets
+Scheck_rcpt
+dnl this test should be in the Basic_check_rcpt ruleset
+dnl which is the correct DSN code?
+# R$@ $#error $@ 5.1.3 $: "553 Recipient address required"
+R$+ $: $1 $| $>checkrcpt $1
+dnl now we can simply stop checks by returning "$# xyz" instead of just "ok"
+R$+ $| $#$* $#$2
+R$+ $| $* $: <?> $>FullAddr $>CanonAddr $1
+ifdef(`_SPAM_FH_',
+`dnl lookup user@ and user@address
+ifdef(`_ACCESS_TABLE_', `',
+`errprint(`*** ERROR: FEATURE(`delay_checks', `argument') requires FEATURE(`access_db')
+')')dnl
+dnl one of the next two rules is supposed to match
+dnl this code has been copied from BLACKLIST... etc
+dnl and simplified by omitting some < >.
+R<?> $+ < @ $=w > $: <> $1 < @ $2 > $| <F: $1@$2 > <U: $1@>
+R<?> $+ < @ $* > $: <> $1 < @ $2 > $| <F: $1@$2 >
+dnl R<?> $@ something_is_very_wrong_here
+# lookup the addresses only with To tag
+R<> $* $| <$+> $: <@> $1 $| $>SearchList <!To> $| <$2> <>
+R<@> $* $| $* $: $2 $1 reverse result
+dnl', `dnl')
+ifdef(`_SPAM_FRIEND_',
+`# is the recipient a spam friend?
+ifdef(`_SPAM_HATER_',
+ `errprint(`*** ERROR: define either SpamHater or SpamFriend
+')', `dnl')
+R<SPAMFRIEND> $+ $@ SPAMFRIEND
+R<$*> $+ $: $2',
+`dnl')
+ifdef(`_SPAM_HATER_',
+`# is the recipient no spam hater?
+R<SPAMHATER> $+ $: $1 spam hater: continue checks
+R<$*> $+ $@ NOSPAMHATER everyone else: stop
+dnl',`dnl')
+dnl run further checks: check_mail
+dnl should we "clean up" $&f?
+R$* $: $1 $| $>checkmail <$&f>
+R$* $| $#$* $#$2
+dnl run further checks: check_relay
+R$* $: $1 $| $>checkrelay $&{client_name} $| $&{client_addr}
+R$* $| $#$* $#$2
R$* $| $* $: $1
', `dnl')
+ifdef(`_ACCESS_TABLE_', `dnl
+######################################################################
+### SearchList: search a list of items in the access map
+### Parameters:
+### <exact tag> $| <mark:address> <mark:address> ... <>
+dnl maybe we should have a @ (again) in front of the mark to
+dnl avoid errorneous matches (with error messages?)
+dnl if we can make sure that tag is always a single token
+dnl then we can omit the delimiter $|, otherwise we need it
+dnl to avoid errorneous matchs (first rule: H: if there
+dnl is that mark somewhere in the list, it will be taken).
+dnl moreover, we can do some tricks to enforce lookup with
+dnl the tag only, e.g.:
+### where "exact" is either "+" or "!":
+### <+ TAG> lookup with and w/o tag
+### <! TAG> lookup with tag
+dnl Warning: + and ! should be in OperatorChars (otherwise there must be
+dnl a blank between them and the tag.
+### possible values for "mark" are:
+### H: recursive host lookup (LookUpDomain)
+dnl A: recursive address lookup (LookUpAddress) [not yet required]
+### E: exact lookup, no modifications
+### F: full lookup, try user+ext@domain and user@domain
+### U: user lookup, try user+ext and user (input must have trailing @)
+### return: <RHS of lookup> or <?> (not found)
+######################################################################
-# anything else is bogus
-R$* $#error $@ 5.7.1 $: "550 Relaying denied"')
+# class with valid marks for SearchList
+dnl if A is activated: add it
+C{src}E F H U
+SSearchList
+# mark H: lookup domain
+R<$+> $| <H:$+> <$*> $: <$1> $| <@> $>LookUpDomain <$2> <?> <$3> <$1>
+R<$+> $| <@> <$+> <$*> $: <$1> $| <$2> <$3>
+dnl A: NOT YET REQUIRED
+dnl R<$+> $| <A:$+> <$*> $: <$1> $| <@> $>LookUpAddress <$2> <?> <$3> <$1>
+dnl R<$+> $| <@> <$+> <$*> $: <$1> $| <$2> <$3>
+dnl lookup of the item with tag
+dnl this applies to F: U: E:
+R<$- $-> $| <$={src}:$+> <$*> $: <$1 $2> $| <$(access $2`'_TAG_DELIM_`'$4 $: $3:$4 $)> <$5>
+dnl no match, try without tag
+R<+ $-> $| <$={src}:$+> <$*> $: <+ $1> $| <$(access $3 $: $2:$3 $)> <$4>
+dnl do we really have to distinguish these cases?
+dnl probably yes, there might be a + in the domain part (is that allowed?)
+dnl user+detail lookups: should it be:
+dnl user+detail, user+*, user; just like aliases?
+R<$- $-> $| <F:$* + $*@$+> <$*> $: <$1 $2> $| <$(access $2`'_TAG_DELIM_`'$3@$5 $: F:$3 + $4@$5$)> <$6>
+R<+ $-> $| <F:$* + $*@$+> <$*> $: <+ $1> $| <$(access $2@$4 $: F:$2 + $3@$4$)> <$5>
+dnl user lookups are always with trailing @
+dnl do not remove the @ from the lookup:
+dnl it is part of the +detail@ which is omitted for the lookup
+R<$- $-> $| <U:$* + $*> <$*> $: <$1 $2> $| <$(access $2`'_TAG_DELIM_`'$3@ $: U:$3 + $4$)> <$5>
+dnl no match, try without tag
+R<+ $-> $| <U:$* + $*> <$*> $: <+ $1> $| <$(access $2@ $: U:$2 + $3$)> <$4>
+dnl no match, try rest of list
+R<$+> $| <$={src}:$+> <$+> $@ $>SearchList <$1> $| <$4>
+dnl no match, list empty: return failure
+R<$+> $| <$={src}:$+> <> $@ <?>
+dnl got result, return it
+R<$+> $| <$+> <$*> $@ <$2>
+dnl return result from recursive invocation
+R<$+> $| <$+> $@ <$2>', `dnl')
+
+# is user trusted to authenticate as someone else?
+dnl AUTH= parameter from MAIL command
+Strust_auth
+R$* $: $&{auth_type} $| $1
+# required by RFC 2554 section 4.
+R$@ $| $* $#error $@ 5.7.1 $: "550 not authenticated"
+dnl seems to be useful...
+R$* $| $&{auth_authen} $@ identical
+R$* $| <$&{auth_authen}> $@ identical
+dnl call user supplied code
+R$* $| $* $: $1 $| $>"Local_trust_auth" $1
+R$* $| $#$* $#$2
+dnl default: error
+R$* $#error $@ 5.7.1 $: "550 " $&{auth_authen} " not allowed to act as " $&{auth_author}
+
+dnl empty ruleset definition so it can be called
+SLocal_trust_auth
+
+ifdef(`_FFR_TLS_O_T', `dnl
+Soffer_tls
+R$* $: $>LookUpDomain <$&{client_name}> <?> <> <! TLS_OFF_TAG>
+R<?>$* $: $>LookUpAddress <$&{client_addr}> <?> <> <! TLS_OFF_TAG>
+R<?>$* $: <$(access TLS_OFF_TAG: $: ? $)>
+R<?>$* $@ OK
+R<NO> <> $#error $@ 5.7.1 $: "550 do not offer TLS for " $&{client_name} " ["$&{client_addr}"]"
+
+Stry_tls
+R$* $: $>LookUpDomain <$&{server_name}> <?> <> <! TLS_TRY_TAG>
+R<?>$* $: $>LookUpAddress <$&{server_addr}> <?> <> <! TLS_TRY_TAG>
+R<?>$* $: <$(access TLS_TRY_TAG: $: ? $)>
+R<?>$* $@ OK
+R<NO> <> $#error $@ 5.7.1 $: "550 do not try TLS with " $&{server_name} " ["$&{server_addr}"]"
+')dnl
-undivert(9)dnl
+# is connection with client "good" enough? (done in server)
+# input: ${verify} $| (MAIL|STARTTLS)
+dnl MAIL: called from check_mail
+dnl STARTTLS: called from smtp() after STARTTLS has been accepted
+Stls_client
+ifdef(`_ACCESS_TABLE_', `dnl
+dnl ignore second arg for now
+dnl maybe use it to distinguish permanent/temporary error?
+dnl if MAIL: permanent (STARTTLS has not been offered)
+dnl if STARTTLS: temporary (offered but maybe failed)
+R$* $| $* $: $1 $| $>LookUpDomain <$&{client_name}> <?> <> <! TLS_CLT_TAG>
+R$* $| <?>$* $: $1 $| $>LookUpAddress <$&{client_addr}> <?> <> <! TLS_CLT_TAG>
+dnl do a default lookup: just TLS_CLT_TAG
+R$* $| <?>$* $: $1 $| <$(access TLS_CLT_TAG`'_TAG_DELIM_ $: ? $)>
+R$* $@ $>"tls_connection" $1', `dnl
+R$* $| $* $@ $>"tls_connection" $1')
+
+# is connection with server "good" enough? (done in client)
+dnl i.e. has the server been authenticated and is encryption active?
+dnl called from deliver() after STARTTLS command
+# input: ${verify}
+Stls_server
+ifdef(`_ACCESS_TABLE_', `dnl
+R$* $: $1 $| $>LookUpDomain <$&{server_name}> <?> <> <! TLS_SRV_TAG>
+R$* $| <?>$* $: $1 $| $>LookUpAddress <$&{server_addr}> <?> <> <! TLS_SRV_TAG>
+dnl do a default lookup: just TLS_SRV_TAG
+R$* $| <?>$* $: $1 $| <$(access TLS_SRV_TAG`'_TAG_DELIM_ $: ? $)>
+R$* $@ $>"tls_connection" $1', `dnl
+R$* $@ $>"tls_connection" $1')
+
+Stls_connection
+ifdef(`_ACCESS_TABLE_', `dnl
+dnl common ruleset for tls_{client|server}
+dnl input: $&{verify} $| <ResultOfLookup> [<>]
+dnl remove optional <>
+R$* $| <$*>$* $: $1 $| <$2>
+dnl permanent or temporary error?
+R$* $| <PERM + $={tls} $*> $: $1 $| <503:5.7.0> <$2 $3>
+R$* $| <TEMP + $={tls} $*> $: $1 $| <403:4.7.0> <$2 $3>
+dnl default case depends on TLS_PERM_ERR
+R$* $| <$={tls} $*> $: $1 $| <ifdef(`TLS_PERM_ERR', `503:5.7.0', `403:4.7.0')> <$2 $3>
+dnl deal with TLS handshake failures: abort
+RSOFTWARE $| <$-:$+> $* $#error $@ $2 $: $1 " TLS handshake failed."
+dnl no <reply:dns> i.e. not requirements in the access map
+dnl use default error
+RSOFTWARE $| $* $#error $@ ifdef(`TLS_PERM_ERR', `5.7.0', `4.7.0') $: "ifdef(`TLS_PERM_ERR', `503', `403') TLS handshake failed."
+R$* $| <$*> <VERIFY> $: <$2> <VERIFY> $1
+R$* $| <$*> <$={tls}:$->$* $: <$2> <$3:$4> $1
+dnl some other value in access map: accept
+dnl this also allows to override the default case (if used)
+R$* $| $* $@ OK
+# authentication required: give appropriate error
+# other side did authenticate (via STARTTLS)
+dnl workspace: <SMTP:ESC> <{VERIFY,ENCR}[:BITS]> ${verify}
+dnl only verification required and it succeeded
+R<$*><VERIFY> OK $@ OK
+dnl verification required + some level of encryption
+R<$*><VERIFY:$-> OK $: <$1> <REQ:$2>
+dnl just some level of encryption required
+R<$*><ENCR:$-> $* $: <$1> <REQ:$2>
+dnl verification required but ${verify} is not set
+R<$-:$+><VERIFY $*> $#error $@ $2 $: $1 " authentication required"
+R<$-:$+><VERIFY $*> FAIL $#error $@ $2 $: $1 " authentication failed"
+R<$-:$+><VERIFY $*> NO $#error $@ $2 $: $1 " not authenticated"
+R<$-:$+><VERIFY $*> NONE $#error $@ $2 $: $1 " other side does not support STARTTLS"
+dnl some other value for ${verify}
+R<$-:$+><VERIFY $*> $+ $#error $@ $2 $: $1 " authentication failure " $4
+dnl some level of encryption required: get the maximum level
+R<$*><REQ:$-> $: <$1> <REQ:$2> $>max $&{cipher_bits} : $&{auth_ssf}
+dnl compare required bits with actual bits
+R<$*><REQ:$-> $- $: <$1> <$2:$3> $(arith l $@ $3 $@ $2 $)
+R<$-:$+><$-:$-> TRUE $#error $@ $2 $: $1 " encryption too weak " $4 " less than " $3
+
+Smax
+dnl compute the max of two values separated by :
+R: $: 0
+R:$- $: $1
+R$-: $: $1
+R$-:$- $: $(arith l $@ $1 $@ $2 $) : $1 : $2
+RTRUE:$-:$- $: $2
+R$-:$-:$- $: $2',
+`dnl use default error
+dnl deal with TLS handshake failures: abort
+RSOFTWARE $#error $@ ifdef(`TLS_PERM_ERR', `5.7.0', `4.7.0') $: "ifdef(`TLS_PERM_ERR', `503', `403') TLS handshake."')
+
+SRelayAuth
+# authenticated?
+dnl we do not allow relaying for anyone who can present a cert
+dnl signed by a "trusted" CA. For example, even if we put verisigns
+dnl CA in CERTPath so we can authenticate users, we do not allow
+dnl them to abuse our server (they might be easier to get hold of,
+dnl but anyway).
+dnl so here is the trick: if the verification succeeded
+dnl we look up the cert issuer in the access map
+dnl (maybe after extracting a part with a regular expression)
+dnl if this returns RELAY we relay without further questions
+dnl if it returns SUBJECT we perform a similar check on the
+dnl cert subject.
+R$* $| OK $: $1
+R$* $| $* $@ NO not authenticated
+ifdef(`_ACCESS_TABLE_', `dnl
+ifdef(`_CERT_REGEX_ISSUER_', `dnl
+R$* $: $1 $| $(CERTIssuer $&{cert_issuer} $)',
+`R$* $: $1 $| $&{cert_issuer}')
+R$* $| $+ $: $1 $| $(access CERTISSUER:$2 $)
+dnl use $# to stop further checks (delay_check)
+R$* $| RELAY $# RELAYCERTISSUER
+ifdef(`_CERT_REGEX_SUBJECT_', `dnl
+R$* $| SUBJECT $: $1 $| <@> $(CERTSubject $&{cert_subject} $)',
+`R$* $| SUBJECT $: $1 $| <@> $&{cert_subject}')
+R$* $| <@> $+ $: $1 $| <@> $(access CERTSUBJECT:$&{cert_subject} $)
+R$* $| <@> RELAY $# RELAYCERTSUBJECT
+R$* $| $* $: $1', `dnl')
+
+undivert(9)dnl LOCAL_RULESETS
+ifdef(`_FFR_MILTER', `
+#
+######################################################################
+######################################################################
+#####
+`##### MAIL FILTER DEFINITIONS'
+#####
+######################################################################
+######################################################################
+_MAIL_FILTERS_')
#
######################################################################
######################################################################
@@ -1326,4 +2069,4 @@ undivert(9)dnl
#####
######################################################################
######################################################################
-undivert(7)dnl
+undivert(7)dnl MAILER_DEFINITIONS
diff --git a/contrib/sendmail/cf/m4/version.m4 b/contrib/sendmail/cf/m4/version.m4
index 416488c97e25..402527297efb 100644
--- a/contrib/sendmail/cf/m4/version.m4
+++ b/contrib/sendmail/cf/m4/version.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -10,8 +11,8 @@ divert(-1)
# the sendmail distribution.
#
#
-VERSIONID(`@(#)version.m4 8.9.3.1 (Berkeley) 2/4/1999')
+VERSIONID(`$Id: version.m4,v 8.39.4.10 2000/07/19 20:40:59 gshapiro Exp $')
#
divert(0)
# Configuration version number
-DZ8.9.3`'ifdef(`confCF_VERSION', `/confCF_VERSION')
+DZ8.11.0`'ifdef(`confCF_VERSION', `/confCF_VERSION')
diff --git a/contrib/sendmail/cf/mailer/cyrus.m4 b/contrib/sendmail/cf/mailer/cyrus.m4
index 567025ffdd0e..a6afa4a953b2 100644
--- a/contrib/sendmail/cf/mailer/cyrus.m4
+++ b/contrib/sendmail/cf/mailer/cyrus.m4
@@ -1,6 +1,7 @@
PUSHDIVERT(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
@@ -12,17 +13,17 @@ PUSHDIVERT(-1)
#
#***************************************************************************
# (C) Copyright 1995 by Carnegie Mellon University
-#
+#
# All Rights Reserved
-#
-# Permission to use, copy, modify, and distribute this software and its
-# documentation for any purpose and without fee is hereby granted,
+#
+# Permission to use, copy, modify, and distribute this software and its
+# documentation for any purpose and without fee is hereby granted,
# provided that the above copyright notice appear in all copies and that
-# both that copyright notice and this permission notice appear in
+# both that copyright notice and this permission notice appear in
# supporting documentation, and that the name of CMU not be
# used in advertising or publicity pertaining to distribution of the
-# software without specific, written prior permission.
-#
+# software without specific, written prior permission.
+#
# CMU DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING
# ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL
# CMU BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR
@@ -32,13 +33,16 @@ PUSHDIVERT(-1)
# SOFTWARE.
#
# Contributed to Berkeley by John Gardiner Myers <jgm+@CMU.EDU>.
-#
+#
+
+ifdef(`_MAILER_local_', `',
+ `errprint(`*** MAILER(`local') must appear before MAILER(`cyrus')')')dnl
-ifdef(`CYRUS_MAILER_FLAGS',, `define(`CYRUS_MAILER_FLAGS', `A5@/:|')')
+_DEFIFNOT(`CYRUS_MAILER_FLAGS', `Ah5@/:|')
ifdef(`CYRUS_MAILER_PATH',, `define(`CYRUS_MAILER_PATH', /usr/cyrus/bin/deliver)')
ifdef(`CYRUS_MAILER_ARGS',, `define(`CYRUS_MAILER_ARGS', `deliver -e -m $h -- $u')')
ifdef(`CYRUS_MAILER_USER',, `define(`CYRUS_MAILER_USER', `cyrus:mail')')
-ifdef(`CYRUS_BB_MAILER_FLAGS',, `define(`CYRUS_BB_MAILER_FLAGS', `')')
+_DEFIFNOT(`CYRUS_BB_MAILER_FLAGS', `u')
ifdef(`CYRUS_BB_MAILER_ARGS',, `define(`CYRUS_BB_MAILER_ARGS', `deliver -e -m $u')')
POPDIVERT
@@ -47,12 +51,12 @@ POPDIVERT
### Cyrus Mailer specification ###
##################################################
-VERSIONID(`@(#)cyrus.m4 8.9 (Carnegie Mellon) 5/19/1998')
+VERSIONID(`$Id: cyrus.m4,v 8.21 1999/10/18 04:57:52 gshapiro Exp $ (Carnegie Mellon)')
-Mcyrus, P=CYRUS_MAILER_PATH, F=CONCAT(`lsDFMnPq', CYRUS_MAILER_FLAGS), S=10, R=20/40, T=X-Unix,
- ifdef(`CYRUS_MAILER_MAX', `M=CYRUS_MAILER_MAX, ')U=CYRUS_MAILER_USER,
+Mcyrus, P=CYRUS_MAILER_PATH, F=_MODMF_(CONCAT(`lsDFMnPq', CYRUS_MAILER_FLAGS), `CYRUS'), S=EnvFromL, R=EnvToL/HdrToL,
+ ifdef(`CYRUS_MAILER_MAX', `M=CYRUS_MAILER_MAX, ')U=CYRUS_MAILER_USER, T=DNS/RFC822/X-Unix,
A=CYRUS_MAILER_ARGS
-Mcyrusbb, P=CYRUS_MAILER_PATH, F=CONCAT(`lsDFMnP', CYRUS_BB_MAILER_FLAGS), S=10, R=20/40, T=X-Unix,
- ifdef(`CYRUS_MAILER_MAX', `M=CYRUS_MAILER_MAX, ')U=CYRUS_MAILER_USER,
+Mcyrusbb, P=CYRUS_MAILER_PATH, F=_MODMF_(CONCAT(`lsDFMnP', CYRUS_BB_MAILER_FLAGS), `CYRUS'), S=EnvFromL, R=EnvToL/HdrToL,
+ ifdef(`CYRUS_MAILER_MAX', `M=CYRUS_MAILER_MAX, ')U=CYRUS_MAILER_USER, T=DNS/RFC822/X-Unix,
A=CYRUS_BB_MAILER_ARGS
diff --git a/contrib/sendmail/cf/mailer/fax.m4 b/contrib/sendmail/cf/mailer/fax.m4
index 3ee94bdc308b..63c69314cb5a 100644
--- a/contrib/sendmail/cf/mailer/fax.m4
+++ b/contrib/sendmail/cf/mailer/fax.m4
@@ -1,6 +1,7 @@
PUSHDIVERT(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -26,9 +27,10 @@ POPDIVERT
### FAX Mailer specification ###
####################################
-VERSIONID(`@(#)fax.m4 8.11 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: fax.m4,v 8.15 1999/10/18 04:57:53 gshapiro Exp $')
-Mfax, P=FAX_MAILER_PATH, F=DFMhu, S=14, R=24, M=FAX_MAILER_MAX, T=X-Phone/X-FAX/X-Unix,
+Mfax, P=FAX_MAILER_PATH, F=DFMhu, S=14, R=24,
+ M=FAX_MAILER_MAX, T=X-Phone/X-FAX/X-Unix,
A=FAX_MAILER_ARGS
LOCAL_CONFIG
diff --git a/contrib/sendmail/cf/mailer/local.m4 b/contrib/sendmail/cf/mailer/local.m4
index 6b4b679d832b..6b14b19bf0cb 100644
--- a/contrib/sendmail/cf/mailer/local.m4
+++ b/contrib/sendmail/cf/mailer/local.m4
@@ -1,6 +1,7 @@
PUSHDIVERT(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -10,10 +11,13 @@ PUSHDIVERT(-1)
# the sendmail distribution.
#
#
-ifdef(`LOCAL_MAILER_FLAGS',, `define(`LOCAL_MAILER_FLAGS', `rmn9')')
+_DEFIFNOT(`_DEF_LOCAL_MAILER_FLAGS', `lsDFMAw5:/|@q')
+_DEFIFNOT(`LOCAL_MAILER_FLAGS', `Prmn9')
ifdef(`LOCAL_MAILER_PATH',, `define(`LOCAL_MAILER_PATH', /bin/mail)')
ifdef(`LOCAL_MAILER_ARGS',, `define(`LOCAL_MAILER_ARGS', `mail -d $u')')
-ifdef(`LOCAL_SHELL_FLAGS',, `define(`LOCAL_SHELL_FLAGS', `eu9')')
+ifdef(`LOCAL_MAILER_DSN_DIAGNOSTIC_CODE',, `define(`LOCAL_MAILER_DSN_DIAGNOSTIC_CODE', `X-Unix')')
+_DEFIFNOT(`_DEF_LOCAL_SHELL_FLAGS', `lsDFMoq')
+_DEFIFNOT(`LOCAL_SHELL_FLAGS', `eu9')
ifdef(`LOCAL_SHELL_PATH',, `define(`LOCAL_SHELL_PATH', /bin/sh)')
ifdef(`LOCAL_SHELL_ARGS',, `define(`LOCAL_SHELL_ARGS', `sh -c $u')')
ifdef(`LOCAL_SHELL_DIR',, `define(`LOCAL_SHELL_DIR', `$z:/')')
@@ -23,52 +27,59 @@ POPDIVERT
### Local and Program Mailer specification ###
##################################################
-VERSIONID(`@(#)local.m4 8.30 (Berkeley) 6/30/1998')
-
-Mlocal, P=LOCAL_MAILER_PATH, F=CONCAT(`lsDFMAw5:/|@q', LOCAL_MAILER_FLAGS), S=10/30, R=20/40,
- _OPTINS(`LOCAL_MAILER_MAX', `M=', `, ')_OPTINS(`LOCAL_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/X-Unix,
- A=LOCAL_MAILER_ARGS
-Mprog, P=LOCAL_SHELL_PATH, F=CONCAT(`lsDFMoq', LOCAL_SHELL_FLAGS), S=10/30, R=20/40, D=LOCAL_SHELL_DIR,
- _OPTINS(`LOCAL_MAILER_MAX', `M=', `, ')T=X-Unix,
- A=LOCAL_SHELL_ARGS
+VERSIONID(`$Id: local.m4,v 8.50.16.1 2000/06/12 18:25:40 gshapiro Exp $')
#
# Envelope sender rewriting
#
-S10
+SEnvFromL=10
R<@> $n errors to mailer-daemon
R@ <@ $*> $n temporarily bypass Sun bogosity
-R$+ $: $>50 $1 add local domain if needed
-R$* $: $>94 $1 do masquerading
+R$+ $: $>AddDomain $1 add local domain if needed
+R$* $: $>MasqEnv $1 do masquerading
#
# Envelope recipient rewriting
#
-S20
+SEnvToL=20
R$+ < @ $* > $: $1 strip host part
+ifdef(`_FFR_ADDR_TYPE', `dnl
+ifdef(`confUSERDB_SPEC', `dnl',
+`dnl Do not forget to bump V9 to V10 before removing _FFR_ADDR_TYPE check
+R$+ + $* $: < $&{addr_type} > $1 + $2 mark with addr type
+R<e s> $+ + $* $: $1 remove +detail for sender
+R< $* > $+ $: $2 else remove mark')', `dnl')
#
# Header sender rewriting
#
-S30
+SHdrFromL=30
R<@> $n errors to mailer-daemon
R@ <@ $*> $n temporarily bypass Sun bogosity
-R$+ $: $>50 $1 add local domain if needed
-R$* $: $>93 $1 do masquerading
+R$+ $: $>AddDomain $1 add local domain if needed
+R$* $: $>MasqHdr $1 do masquerading
#
# Header recipient rewriting
#
-S40
-R$+ $: $>50 $1 add local domain if needed
-ifdef(`_ALL_MASQUERADE_', `dnl
-R$* $: $>93 $1 do all-masquerading', `dnl')
+SHdrToL=40
+R$+ $: $>AddDomain $1 add local domain if needed
+ifdef(`_ALL_MASQUERADE_',
+`R$* $: $>MasqHdr $1 do all-masquerading',
+`R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2')
#
# Common code to add local domain name (only if always-add-domain)
#
-S50
+SAddDomain=50
ifdef(`_ALWAYS_ADD_DOMAIN_', `dnl
-R$* < @ $* > $* $@ $1 < @ $2 > $3 already fully qualified
-R$+ $@ $1 < @ *LOCAL* > add local qualification',
+R$* < @ $* > $* $@ $1 < @ $2 > $3 already fully qualified
+R$+ $@ $1 < @ *LOCAL* > add local qualification',
`dnl')
+
+Mlocal, P=LOCAL_MAILER_PATH, F=_MODMF_(CONCAT(_DEF_LOCAL_MAILER_FLAGS, LOCAL_MAILER_FLAGS), `LOCAL'), S=EnvFromL/HdrFromL, R=EnvToL/HdrToL,_OPTINS(`LOCAL_MAILER_EOL', ` E=', `, ')
+ _OPTINS(`LOCAL_MAILER_MAX', `M=', `, ')_OPTINS(`LOCAL_MAILER_MAXMSGS', `m=', `, ')_OPTINS(`LOCAL_MAILER_MAXRCPTS', `r=', `, ')_OPTINS(`LOCAL_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/LOCAL_MAILER_DSN_DIAGNOSTIC_CODE,
+ A=LOCAL_MAILER_ARGS
+Mprog, P=LOCAL_SHELL_PATH, F=CONCAT(_DEF_LOCAL_SHELL_FLAGS, LOCAL_SHELL_FLAGS), S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, D=LOCAL_SHELL_DIR,
+ _OPTINS(`LOCAL_MAILER_MAX', `M=', `, ')T=X-Unix/X-Unix/X-Unix,
+ A=LOCAL_SHELL_ARGS
diff --git a/contrib/sendmail/cf/mailer/mail11.m4 b/contrib/sendmail/cf/mailer/mail11.m4
index 222b53fc91d4..d60a0635503f 100644
--- a/contrib/sendmail/cf/mailer/mail11.m4
+++ b/contrib/sendmail/cf/mailer/mail11.m4
@@ -1,6 +1,7 @@
PUSHDIVERT(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
@@ -13,13 +14,13 @@ PUSHDIVERT(-1)
#
# This mailer is only useful if you have DECNET and the
# mail11 program - gatekeeper.dec.com:/pub/DEC/gwtools.
-#
+#
# For local delivery of DECNET style addresses to the local
# DECNET node, you will need feature(use_cw_file) and put
# your DECNET nodename in in the cw file.
#
ifdef(`MAIL11_MAILER_PATH',, `define(`MAIL11_MAILER_PATH', /usr/etc/mail11)')
-ifdef(`MAIL11_MAILER_FLAGS',, `define(`MAIL11_MAILER_FLAGS', nsFx)')
+_DEFIFNOT(`MAIL11_MAILER_FLAGS', `nsFx')
ifdef(`MAIL11_MAILER_ARGS',, `define(`MAIL11_MAILER_ARGS', mail11 $g $x $h $u)')
define(`_USE_DECNET_SYNTAX_')
define(`_LOCAL_', ifdef(`confLOCAL_MAILER', confLOCAL_MAILER, `local'))
@@ -40,19 +41,20 @@ POPDIVERT
### UTK-MAIL11 Mailer specification ###
###########################################
-VERSIONID(`@(#)mail11.m4 8.8 (Berkeley) 5/19/1998')
-
-Mmail11, P=MAIL11_MAILER_PATH, F=MAIL11_MAILER_FLAGS, S=15, R=25,
- A=MAIL11_MAILER_ARGS
+VERSIONID(`$Id: mail11.m4,v 8.19 1999/10/18 04:57:54 gshapiro Exp $')
-S15
+SMail11From=15
R$+ $: $>25 $1 preprocess
R$w :: $+ $@ $w :: $1 ready to go
-S25
+SMail11To=25
R$+ < @ $- .UUCP > $: $2 ! $1 back to old style
R$+ < @ $- .DECNET > $: $2 :: $1 convert to DECnet style
R$+ < @ $- .LOCAL > $: $2 :: $1 convert to DECnet style
R$+ < @ $=w. > $: $2 :: $1 convert to DECnet style
R$=w :: $+ $2 strip local names
R$+ :: $+ $@ $1 :: $2 already qualified
+
+Mmail11, P=MAIL11_MAILER_PATH, F=_MODMF_(MAIL11_MAILER_FLAGS, `MAIL11'), S=Mail11From, R=Mail11To,
+ T=DNS/X-DECnet/X-Unix,
+ A=MAIL11_MAILER_ARGS
diff --git a/contrib/sendmail/cf/mailer/phquery.m4 b/contrib/sendmail/cf/mailer/phquery.m4
index 3e0891ae37b9..09032e4b521b 100644
--- a/contrib/sendmail/cf/mailer/phquery.m4
+++ b/contrib/sendmail/cf/mailer/phquery.m4
@@ -1,6 +1,7 @@
PUSHDIVERT(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -13,8 +14,11 @@ PUSHDIVERT(-1)
# Contributed by Kimmo Suominen <kim@tac.nyc.ny.us>.
#
+ifdef(`_MAILER_local_', `',
+ `errprint(`*** MAILER(`local') must appear before MAILER(`phquery')')')dnl
+
ifdef(`PH_MAILER_PATH',, `define(`PH_MAILER_PATH', /usr/local/etc/phquery)')
-ifdef(`PH_MAILER_FLAGS',, `define(`PH_MAILER_FLAGS', `ehmu')')
+_DEFIFNOT(`PH_MAILER_FLAGS', `ehmu')
ifdef(`PH_MAILER_ARGS',, `define(`PH_MAILER_ARGS', `phquery -- $u')')
POPDIVERT
@@ -23,7 +27,8 @@ POPDIVERT
### PH Mailer specification ###
####################################
-VERSIONID(`@(#)phquery.m4 8.6 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: phquery.m4,v 8.15 1999/10/18 04:57:54 gshapiro Exp $')
-Mph, P=PH_MAILER_PATH, F=CONCAT(`nrDFM', PH_MAILER_FLAGS), S=10, R=20/40,
+Mph, P=PH_MAILER_PATH, F=_MODMF_(CONCAT(`nrDFM', PH_MAILER_FLAGS), `PH'), S=EnvFromL, R=EnvToL/HdrToL,
+ T=DNS/RFC822/X-Unix,
A=PH_MAILER_ARGS
diff --git a/contrib/sendmail/cf/mailer/pop.m4 b/contrib/sendmail/cf/mailer/pop.m4
index 0acea7d9fd5e..a7b373d13d26 100644
--- a/contrib/sendmail/cf/mailer/pop.m4
+++ b/contrib/sendmail/cf/mailer/pop.m4
@@ -1,6 +1,7 @@
PUSHDIVERT(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -11,8 +12,11 @@ PUSHDIVERT(-1)
#
#
+ifdef(`_MAILER_local_', `',
+ `errprint(`*** MAILER(`local') must appear before MAILER(`pop')')')dnl
+
ifdef(`POP_MAILER_PATH',, `define(`POP_MAILER_PATH', /usr/lib/mh/spop)')
-ifdef(`POP_MAILER_FLAGS',, `define(`POP_MAILER_FLAGS', `Penu')')
+_DEFIFNOT(`POP_MAILER_FLAGS', `Penu')
ifdef(`POP_MAILER_ARGS',, `define(`POP_MAILER_ARGS', `pop $u')')
POPDIVERT
@@ -21,9 +25,10 @@ POPDIVERT
### POP Mailer specification ###
####################################
-VERSIONID(`@(#)pop.m4 8.11 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: pop.m4,v 8.20 1999/10/18 04:57:54 gshapiro Exp $')
-Mpop, P=POP_MAILER_PATH, F=CONCAT(`lsDFMq', POP_MAILER_FLAGS), S=10, R=20/40, T=DNS/RFC822/X-Unix,
+Mpop, P=POP_MAILER_PATH, F=_MODMF_(CONCAT(`lsDFMq', POP_MAILER_FLAGS), `POP'), S=EnvFromL, R=EnvToL/HdrToL,
+ T=DNS/RFC822/X-Unix,
A=POP_MAILER_ARGS
LOCAL_CONFIG
diff --git a/contrib/sendmail/cf/mailer/procmail.m4 b/contrib/sendmail/cf/mailer/procmail.m4
index 38b6d200dd58..8589f3a89afb 100644
--- a/contrib/sendmail/cf/mailer/procmail.m4
+++ b/contrib/sendmail/cf/mailer/procmail.m4
@@ -1,6 +1,7 @@
PUSHDIVERT(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -11,12 +12,14 @@ PUSHDIVERT(-1)
#
#
+ifdef(`_MAILER_smtp_', `',
+ `errprint(`*** MAILER(`smtp') must appear before MAILER(`procmail')')')dnl
+
ifdef(`PROCMAIL_MAILER_PATH',,
`ifdef(`PROCMAIL_PATH',
`define(`PROCMAIL_MAILER_PATH', PROCMAIL_PATH)',
`define(`PROCMAIL_MAILER_PATH', /usr/local/bin/procmail)')')
-ifdef(`PROCMAIL_MAILER_FLAGS',,
- `define(`PROCMAIL_MAILER_FLAGS', `SPhnu9')')
+_DEFIFNOT(`PROCMAIL_MAILER_FLAGS', `SPhnu9')
ifdef(`PROCMAIL_MAILER_ARGS',,
`define(`PROCMAIL_MAILER_ARGS', `procmail -Y -m $h $f $u')')
@@ -26,7 +29,8 @@ POPDIVERT
### PROCMAIL Mailer specification ###
##################*****##################
-VERSIONID(`@(#)procmail.m4 8.11 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: procmail.m4,v 8.20 1999/10/18 04:57:54 gshapiro Exp $')
-Mprocmail, P=PROCMAIL_MAILER_PATH, F=CONCAT(`DFM', PROCMAIL_MAILER_FLAGS), S=11/31, R=21/31, T=DNS/RFC822/X-Unix,
- ifdef(`PROCMAIL_MAILER_MAX', `M=PROCMAIL_MAILER_MAX, ')A=PROCMAIL_MAILER_ARGS
+Mprocmail, P=PROCMAIL_MAILER_PATH, F=_MODMF_(CONCAT(`DFM', PROCMAIL_MAILER_FLAGS), `PROCMAIL'), S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP/HdrFromSMTP,
+ ifdef(`PROCMAIL_MAILER_MAX', `M=PROCMAIL_MAILER_MAX, ')T=DNS/RFC822/X-Unix,
+ A=PROCMAIL_MAILER_ARGS
diff --git a/contrib/sendmail/cf/mailer/qpage.m4 b/contrib/sendmail/cf/mailer/qpage.m4
new file mode 100644
index 000000000000..31521d533d57
--- /dev/null
+++ b/contrib/sendmail/cf/mailer/qpage.m4
@@ -0,0 +1,30 @@
+PUSHDIVERT(-1)
+#
+# Copyright (C) 1997, Philip A. Prindeville and Enteka Enterprise Technology
+# Services
+#
+# Copyright (c) 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+# Tested with QuickPage version 3.2
+#
+ifdef(`QPAGE_MAILER_PATH', `', `define(`QPAGE_MAILER_PATH', `/usr/local/bin/qpage')')
+_DEFIFNOT(`QPAGE_MAILER_FLAGS', `mDFMs')
+ifdef(`QPAGE_MAILER_ARGS', `', `define(`QPAGE_MAILER_ARGS', `qpage -l0 -m -P$u')')
+ifdef(`QPAGE_MAILER_MAX', `', `define(`QPAGE_MAILER_MAX', `4096')')
+
+POPDIVERT
+
+######################################
+### QPAGE Mailer specification ###
+######################################
+
+VERSIONID(`$Id: qpage.m4,v 8.9 1999/11/16 03:33:04 gshapiro Exp $')
+
+Mqpage, P=QPAGE_MAILER_PATH, F=_MODMF_(QPAGE_MAILER_FLAGS, `QPAGE'),
+ M=QPAGE_MAILER_MAX, T=DNS/RFC822/X-Unix,
+ A=QPAGE_MAILER_ARGS
diff --git a/contrib/sendmail/cf/mailer/smtp.m4 b/contrib/sendmail/cf/mailer/smtp.m4
index 75455970ae40..dd601ecdbf51 100644
--- a/contrib/sendmail/cf/mailer/smtp.m4
+++ b/contrib/sendmail/cf/mailer/smtp.m4
@@ -1,6 +1,7 @@
PUSHDIVERT(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -10,70 +11,32 @@ PUSHDIVERT(-1)
# the sendmail distribution.
#
#
-ifdef(`SMTP_MAILER_FLAGS',, `define(`SMTP_MAILER_FLAGS', `')')
-ifdef(`SMTP_MAILER_ARGS',, `define(`SMTP_MAILER_ARGS', `IPC $h')')
-ifdef(`ESMTP_MAILER_ARGS',, `define(`ESMTP_MAILER_ARGS', `IPC $h')')
-ifdef(`SMTP8_MAILER_ARGS',, `define(`SMTP8_MAILER_ARGS', `IPC $h')')
-ifdef(`RELAY_MAILER_ARGS',, `define(`RELAY_MAILER_ARGS', `IPC $h')')
-ifdef(`_MAILER_uucp_',
- `errprint(`*** MAILER(smtp) must appear before MAILER(uucp)')')dnl
+_DEFIFNOT(`_DEF_SMTP_MAILER_FLAGS', `mDFMuX')
+_DEFIFNOT(`SMTP_MAILER_FLAGS',`')
+_DEFIFNOT(`RELAY_MAILER_FLAGS', `SMTP_MAILER_FLAGS')
+ifdef(`SMTP_MAILER_ARGS',, `define(`SMTP_MAILER_ARGS', `TCP $h')')
+ifdef(`ESMTP_MAILER_ARGS',, `define(`ESMTP_MAILER_ARGS', `TCP $h')')
+ifdef(`SMTP8_MAILER_ARGS',, `define(`SMTP8_MAILER_ARGS', `TCP $h')')
+ifdef(`DSMTP_MAILER_ARGS',, `define(`DSMTP_MAILER_ARGS', `TCP $h')')
+ifdef(`RELAY_MAILER_ARGS',, `define(`RELAY_MAILER_ARGS', `TCP $h')')
POPDIVERT
#####################################
### SMTP Mailer specification ###
#####################################
-VERSIONID(`@(#)smtp.m4 8.38 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: smtp.m4,v 8.56.2.1.2.2 2000/07/18 15:31:24 gshapiro Exp $')
-Msmtp, P=[IPC], F=CONCAT(mDFMuX, SMTP_MAILER_FLAGS), S=11/31, R=ifdef(`_ALL_MASQUERADE_', `21/31', `21'), E=\r\n, L=990,
- _OPTINS(`SMTP_MAILER_MAX', `M=', `, ')_OPTINS(`SMTP_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/SMTP,
- A=SMTP_MAILER_ARGS
-Mesmtp, P=[IPC], F=CONCAT(mDFMuXa, SMTP_MAILER_FLAGS), S=11/31, R=ifdef(`_ALL_MASQUERADE_', `21/31', `21'), E=\r\n, L=990,
- _OPTINS(`SMTP_MAILER_MAX', `M=', `, ')_OPTINS(`SMTP_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/SMTP,
- A=ESMTP_MAILER_ARGS
-Msmtp8, P=[IPC], F=CONCAT(mDFMuX8, SMTP_MAILER_FLAGS), S=11/31, R=ifdef(`_ALL_MASQUERADE_', `21/31', `21'), E=\r\n, L=990,
- _OPTINS(`SMTP_MAILER_MAX', `M=', `, ')_OPTINS(`SMTP_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/SMTP,
- A=SMTP8_MAILER_ARGS
-Mrelay, P=[IPC], F=CONCAT(mDFMuXa8, SMTP_MAILER_FLAGS), S=11/31, R=ifdef(`_ALL_MASQUERADE_', `61/71', `61'), E=\r\n, L=2040,
- _OPTINS(`RELAY_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/SMTP,
- A=RELAY_MAILER_ARGS
-
-#
-# envelope sender rewriting
#
-S11
-R$+ $: $>51 $1 sender/recipient common
-R$* :; <@> $@ list:; special case
-R$* $: $>61 $1 qualify unqual'ed names
-R$+ $: $>94 $1 do masquerading
-
-
-#
-# envelope recipient rewriting --
-# also header recipient if not masquerading recipients
-#
-S21
-R$+ $: $>51 $1 sender/recipient common
-R$+ $: $>61 $1 qualify unqual'ed names
-
-
-#
-# header sender and masquerading header recipient rewriting
+# common sender and masquerading recipient rewriting
#
-S31
-R$+ $: $>51 $1 sender/recipient common
-R:; <@> $@ list:; special case
-
-# do special header rewriting
-R$* <@> $* $@ $1 <@> $2 pass null host through
-R< @ $* > $* $@ < @ $1 > $2 pass route-addr through
-R$* $: $>61 $1 qualify unqual'ed names
-R$+ $: $>93 $1 do masquerading
-
+SMasqSMTP=61
+R$* < @ $* > $* $@ $1 < @ $2 > $3 already fully qualified
+R$+ $@ $1 < @ *LOCAL* > add local qualification
#
# convert pseudo-domain addresses to real domain addresses
#
-S51
+SPseudoToReal=51
# pass <route-addr>s through
R< @ $+ > $* $@ < @ $1 > $2 resolve <route-addr>
@@ -98,18 +61,57 @@ R$+ < @ > $: $1 < @ *LOCAL* > if no UUCP_RELAY')
#
-# common sender and masquerading recipient rewriting
+# envelope sender rewriting
#
-S61
+SEnvFromSMTP=11
+R$+ $: $>PseudoToReal $1 sender/recipient common
+R$* :; <@> $@ list:; special case
+R$* $: $>MasqSMTP $1 qualify unqual'ed names
+R$+ $: $>MasqEnv $1 do masquerading
-R$* < @ $* > $* $@ $1 < @ $2 > $3 already fully qualified
-R$+ $@ $1 < @ *LOCAL* > add local qualification
+
+#
+# envelope recipient rewriting --
+# also header recipient if not masquerading recipients
+#
+SEnvToSMTP=21
+R$+ $: $>PseudoToReal $1 sender/recipient common
+R$+ $: $>MasqSMTP $1 qualify unqual'ed names
+R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2
+
+#
+# header sender and masquerading header recipient rewriting
+#
+SHdrFromSMTP=31
+R$+ $: $>PseudoToReal $1 sender/recipient common
+R:; <@> $@ list:; special case
+
+# do special header rewriting
+R$* <@> $* $@ $1 <@> $2 pass null host through
+R< @ $* > $* $@ < @ $1 > $2 pass route-addr through
+R$* $: $>MasqSMTP $1 qualify unqual'ed names
+R$+ $: $>MasqHdr $1 do masquerading
#
# relay mailer header masquerading recipient rewriting
#
-S71
+SMasqRelay=71
+R$+ $: $>MasqSMTP $1
+R$+ $: $>MasqHdr $1
-R$+ $: $>61 $1
-R$+ $: $>93 $1
+Msmtp, P=[IPC], F=_MODMF_(CONCAT(_DEF_SMTP_MAILER_FLAGS, SMTP_MAILER_FLAGS), `SMTP'), S=EnvFromSMTP/HdrFromSMTP, R=ifdef(`_ALL_MASQUERADE_', `EnvToSMTP/HdrFromSMTP', `EnvToSMTP'), E=\r\n, L=990,
+ _OPTINS(`SMTP_MAILER_MAX', `M=', `, ')_OPTINS(`SMTP_MAILER_MAXMSGS', `m=', `, ')_OPTINS(`SMTP_MAILER_MAXRCPTS', `r=', `, ')_OPTINS(`SMTP_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/SMTP,
+ A=SMTP_MAILER_ARGS
+Mesmtp, P=[IPC], F=CONCAT(_DEF_SMTP_MAILER_FLAGS, `a', SMTP_MAILER_FLAGS), S=EnvFromSMTP/HdrFromSMTP, R=ifdef(`_ALL_MASQUERADE_', `EnvToSMTP/HdrFromSMTP', `EnvToSMTP'), E=\r\n, L=990,
+ _OPTINS(`SMTP_MAILER_MAX', `M=', `, ')_OPTINS(`SMTP_MAILER_MAXMSGS', `m=', `, ')_OPTINS(`SMTP_MAILER_MAXRCPTS', `r=', `, ')_OPTINS(`SMTP_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/SMTP,
+ A=ESMTP_MAILER_ARGS
+Msmtp8, P=[IPC], F=CONCAT(_DEF_SMTP_MAILER_FLAGS, `8', SMTP_MAILER_FLAGS), S=EnvFromSMTP/HdrFromSMTP, R=ifdef(`_ALL_MASQUERADE_', `EnvToSMTP/HdrFromSMTP', `EnvToSMTP'), E=\r\n, L=990,
+ _OPTINS(`SMTP_MAILER_MAX', `M=', `, ')_OPTINS(`SMTP_MAILER_MAXMSGS', `m=', `, ')_OPTINS(`SMTP_MAILER_MAXRCPTS', `r=', `, ')_OPTINS(`SMTP_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/SMTP,
+ A=SMTP8_MAILER_ARGS
+Mdsmtp, P=[IPC], F=CONCAT(_DEF_SMTP_MAILER_FLAGS, `a%', SMTP_MAILER_FLAGS), S=EnvFromSMTP/HdrFromSMTP, R=ifdef(`_ALL_MASQUERADE_', `EnvToSMTP/HdrFromSMTP', `EnvToSMTP'), E=\r\n, L=990,
+ _OPTINS(`SMTP_MAILER_MAX', `M=', `, ')_OPTINS(`SMTP_MAILER_MAXMSGS', `m=', `, ')_OPTINS(`SMTP_MAILER_MAXRCPTS', `r=', `, ')_OPTINS(`SMTP_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/SMTP,
+ A=DSMTP_MAILER_ARGS
+Mrelay, P=[IPC], F=CONCAT(_DEF_SMTP_MAILER_FLAGS, `a8', RELAY_MAILER_FLAGS), S=EnvFromSMTP/HdrFromSMTP, R=ifdef(`_ALL_MASQUERADE_', `MasqSMTP/MasqRelay', `MasqSMTP'), E=\r\n, L=2040,
+ _OPTINS(`RELAY_MAILER_CHARSET', `C=', `, ')_OPTINS(`RELAY_MAILER_MAXMSGS', `m=', `, ')_OPTINS(`SMTP_MAILER_MAXRCPTS', `r=', `, ')T=DNS/RFC822/SMTP,
+ A=RELAY_MAILER_ARGS
diff --git a/contrib/sendmail/cf/mailer/usenet.m4 b/contrib/sendmail/cf/mailer/usenet.m4
index 153575187f09..770eb3084cb2 100644
--- a/contrib/sendmail/cf/mailer/usenet.m4
+++ b/contrib/sendmail/cf/mailer/usenet.m4
@@ -1,6 +1,7 @@
PUSHDIVERT(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -11,16 +12,19 @@ PUSHDIVERT(-1)
#
#
+ifdef(`_MAILER_local_', `',
+ `errprint(`*** MAILER(`local') must appear before MAILER(`usenet')')')dnl
+
ifdef(`USENET_MAILER_PATH',, `define(`USENET_MAILER_PATH', /usr/lib/news/inews)')
-ifdef(`USENET_MAILER_FLAGS',, `define(`USENET_MAILER_FLAGS', `rlsDFMmn')')
+_DEFIFNOT(`USENET_MAILER_FLAGS', `rsDFMmn')
ifdef(`USENET_MAILER_ARGS',, `define(`USENET_MAILER_ARGS', `inews -m -h -n')')
POPDIVERT
####################################
### USENET Mailer specification ###
####################################
-VERSIONID(`@(#)usenet.m4 8.10 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: usenet.m4,v 8.19 1999/11/16 03:33:04 gshapiro Exp $')
-Musenet, P=USENET_MAILER_PATH, F=USENET_MAILER_FLAGS, S=10, R=20,
+Musenet, P=USENET_MAILER_PATH, F=_MODMF_(USENET_MAILER_FLAGS, `USENET'), S=EnvFromL, R=EnvToL,
_OPTINS(`USENET_MAILER_MAX', `M=', `, ')T=X-Usenet/X-Usenet/X-Unix,
A=USENET_MAILER_ARGS $u
diff --git a/contrib/sendmail/cf/mailer/uucp.m4 b/contrib/sendmail/cf/mailer/uucp.m4
index badd307c963d..dd915c3746d4 100644
--- a/contrib/sendmail/cf/mailer/uucp.m4
+++ b/contrib/sendmail/cf/mailer/uucp.m4
@@ -1,6 +1,7 @@
PUSHDIVERT(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -10,10 +11,12 @@ PUSHDIVERT(-1)
# the sendmail distribution.
#
#
+ifdef(`_MAILER_smtp_', `',
+ `errprint(`*** MAILER(`smtp') must appear before MAILER(`uucp')')')dnl
ifdef(`UUCP_MAILER_PATH',, `define(`UUCP_MAILER_PATH', /usr/bin/uux)')
ifdef(`UUCP_MAILER_ARGS',, `define(`UUCP_MAILER_ARGS', `uux - -r -a$g -gC $h!rmail ($u)')')
-ifdef(`UUCP_MAILER_FLAGS',, `define(`UUCP_MAILER_FLAGS', `')')
+_DEFIFNOT(`UUCP_MAILER_FLAGS', `')
ifdef(`UUCP_MAILER_MAX',,
`define(`UUCP_MAILER_MAX',
`ifdef(`UUCP_MAX_SIZE', `UUCP_MAX_SIZE', 100000)')')
@@ -22,45 +25,12 @@ POPDIVERT
### UUCP Mailer specification ###
#####################################
-VERSIONID(`@(#)uucp.m4 8.30 (Berkeley) 5/19/1998')
-
-#
-# There are innumerable variations on the UUCP mailer. It really
-# is rather absurd.
-#
-
-# old UUCP mailer (two names)
-Muucp, P=UUCP_MAILER_PATH, F=CONCAT(DFMhuUd, UUCP_MAILER_FLAGS), S=12, R=22/42, M=UUCP_MAILER_MAX,
- _OPTINS(`UUCP_MAILER_CHARSET', `C=', `, ')T=X-UUCP/X-UUCP/X-Unix,
- A=UUCP_MAILER_ARGS
-Muucp-old, P=UUCP_MAILER_PATH, F=CONCAT(DFMhuUd, UUCP_MAILER_FLAGS), S=12, R=22/42, M=UUCP_MAILER_MAX,
- _OPTINS(`UUCP_MAILER_CHARSET', `C=', `, ')T=X-UUCP/X-UUCP/X-Unix,
- A=UUCP_MAILER_ARGS
-
-# smart UUCP mailer (handles multiple addresses) (two names)
-Msuucp, P=UUCP_MAILER_PATH, F=CONCAT(mDFMhuUd, UUCP_MAILER_FLAGS), S=12, R=22/42, M=UUCP_MAILER_MAX,
- _OPTINS(`UUCP_MAILER_CHARSET', `C=', `, ')T=X-UUCP/X-UUCP/X-Unix,
- A=UUCP_MAILER_ARGS
-Muucp-new, P=UUCP_MAILER_PATH, F=CONCAT(mDFMhuUd, UUCP_MAILER_FLAGS), S=12, R=22/42, M=UUCP_MAILER_MAX,
- _OPTINS(`UUCP_MAILER_CHARSET', `C=', `, ')T=X-UUCP/X-UUCP/X-Unix,
- A=UUCP_MAILER_ARGS
-
-ifdef(`_MAILER_smtp_',
-`# domain-ized UUCP mailer
-Muucp-dom, P=UUCP_MAILER_PATH, F=CONCAT(mDFMhud, UUCP_MAILER_FLAGS), S=52/31, R=ifdef(`_ALL_MASQUERADE_', `21/31', `21'), M=UUCP_MAILER_MAX,
- _OPTINS(`UUCP_MAILER_CHARSET', `C=', `, ')T=X-UUCP/X-UUCP/X-Unix,
- A=UUCP_MAILER_ARGS
-
-# domain-ized UUCP mailer with UUCP-style sender envelope
-Muucp-uudom, P=UUCP_MAILER_PATH, F=CONCAT(mDFMhud, UUCP_MAILER_FLAGS), S=72/31, R=ifdef(`_ALL_MASQUERADE_', `21/31', `21'), M=UUCP_MAILER_MAX,
- _OPTINS(`UUCP_MAILER_CHARSET', `C=', `, ')T=X-UUCP/X-UUCP/X-Unix,
- A=UUCP_MAILER_ARGS')
-
+VERSIONID(`$Id: uucp.m4,v 8.38 1999/10/18 04:57:55 gshapiro Exp $')
#
# envelope and header sender rewriting
#
-S12
+SFromU=12
# handle error address as a special case
R<@> $n errors to mailer-daemon
@@ -82,7 +52,7 @@ R! $+ $: $k ! $1 in case $U undefined
#
# envelope recipient rewriting
#
-S22
+SEnvToU=22
# list:; should disappear
R:; <@> $@
@@ -97,7 +67,7 @@ R$* < @ $+ > $2 ! $1 convert to UUCP format
#
# header recipient rewriting
#
-S42
+SHdrToU=42
# list:; syntax should disappear
R:; <@> $@
@@ -118,24 +88,24 @@ ifdef(`_MAILER_smtp_',
`#
# envelope sender rewriting for uucp-dom mailer
#
-S52
+SEnvFromUD=52
# handle error address as a special case
R<@> $n errors to mailer-daemon
# pass everything to standard SMTP mailer rewriting
-R$* $@ $>11 $1
+R$* $@ $>EnvFromSMTP $1
#
# envelope sender rewriting for uucp-uudom mailer
#
-S72
+SEnvFromUUD=72
# handle error address as a special case
R<@> $n errors to mailer-daemon
# do standard SMTP mailer rewriting
-R$* $: $>11 $1
+R$* $: $>EnvFromSMTP $1
R$* < @ $* . > $* $1 < @ $2 > $3 strip trailing dots
R<@ $- . UUCP > : $+ $@ $1 ! $2 convert to UUCP format
@@ -150,3 +120,37 @@ R$* < @ $=Z . UUCP. > $* $#uucp-uudom $@ $2 $: $1 < @ $2 .UUCP. > $3
R$* < @ $=Y . UUCP. > $* $#uucp-new $@ $2 $: $1 < @ $2 .UUCP. > $3
R$* < @ $=U . UUCP. > $* $#uucp-old $@ $2 $: $1 < @ $2 .UUCP. > $3
POPDIVERT
+
+#
+# There are innumerable variations on the UUCP mailer. It really
+# is rather absurd.
+#
+
+# old UUCP mailer (two names)
+Muucp, P=UUCP_MAILER_PATH, F=_MODMF_(CONCAT(`DFMhuUd', UUCP_MAILER_FLAGS), `UUCP'), S=FromU, R=EnvToU/HdrToU,
+ M=UUCP_MAILER_MAX, _OPTINS(`UUCP_MAILER_CHARSET', `C=', `, ')T=X-UUCP/X-UUCP/X-Unix,
+ A=UUCP_MAILER_ARGS
+Muucp-old, P=UUCP_MAILER_PATH, F=_MODMF_(CONCAT(`DFMhuUd', UUCP_MAILER_FLAGS), `UUCP'), S=FromU, R=EnvToU/HdrToU,
+ M=UUCP_MAILER_MAX, _OPTINS(`UUCP_MAILER_CHARSET', `C=', `, ')T=X-UUCP/X-UUCP/X-Unix,
+ A=UUCP_MAILER_ARGS
+
+# smart UUCP mailer (handles multiple addresses) (two names)
+Msuucp, P=UUCP_MAILER_PATH, F=_MODMF_(CONCAT(`mDFMhuUd', UUCP_MAILER_FLAGS), `UUCP'), S=FromU, R=EnvToU/HdrToU,
+ M=UUCP_MAILER_MAX, _OPTINS(`UUCP_MAILER_CHARSET', `C=', `, ')T=X-UUCP/X-UUCP/X-Unix,
+ A=UUCP_MAILER_ARGS
+Muucp-new, P=UUCP_MAILER_PATH, F=_MODMF_(CONCAT(`mDFMhuUd', UUCP_MAILER_FLAGS), `UUCP'), S=FromU, R=EnvToU/HdrToU,
+ M=UUCP_MAILER_MAX, _OPTINS(`UUCP_MAILER_CHARSET', `C=', `, ')T=X-UUCP/X-UUCP/X-Unix,
+ A=UUCP_MAILER_ARGS
+
+ifdef(`_MAILER_smtp_',
+`# domain-ized UUCP mailer
+Muucp-dom, P=UUCP_MAILER_PATH, F=_MODMF_(CONCAT(`mDFMhud', UUCP_MAILER_FLAGS), `UUCP'), S=EnvFromUD/HdrFromSMTP, R=ifdef(`_ALL_MASQUERADE_', `EnvToSMTP/HdrFromSMTP', `EnvToSMTP'),
+ M=UUCP_MAILER_MAX, _OPTINS(`UUCP_MAILER_CHARSET', `C=', `, ')T=X-UUCP/X-UUCP/X-Unix,
+ A=UUCP_MAILER_ARGS
+
+# domain-ized UUCP mailer with UUCP-style sender envelope
+Muucp-uudom, P=UUCP_MAILER_PATH, F=_MODMF_(CONCAT(`mDFMhud', UUCP_MAILER_FLAGS), `UUCP'), S=EnvFromUUD/HdrFromSMTP, R=ifdef(`_ALL_MASQUERADE_', `EnvToSMTP/HdrFromSMTP', `EnvToSMTP'),
+ M=UUCP_MAILER_MAX, _OPTINS(`UUCP_MAILER_CHARSET', `C=', `, ')T=X-UUCP/X-UUCP/X-Unix,
+ A=UUCP_MAILER_ARGS')
+
+
diff --git a/contrib/sendmail/cf/ostype/aix2.m4 b/contrib/sendmail/cf/ostype/aix2.m4
index 2bda79c60e43..fba191df6632 100644
--- a/contrib/sendmail/cf/ostype/aix2.m4
+++ b/contrib/sendmail/cf/ostype/aix2.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1995 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,9 +13,9 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)aix2.m4 8.8 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: aix2.m4,v 8.12 1999/04/12 17:34:36 ca Exp $')
define(`LOCAL_MAILER_PATH', /bin/bellmail)dnl
define(`LOCAL_MAILER_ARGS', mail $u)dnl
-define(`LOCAL_MAILER_FLAGS', `mn9')dnl
+_DEFIFNOT(`LOCAL_MAILER_FLAGS', `mn9')dnl
define(`confEBINDIR', `/usr/lib')dnl
define(`confTIME_ZONE', `USE_TZ')dnl
diff --git a/contrib/sendmail/cf/ostype/aix3.m4 b/contrib/sendmail/cf/ostype/aix3.m4
index fb74d9e46190..4376f6770a00 100644
--- a/contrib/sendmail/cf/ostype/aix3.m4
+++ b/contrib/sendmail/cf/ostype/aix3.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,9 +13,9 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)aix3.m4 8.12 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: aix3.m4,v 8.16 1999/04/12 17:34:36 ca Exp $')
ifdef(`LOCAL_MAILER_PATH',, `define(`LOCAL_MAILER_PATH', /bin/bellmail)')dnl
ifdef(`LOCAL_MAILER_ARGS',, `define(`LOCAL_MAILER_ARGS', mail $u)')dnl
-ifdef(`LOCAL_MAILER_FLAGS',, `define(`LOCAL_MAILER_FLAGS', `mn9')')dnl
+_DEFIFNOT(`LOCAL_MAILER_FLAGS', `mn9')dnl
define(`confEBINDIR', `/usr/lib')dnl
define(`confTIME_ZONE', `USE_TZ')dnl
diff --git a/contrib/sendmail/cf/ostype/aix4.m4 b/contrib/sendmail/cf/ostype/aix4.m4
index 24ff001ae3e6..8e0b9d44ab8f 100644
--- a/contrib/sendmail/cf/ostype/aix4.m4
+++ b/contrib/sendmail/cf/ostype/aix4.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1996 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,9 +13,9 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)aix4.m4 8.7 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: aix4.m4,v 8.11 1999/04/12 17:34:37 ca Exp $')
ifdef(`LOCAL_MAILER_PATH',, `define(`LOCAL_MAILER_PATH', /bin/bellmail)')dnl
ifdef(`LOCAL_MAILER_ARGS',, `define(`LOCAL_MAILER_ARGS', mail -F $g $u)')dnl
-ifdef(`LOCAL_MAILER_FLAGS',, `define(`LOCAL_MAILER_FLAGS', `mn9')')dnl
+_DEFIFNOT(`LOCAL_MAILER_FLAGS', `mn9')dnl
define(`confEBINDIR', `/usr/lib')dnl
define(`confTIME_ZONE', `USE_TZ')dnl
diff --git a/contrib/sendmail/cf/ostype/altos.m4 b/contrib/sendmail/cf/ostype/altos.m4
index 4dcefa943a6b..1cffe1e8d2d9 100644
--- a/contrib/sendmail/cf/ostype/altos.m4
+++ b/contrib/sendmail/cf/ostype/altos.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1996 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -14,14 +15,12 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)altos.m4 8.10 (Berkeley) 10/6/1998')
+VERSIONID(`$Id: altos.m4,v 8.15 1999/04/24 05:37:40 gshapiro Exp $')
-define(`ALIAS_FILE', ifdef(`_USE_ETC_MAIL_', `/etc/mail/aliases', `/usr/lib/mail/aliases'))dnl
ifdef(`QUEUE_DIR',, `define(`QUEUE_DIR', /usr/spool/mqueue)')dnl
-ifdef(`STATUS_FILE',, `define(`STATUS_FILE', ifdef(`_USE_ETC_MAIL_', `/etc/mail/statistics', `/usr/lib/sendmail.st'))')dnl
ifdef(`UUCP_MAILER_PATH',, `define(`UUCP_MAILER_PATH', /usr/bin/uux)')dnl
ifdef(`LOCAL_MAILER_PATH',, `define(`LOCAL_MAILER_PATH', /usr/bin/lmail)')dnl
-ifdef(`LOCAL_MAILER_FLAGS',, `define(`LOCAL_MAILER_FLAGS', mPuhCE9)')dnl
+_DEFIFNOT(`LOCAL_MAILER_FLAGS', `mPuhCE9')dnl
ifdef(`LOCAL_MAILER_ARGS',, `define(`LOCAL_MAILER_ARGS', `lmail $u')')dnl
ifdef(`LOCAL_SHELL_FLAGS',, `define(`LOCAL_SHELL_FLAGS', Peu)')dnl
ifdef(`UUCP_MAILER_ARGS',, `define(`UUCP_MAILER_ARGS', `uux - -r -a$g $h!rmail ($u)')')dnl
diff --git a/contrib/sendmail/cf/ostype/amdahl-uts.m4 b/contrib/sendmail/cf/ostype/amdahl-uts.m4
index 84d47cdb17e3..edd3a5db86a7 100644
--- a/contrib/sendmail/cf/ostype/amdahl-uts.m4
+++ b/contrib/sendmail/cf/ostype/amdahl-uts.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,12 +13,8 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)amdahl-uts.m4 8.11 (Berkeley) 10/6/1998')
+VERSIONID(`$Id: amdahl-uts.m4,v 8.16 1999/04/24 05:37:40 gshapiro Exp $')
divert(-1)
-define(`ALIAS_FILE', /etc/mail/aliases)
-ifdef(`HELP_FILE',, `define(`HELP_FILE', ifdef(`_USE_ETC_MAIL_', `/etc/mail/helpfile', `/etc/mail/sendmail.hf'))')
-ifdef(`STATUS_FILE',, `define(`STATUS_FILE', ifdef(`_USE_ETC_MAIL_', `/etc/mail/statistics', `/usr/lib/sendmail.st'))')
-ifdef(`LOCAL_MAILER_FLAGS',, `define(`LOCAL_MAILER_FLAGS', `fSn9')')
-define(`confCW_FILE', ifdef(`_USE_ETC_MAIL_', `/etc/mail/local-host-names', `/etc/mail/sendmail.cw'))
+_DEFIFNOT(`LOCAL_MAILER_FLAGS', `fSn9')
define(`confEBINDIR', `/usr/lib')dnl
diff --git a/contrib/sendmail/cf/ostype/aux.m4 b/contrib/sendmail/cf/ostype/aux.m4
index 8038cb55d833..ff7f19a6ea75 100644
--- a/contrib/sendmail/cf/ostype/aux.m4
+++ b/contrib/sendmail/cf/ostype/aux.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,11 +13,9 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)aux.m4 8.11 (Berkeley) 10/6/1998')
-define(`ALIAS_FILE', ifdef(`_USE_ETC_MAIL_', `/etc/mail/aliases', `/usr/lib/aliases'))dnl
+VERSIONID(`$Id: aux.m4,v 8.16 1999/04/24 05:37:40 gshapiro Exp $')
ifdef(`QUEUE_DIR',, `define(`QUEUE_DIR', /usr/spool/mqueue)')dnl
-ifdef(`STATUS_FILE',, `define(`STATUS_FILE', ifdef(`_USE_ETC_MAIL_', `/etc/mail/statistics', `/usr/lib/sendmail.st'))')dnl
ifdef(`UUCP_MAILER_PATH',, `define(`UUCP_MAILER_PATH', /usr/bin/uux)')dnl
-ifdef(`LOCAL_MAILER_FLAGS',, `define(`LOCAL_MAILER_FLAGS', mn9)')dnl
+_DEFIFNOT(`LOCAL_MAILER_FLAGS', `mn9')dnl
ifdef(`LOCAL_MAILER_ARGS',, `define(`LOCAL_MAILER_ARGS', `mail -d -r $f $u')')dnl
define(`confEBINDIR', `/usr/lib')dnl
diff --git a/contrib/sendmail/cf/ostype/bsd4.3.m4 b/contrib/sendmail/cf/ostype/bsd4.3.m4
index d0f3f8a32191..044f205ff9e4 100644
--- a/contrib/sendmail/cf/ostype/bsd4.3.m4
+++ b/contrib/sendmail/cf/ostype/bsd4.3.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,6 +13,6 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)bsd4.3.m4 8.9 (Berkeley) 5/19/1998')
+VERSIONID(`$Id: bsd4.3.m4,v 8.12 1999/02/07 07:26:18 gshapiro Exp $')
ifdef(`QUEUE_DIR',, `define(`QUEUE_DIR', /usr/spool/mqueue)')dnl
ifdef(`UUCP_MAILER_ARGS',, `define(`UUCP_MAILER_ARGS', `uux - -r -z -a$g $h!rmail ($u)')')dnl
diff --git a/contrib/sendmail/cf/ostype/bsd4.4.m4 b/contrib/sendmail/cf/ostype/bsd4.4.m4
index 514bce827145..3f7b0891de2c 100644
--- a/contrib/sendmail/cf/ostype/bsd4.4.m4
+++ b/contrib/sendmail/cf/ostype/bsd4.4.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -13,8 +14,7 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)bsd4.4.m4 8.10 (Berkeley) 10/6/1998')
-ifdef(`HELP_FILE',, `define(`HELP_FILE', ifdef(`_USE_ETC_MAIL_', `/etc/mail/helpfile', `/usr/share/misc/sendmail.hf'))')dnl
-ifdef(`STATUS_FILE',, `define(`STATUS_FILE', ifdef(`_USE_ETC_MAIL_', `/etc/mail/statistics', `/var/log/sendmail.st'))')dnl
+VERSIONID(`$Id: bsd4.4.m4,v 8.14 1999/04/24 05:37:40 gshapiro Exp $')
+ifdef(`STATUS_FILE',, `define(`STATUS_FILE', `/var/log/sendmail.st')')dnl
ifdef(`LOCAL_MAILER_PATH',, `define(`LOCAL_MAILER_PATH', /usr/libexec/mail.local)')dnl
ifdef(`UUCP_MAILER_ARGS',, `define(`UUCP_MAILER_ARGS', `uux - -r -z -a$g $h!rmail ($u)')')dnl
diff --git a/contrib/sendmail/cf/ostype/bsdi.m4 b/contrib/sendmail/cf/ostype/bsdi.m4
new file mode 100644
index 000000000000..35679bcf1c41
--- /dev/null
+++ b/contrib/sendmail/cf/ostype/bsdi.m4
@@ -0,0 +1,17 @@
+divert(-1)
+#
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
+# Copyright (c) 1983 Eric P. Allman. All rights reserved.
+# Copyright (c) 1988, 1993
+# The Regents of the University of California. All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+#
+
+divert(0)
+VERSIONID(`$Id: bsdi.m4,v 8.1 1999/11/19 05:18:13 gshapiro Exp $')
+include(_CF_DIR_`'ostype/bsd4.4.m4)dnl
diff --git a/contrib/sendmail/cf/ostype/bsdi1.0.m4 b/contrib/sendmail/cf/ostype/bsdi1.0.m4
index 08bd2a574b2e..b806a37a33ac 100644
--- a/contrib/sendmail/cf/ostype/bsdi1.0.m4
+++ b/contrib/sendmail/cf/ostype/bsdi1.0.m4
@@ -1,6 +1,7 @@
divert(-1)
#
-# Copyright (c) 1998 Sendmail, Inc. All rights reserved.
+# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
+# All rights reserved.
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
# Copyright (c) 1988, 1993
# The Regents of the University of California. All rights reserved.
@@ -12,5 +13,6 @@ divert(-1)
#
divert(0)
-VERSIONID(`@(#)bsdi1.0.m4 8.7 (Berkeley) 5/19/1998')dnl
-include(_CF_DIR_`'ostype/bsd4.4.m4)dnl
+VERSIONID(`$Id: bsdi1.0.m4,v 8.11 1999/11/19 05:18:14 gshapiro Exp $')
+errprint(`NOTE: OSTYPE(bsdi1.0) is deprecated. Use OSTYPE(bsdi) instead.')
+include(_CF_DIR_`'ostype/