divert(-1)dnl
dnl #
dnl # This is the sendmail macro config file for m4. If you make changes to
dnl # /etc/mail/sendmail.mc, you will need to regenerate the
dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is
dnl # installed and then performing a
dnl #
dnl #     make -C /etc/mail
dnl #
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
dnl
OSTYPE(`linux')dnl
dnl
include(confMC_DIR`/sendmail-conf.default.inc.mc')dnl
include(confSITE_DIR`/sendmail-conf.inc.mc')dnl
dnl
HACK(`cfhead')dnl
dnl
ifdef(`confDNSBL_CHECK', `ifelse(confDNSBL_CHECK, `YES', `dnl
include(confSITE_DIR`/sendmail-dnsbl.inc.mc')dnl
')')
ifdef(`confRFC_IGNORANT_CHECK', `ifelse(confRFC_IGNORANT_CHECK, `YES', `dnl
include(confSITE_DIR`/sendmail-rfc-ignorant.inc.mc')dnl
')')
dnl
dnl #
dnl # Uncomment and edit the following line if your outgoing mail needs to
dnl # be sent out through an external mail server:
dnl #
dnl define(`SMART_HOST',`smtp.your.provider')
dnl #
define(`confDEF_USER_ID',``8:12'')dnl
define(`confTRUSTED_USER', `smmsp')dnl
dnl define(`confAUTO_REBUILD')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LIST',true)dnl
define(`confDONT_PROBE_INTERFACES',true)dnl
define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
dnl define(`STATUS_FILE', `/etc/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun,nobodyreturn')dnl
dnl #
dnl # The following allows relaying if the user authenticates, and disallows
dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
dnl #
dnl define(`confAUTH_OPTIONS', `A p')dnl
dnl # 
dnl # PLAIN is the preferred plaintext authentication method and used by
dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do
dnl # use LOGIN. Other mechanisms should be used if the connection is not
dnl # guaranteed secure.
dnl #
dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl
ifdef(`confSMTP_AUTH', `ifelse(confSMTP_AUTH, `YES', `dnl
HACK(`smtp_auth')dnl
')')dnl
dnl
dnl #
dnl # Rudimentary information on creating certificates for sendmail TLS:
dnl #     make -C /usr/share/ssl/certs usage
dnl #
dnl define(`confCACERT_PATH',`/usr/share/ssl/certs')
dnl define(`confCACERT',`/usr/share/ssl/certs/ca-bundle.crt')
dnl define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
dnl define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')
dnl
dnl
ifdef(`confSTARTTLS', `ifelse(confSTARTTLS, `YES', `dnl
define(`confAUTH_OPTIONS', `A p')dnl
HACK(`starttls')dnl
',`
define(`confAUTH_OPTIONS', `A')dnl
')')
dnl
dnl #
dnl # This allows sendmail to use a keyfile that is shared with OpenLDAP's
dnl # slapd, which requires the file to be readble by group ldap
dnl #
dnl define(`confDONT_BLAME_SENDMAIL',`groupreadablekeyfile')dnl
dnl #
dnl define(`confTO_QUEUEWARN', `4h')dnl
dnl define(`confTO_QUEUERETURN', `5d')dnl
dnl define(`confQUEUE_LA', `12')dnl
dnl define(`confREFUSE_LA', `18')dnl
define(`confTO_IDENT', `0')dnl
FEATURE(`delay_checks', `FRIEND')dnl
FEATURE(`no_default_msa',`dnl')dnl turn off default entry for MSA
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
dnl #
dnl # The -t option will retry delivery if e.g. the user runs over his quota.
dnl #
FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
dnl
dnl FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
HACK(`access_db_sequence',	`access1',	`hash -T<TMPF> -o /etc/mail/access.db')dnl
HACK(`access_db_sequence',	`access2',	`hash -T<TMPF> -o /etc/mail/access2.db')dnl
HACK(`access_db_sequence',	`access3',	`hash -T<TMPF> -o /etc/mail/access3.db')dnl
HACK(`access_db_sequence',	`access4',	`hash -T<TMPF> -o /etc/mail/access4.db')dnl
HACK(`access_db_sequence',	`access5',	`hash -T<TMPF> -o /etc/mail/access5.db')dnl
FEATURE(`access_db',		`sequence access1 access2 access3 access4 access5')dnl
dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
dnl
ifdef(`confLUSER_RELAY', `ifelse(len(X`'confLUSER_RELAY), `1', `dnl', `dnl
define(`LUSER_RELAY',			confLUSER_RELAY)dnl
')')
ifdef(`LUSER_RELAY', `', `Kuser user -m -a<>')
dnl
define(`confEIGHT_BIT_HANDLING',	`pass8')dnl
define(`confCOPY_ERRORS_TO',		`errors')dnl
define(`confOPERATORS',			confOPERATORS`=?')dnl
dnl
define(`DNSBL_MAP', `dns -R A')
dnl
dnl #
dnl # The following causes sendmail to only listen on the IPv4 loopback address
dnl # 127.0.0.1 and not on any other network devices. Remove the loopback
dnl # address restriction to accept email from the internet or intranet.
dnl #
dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
dnl #
dnl # The following causes sendmail to additionally listen to port 587 for
dnl # mail from MUAs that authenticate. Roaming users who can't reach their
dnl # preferred sendmail daemon due to port 25 being blocked or redirected find
dnl # this useful.
dnl #
dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
dnl #
dnl # The following causes sendmail to additionally listen to port 465, but
dnl # starting immediately in TLS mode upon connecting. Port 25 or 587 followed
dnl # by STARTTLS is preferred, but roaming clients using Outlook Express can't
dnl # do STARTTLS on ports other than 25. Mozilla Mail can ONLY use STARTTLS
dnl # and doesn't support the deprecated smtps; Evolution <1.1.1 uses smtps
dnl # when SSL is enabled-- STARTTLS support is available in version 1.1.1.
dnl #
dnl # For this to work your OpenSSL certificates must be configured.
dnl #
dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
dnl #
dnl # The following causes sendmail to additionally listen on the IPv6 loopback
dnl # device. Remove the loopback address restriction listen to the network.
dnl #
dnl # NOTE: binding both IPv4 and IPv6 daemon to the same port requires
dnl #       a kernel patch
dnl #
dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6')dnl
dnl #
dnl # We strongly recommend not accepting unresolvable domains if you want to
dnl # protect yourself from spam. However, the laptop and users on computers
dnl # that do not have 24x7 DNS do need this.
dnl #
dnl FEATURE(`accept_unresolvable_domains')dnl
dnl #
dnl FEATURE(`relay_based_on_MX')dnl
dnl # 
dnl # Also accept email sent to "localhost.localdomain" as local email.
dnl # 
LOCAL_DOMAIN(`localhost.localdomain')dnl
dnl #
dnl # The following example makes mail from this host and any additional
dnl # specified domains appear to be sent from mydomain.com
dnl #
dnl MASQUERADE_AS(`mydomain.com')dnl
dnl #
dnl # masquerade not just the headers, but the envelope as well
dnl #
dnl FEATURE(masquerade_envelope)dnl
dnl #
dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well
dnl #
dnl FEATURE(masquerade_entire_domain)dnl
dnl #
dnl MASQUERADE_DOMAIN(localhost)dnl
dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl
dnl MASQUERADE_DOMAIN(mydomainalias.com)dnl
dnl MASQUERADE_DOMAIN(mydomain.lan)dnl
dnl
ifdef(`confMASQUERADE', `ifelse(confMASQUERADE, `NO', `dnl', `dnl
include(confSITE_DIR`/sendmail-masquerade.inc.mc')dnl
')')
EXPOSED_USER(`root')dnl
dnl
include(confSITE_DIR`/sendmail-queues.inc.mc')dnl
dnl
define(`SMTP_MAILER_FLAGS', `A8e')dnl
MAILER(smtp)dnl
dnl
ifdef(`confDEMIME_BODY', `ifelse(confDEMIME_BODY, `YES', `dnl
MODIFY_MAILER_FLAGS(`LOCAL', `+9')dnl
',`dnl
MODIFY_MAILER_FLAGS(`LOCAL', `-9')dnl
')')
dnl
MAILER(procmail)dnl
dnl
ifdef(`confUSE_UUCP', `ifelse(confUSE_UUCP, `YES', `dnl
MAILER(uucp)dnl
')')
dnl
ifdef(`confVMAIL', `ifelse(confVMAIL, `YES', `dnl
define(`confVMAIL_AUTH_RC',             `/usr/lib/courier-imap/etc/authmysqlrc')dnl
define(`confVMAIL_AUTH',                `/usr/local/scripts/courier/checkuser.pl')dnl
define(`VMAIL_MAILER_MAX',              `2048000')dnl
MAILER(vmail)dnl
')')
dnl
ifdef(`confSKIP_RESOLVE_FOR_LOCAL', `ifelse(confSKIP_RESOLVE_FOR_LOCAL, `YES', `dnl
HACK(`skip_resolve_for_local')dnl
')')
dnl
ifdef(`confVERIFY_SENDER', `ifelse(confVERIFY_SENDER, `YES', `dnl
HACK(`verify_sender')dnl
')')
ifdef(`confVERIFY_RECIPIENT', `ifelse(confVERIFY_RECIPIENT, `YES', `dnl
HACK(`verify_recipient')dnl
')')
ifdef(`confVERIFY_SENDER_CHECK_HOST', `ifelse(confVERIFY_SENDER_CHECK_HOST, `YES', `dnl
HACK(`verify_sender_check_host', `!VerifySenderHost',		`VERIFY',	`VERIFY')dnl
dnl HACK(`verify_sender_check_host', `!VerifySenderHost',	`OK',		`SKIP')dnl
HACK(`verify_sender_check_host', `!VerifySenderHost',		`SKIP',		`SKIP')dnl
HACK(`verify_sender_check_host', `!VerifySenderHost',		`REJECT',	`REJECT')dnl
dnl HACK(`verify_sender_check_host', `+Connect', 		`RELAY',	`SKIP')dnl
dnl HACK(`verify_sender_check_host', `+Connect',		`OK',		`SKIP')dnl
dnl HACK(`verify_sender_check_host', `+Connect',		`REJECT',	`REJECT')dnl
dnl HACK(`verify_sender_check_host', `',			`OK',		`SKIP')dnl
dnl HACK(`verify_sender_check_host', `',			`REJECT',	`REJECT')dnl
')')
dnl
ifdef(`confCHECK_RELAY_RESOLVE', `ifelse(confCHECK_RELAY_RESOLVE, `YES', `dnl
HACK(`check_relay_resolve')dnl
')')
dnl
ifdef(`confCHECK_RELAY_FORGED', `ifelse(confCHECK_RELAY_FORGED, `YES', `dnl
HACK(`check_relay_forged')dnl
')')
dnl
ifdef(`confCHECK_RELAY_DIALUP', `ifelse(confCHECK_RELAY_DIALUP, `YES', `dnl
HACK(`check_relay_dialup', ``550 Access from dsl/dial-up/cable relays denied, use SMTP of your provider'')
')')
dnl
HACK(`check_mail_from')dnl
HACK(`check_rcpt_to')dnl
dnl

define(`confCHECK_HELO_FORGED_RESOLVE_FAIL', `PASS')dnl
define(`confCHECK_HELO', `RESOLVE OWN ACCESS_DB SYNTAX IP_SYNTAX IP DIALUP')dnl

ifdef(`confCHECK_HELO', `ifelse(confCHECK_HELO, `NO', `dnl', `dnl
HACK(`check_helo')dnl
ifdef(`confCHECK_HELO_FAKE', `ifelse(confCHECK_HELO_FAKE, `YES', `dnl
HACK(`check_helo', `hotmail.com')dnl
HACK(`check_helo', `yahoo.com')dnl
HACK(`check_helo', `msn.com')dnl
HACK(`check_helo', `aol.com')dnl
HACK(`check_helo', `compuserve.com')dnl
HACK(`check_helo', `rambler.ru')dnl
HACK(`check_helo', `mail.ru')dnl
HACK(`check_helo', `yandex.ru')dnl
HACK(`check_helo', `chat.ru')dnl
HACK(`check_helo', `gala.net')dnl
HACK(`check_helo', `galaradio.com')dnl
')')
')')
dnl
ifdef(`confCHECK_HELO_FQDN', `ifelse(confCHECK_HELO_FQDN, `NO', `dnl', `dnl
HACK(`check_helo_fqdn')dnl
')')
dnl
ifdef(`confCHECK_DATE', `ifelse(confCHECK_DATE, `YES', `dnl
HACK(`check_date')dnl
')')
dnl
ifdef(`confCHECK_MAILING_LIST', `ifelse(confCHECK_MAILING_LIST, `YES', `dnl
HACK(`check_mailing_list')dnl
')')
dnl
ifdef(`confCHECK_ORGANIZATION', `ifelse(confCHECK_ORGANIZATION, `YES', `dnl
HACK(`check_organization')dnl
')')
dnl
ifdef(`confCHECK_MAILER', `ifelse(confCHECK_MAILER, `YES', `dnl
HACK(`check_mailer')dnl
')')
dnl
HACK(`check_message_id')dnl
dnl
ifdef(`confCHECK_SUBJECT', `ifelse(confCHECK_SUBJECT, `YES', `dnl
HACK(`check_subject')dnl
')')
dnl
ifdef(`confCHECK_MISC', `ifelse(confCHECK_MISC, `YES', `dnl
HACK(`check_misc')dnl
')')
dnl
ifdef(`confMAILBOX_QUOTE', `ifelse(confMAILBOX_QUOTE, `NO', `dnl', `dnl
HACK(`check_quote', `'confMAILBOX_QUOTE)dnl
')')
dnl
ifdef(`confAUTO_RETURN_RECEIPT', `ifelse(confAUTO_RETURN_RECEIPT, `YES', `dnl
HACK(`return-receipt')dnl
')')dnl
dnl
ifdef(`confCHECK_RECEIVED', `ifelse(confCHECK_RECEIVED, `YES', `dnl
HACK(`check_received')dnl
')')
dnl
ifdef(`confCHECK_RECEIVED_DNSBL', `ifelse(confCHECK_RECEIVED_DNSBL, `YES', `dnl
include(confSITE_DIR`/sendmail-dnsbl-received.inc.mc')dnl
')')
dnl
ifdef(`confRELAY_BASED_ON_MX', `ifelse(confRELAY_BASED_ON_MX, `NO', `dnl', `dnl
HACK(`relay_based_on_MX')dnl
')')
dnl
ifdef(`confCHECK_COMPAT', `ifelse(confCHECK_COMPAT, `YES', `dnl
HACK(`check_compat')dnl
')')
dnl
ifdef(`confRESTRICT_LUSER_RELAY', `ifelse(confRESTRICT_LUSER_RELAY, `YES', `dnl
HACK(`restrict_luser_relay')dnl
')')
dnl
ifdef(`confCHECK_DSN', `ifelse(confCHECK_DSN, `YES', `dnl
HACK(`check_DSN')dnl
')')
dnl
ifdef(`confCHECK_TRANSFER_ENCODING', `ifelse(confCHECK_TRANSFER_ENCODING, `NO', `dnl', `dnl
HACK(`check_transfer_encoding')dnl
HACK(`check_transfer_encoding', `PocoMail', `Ask PocoMail author fix the lame encoding definition')dnl
HACK(`check_transfer_encoding', `ROM-Mail')dnl
')')
dnl
ifdef(`confCHECK_LOCAL', `ifelse(confCHECK_LOCAL, `NO', `dnl', `dnl
ifelse_strstr(confCHECK_LOCAL, `MAIL_EQ_RCPT', `dnl
HACK(`check_fake_local')dnl
')
ifelse_strstr(confCHECK_LOCAL, `LOCALHOST', `dnl
HACK(`check_fake_internal')dnl
')
')')
dnl
ifdef(`confMAIL_BACKUP', `ifelse(confMAIL_BACKUP,	`YES', `dnl
HACK(`add_milter', `backup-smf.pl',			``confMAIL_BACKUP_PARAM'')dnl
')')
ifdef(`confCLAMAV', `ifelse(confCLAMAV,			`YES', `dnl
HACK(`add_milter', `clamav-milter',			``confCLAMAV_PARAM'')dnl
')')
ifdef(`confDRWEB', `ifelse(confDRWEB,			`YES', `dnl
HACK(`add_milter', `drweb-filter',			``confDRWEB_PARAM'')dnl
')')
ifdef(`confAMAVIS', `ifelse(confAMAVIS,			`YES', `dnl
HACK(`add_milter', `milter-amavis',			``confAMAVIS_PARAM'')dnl
')')
ifdef(`confMAIL_STATISTIC', `ifelse(confMAIL_STATISTIC,	`YES', `dnl
HACK(`add_milter', `stat-smf.pl',			``confMAIL_STATISTIC_PARAM'')dnl
')')
ifdef(`confVERIFY_ADDR', `ifelse(confVERIFY_ADDR,	`YES', `dnl
HACK(`add_milter', `verify-addr-smf.pl',		``confVERIFY_ADDR_PARAM'')dnl
')')
ifdef(`confSPAMASSASIN', `ifelse(confSPAMASSASIN,	`YES', `dnl
HACK(`add_milter', `spamassassin',			``confSPAMASSASIN_PARAM'')dnl
')')
ifdef(`confGREYLISTING', `ifelse(confGREYLISTING,	`YES', `dnl
HACK(`add_milter', `relaydelay',			``confGREYLISTING_PARAM'')dnl
')')
HACK(`add_milter')dnl
dnl
define(`confMILTER_MACROS_CONNECT',	confMILTER_MACROS_CONNECT`, v, Z, b, {client_addr}, {client_name}')dnl
define(`confMILTER_MACROS_HELO',	confMILTER_MACROS_HELO`, {verify}')dnl
define(`confMILTER_MACROS_ENVRCPT',	confMILTER_MACROS_ENVRCPT`, u, r')dnl

HACK(`check_from')dnl
HACK(`check_to')dnl

LOCAL_CONFIG

HX-Envelope-To: $u

dnl ######################################################################

dnl define(`confCHECK_OPEN_PROXY_SKIP_AUTH')dnl
dnl define(`confCHECK_OPEN_PROXY_SKIP_OUTGOING')dnl
dnl define(`confCHECK_OPEN_PROXY_SKIP_EXCLUDES')dnl
dnl HACK(`check_open_proxy', `smtp.relc.com:25', `220 smtp.relc.com ESMTP')dnl
dnl HACK(`check_open_proxy', `smtp.relc.com:25', `smtp.relc.com')dnl

dnl HACK(`check_relay_forged')dnl
dnl HACK(`check_ip')dnl

dnl LOCAL_SRV_FEATURES
dnl R $*		$#P

dnl HACK(`check_fake_local', `TrustedNets', `OK')
dnl HACK(`check_broken_charset')

dnl HACK(`check_reply_to')

dnl LOCAL_RULE_0
dnl R $*    $#error $@ 4.3.0 $: " test_rule_0: addr: '" $1 "'; f: '" $&f "'; mail_addr: '" $&{mail_addr} "'; _: '" $&_ "'"

dnl HACK(`check_broken_charset', `my.cool.mailer')
dnl HACK(`check_broken_charset', `PocoMail', `Ask PocoMail author fix the lame encoding definition')
dnl HACK(`check_broken_charset')

dnl HACK(`check_mail_from_domain')

dnl define(`confSRS_ENVFROM2SRC', `/usr/local/scripts/SRS/envfrom2srs.pl')dnl
dnl define(`confSRS_REVERSE_SRC', `/usr/local/scripts/SRS/srs2envtol.pl')dnl
dnl define(`confSRS_DOMAINS_SKIP', `LOCAL RELAY_DOMAINS')dnl
dnl define(`confSRS_DOMAINS_SKIP', `')dnl
dnl define(`confSRS_DOMAINS_SKIP_FILE', `/etc/mail/domains-srs')dnl
dnl HACK(`perlsrs-devel', `srs.corvax.falbi.kiev.ua')


HACK(`check_mail_domain_best_mx')dnl

dnl HACK(`check_relay_dialup')
dnl HACK(`check_relay_dialup_regex', `^.*\.pppppp\.')
dnl HACK(`check_relay_dialup_regex', `^.*\.pppppp2\.')
dnl HACK(`check_relay_dialup_token', `$+.pppppp.$+')
dnl HACK(`check_relay_dialup_token', `$+.pppppp2.$+')

dnl HACK(`restrict_outbound_mail')dnl

define(`confRESTR_IN_MAIL_ACCESS')
define(`confRESTR_IN_MAIL_ACCESS_PTR')
define(`confRESTR_IN_MAIL_ENV_FROM')
define(`confRESTR_IN_MAIL_R')
define(`confRESTR_IN_MAIL_HDR_FROM')
HACK(`restrict_incoming_mail')

define(`confCHECK_RECEIVED_SKIP', `SPAMFRIEND SKIP')dnl
HACK(`check_received')dnl


HACK(check_relay_dialup)
HACK(check_relay_dialup_regex,``^(.+[\.\-])?(adsl|cable|client|dhcp|dial|dial-in|dial-up|dialup|dsl|dyn|dynamic|dyndsl|pool|ppp|user|xdsl)[\.\-_0-9].+'')dnl
HACK(check_relay_dialup_regex,``^(.+\.)*(.*dsl|pool-|dial-*(up|in)|ppp)-*[0-9A-Fa-f-]+[.-]'')dnl
HACK(check_relay_dialup_regex,``(dial|dialup|adsl|dsl|dhcp|dyn|ip|ipt|ppp|cable|dslam|user|client|pool|subnet|network)(\.|-|[0-9]|_)'')dnl
HACK(`check_relay_dialup_digits', `5')

HACK(`verify_sender')