1N/Adivert(-1)
1N/A#
1N/A# Copyright (c) 1998-2010 Sendmail, Inc. and its suppliers.
1N/A# All rights reserved.
1N/A# Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved.
1N/A# Copyright (c) 1988, 1993
1N/A# The Regents of the University of California. All rights reserved.
1N/A#
1N/A# Copyright 2004 Sun Microsystems, Inc. All rights reserved.
1N/A# Use is subject to license terms.
1N/A#
1N/A# By using this file, you agree to the terms and conditions set
1N/A# forth in the LICENSE file which can be found at the top level of
1N/A# the sendmail distribution.
1N/A#
1N/A#
1N/Adivert(0)
1N/A
1N/AVERSIONID(`$Id: proto.m4,v 8.744 2010/11/23 20:29:47 guenther Exp $')
1N/A
1N/A# level CF_LEVEL config file format
1N/AV`'CF_LEVEL`'ifdef(`NO_VENDOR',`', `/ifdef(`VENDOR_NAME', `VENDOR_NAME', `Sun')')
1N/Adivert(-1)
1N/A
1N/Adnl if MAILER(`local') not defined: do it ourself; be nice
1N/Adnl maybe we should issue a warning?
1N/Aifdef(`_MAILER_local_',`', `MAILER(local)')
1N/A
1N/A# do some sanity checking
1N/Aifdef(`__OSTYPE__',,
1N/A `errprint(`*** ERROR: No system type defined (use OSTYPE macro)
1N/A')')
1N/A
1N/A# pick our default mailers
1N/Aifdef(`confSMTP_MAILER',, `define(`confSMTP_MAILER', `esmtp')')
1N/Aifdef(`confLOCAL_MAILER',, `define(`confLOCAL_MAILER', `local')')
1N/Aifdef(`confRELAY_MAILER',,
1N/A `define(`confRELAY_MAILER',
1N/A `ifdef(`_MAILER_smtp_', `relay',
1N/A `ifdef(`_MAILER_uucp', `uucp-new', `unknown')')')')
1N/Aifdef(`confUUCP_MAILER',, `define(`confUUCP_MAILER', `uucp-old')')
1N/Adefine(`_SMTP_', `confSMTP_MAILER')dnl for readability only
1N/Adefine(`_LOCAL_', `confLOCAL_MAILER')dnl for readability only
1N/Adefine(`_RELAY_', `confRELAY_MAILER')dnl for readability only
1N/Adefine(`_UUCP_', `confUUCP_MAILER')dnl for readability only
1N/A
1N/A# back compatibility with old config files
1N/Aifdef(`confDEF_GROUP_ID',
1N/A`errprint(`*** confDEF_GROUP_ID is obsolete.
1N/A Use confDEF_USER_ID with a colon in the value instead.
1N/A')')
1N/Aifdef(`confREAD_TIMEOUT',
1N/A`errprint(`*** confREAD_TIMEOUT is obsolete.
1N/A Use individual confTO_<timeout> parameters instead.
1N/A')')
1N/Aifdef(`confMESSAGE_TIMEOUT',
1N/A `define(`_ARG_', index(confMESSAGE_TIMEOUT, /))
1N/A ifelse(_ARG_, -1,
1N/A `define(`confTO_QUEUERETURN', confMESSAGE_TIMEOUT)',
1N/A `define(`confTO_QUEUERETURN',
1N/A substr(confMESSAGE_TIMEOUT, 0, _ARG_))
1N/A define(`confTO_QUEUEWARN',
1N/A substr(confMESSAGE_TIMEOUT, eval(_ARG_+1)))')')
1N/Aifdef(`confMIN_FREE_BLOCKS', `ifelse(index(confMIN_FREE_BLOCKS, /), -1,,
1N/A`errprint(`*** compound confMIN_FREE_BLOCKS is obsolete.
1N/A Use confMAX_MESSAGE_SIZE for the second part of the value.
1N/A')')')
1N/A
1N/A
1N/A# Sanity check on ldap_routing feature
1N/A# If the user doesn't specify a new map, they better have given as a
1N/A# default LDAP specification which has the LDAP base (and most likely the host)
1N/Aifdef(`confLDAP_DEFAULT_SPEC',, `ifdef(`_LDAP_ROUTING_WARN_', `errprint(`
1N/AWARNING: Using default FEATURE(ldap_routing) map definition(s)
1N/Awithout setting confLDAP_DEFAULT_SPEC option.
1N/A')')')dnl
1N/A
1N/A# clean option definitions below....
1N/Adefine(`_OPTION', `ifdef(`$2', `O $1`'ifelse(defn(`$2'), `',, `=$2')', `#O $1`'ifelse(`$3', `',,`=$3')')')dnl
1N/A
1N/Adnl required to "rename" the check_* rulesets...
1N/Adefine(`_U_',ifdef(`_DELAY_CHECKS_',`',`_'))
1N/Adnl default relaying denied message
1N/Aifdef(`confRELAY_MSG', `', `define(`confRELAY_MSG',
1N/Aifdef(`_USE_AUTH_', `"550 Relaying denied. Proper authentication required."', `"550 Relaying denied"'))')
1N/Aifdef(`confRCPTREJ_MSG', `', `define(`confRCPTREJ_MSG', `"550 Mailbox disabled for this recipient"')')
1N/Adefine(`_CODE553', `553')
1N/Adivert(0)dnl
1N/A
1N/A# override file safeties - setting this option compromises system security,
1N/A# addressing the actual file configuration problem is preferred
1N/A# need to set this before any file actions are encountered in the cf file
1N/A_OPTION(DontBlameSendmail, `confDONT_BLAME_SENDMAIL', `safe')
1N/A
1N/A# default LDAP map specification
1N/A# need to set this now before any LDAP maps are defined
1N/A_OPTION(LDAPDefaultSpec, `confLDAP_DEFAULT_SPEC', `-h localhost')
1N/A
1N/A##################
1N/A# local info #
1N/A##################
1N/A
1N/A# my LDAP cluster
1N/A# need to set this before any LDAP lookups are done (including classes)
1N/Aifdef(`confLDAP_CLUSTER', `D{sendmailMTACluster}`'confLDAP_CLUSTER', `#D{sendmailMTACluster}$m')
1N/A
1N/ACwlocalhost
1N/Aifdef(`USE_CW_FILE',
1N/A`# file containing names of hosts for which we receive email
1N/AFw`'confCW_FILE',
1N/A `dnl')
1N/A
1N/A# my official domain name
1N/A# ... `define' this only if sendmail cannot automatically determine your domain
1N/Aifdef(`confDOMAIN_NAME', `Dj`'confDOMAIN_NAME', `#Dj$w.Foo.COM')
1N/A
1N/A# host/domain names ending with a token in class P are canonical
1N/ACP.
1N/A
1N/Aifdef(`UUCP_RELAY',
1N/A`# UUCP relay host
1N/ADY`'UUCP_RELAY
1N/ACPUUCP
1N/A
1N/A')dnl
1N/Aifdef(`BITNET_RELAY',
1N/A`# BITNET relay host
1N/ADB`'BITNET_RELAY
1N/ACPBITNET
1N/A
1N/A')dnl
1N/Aifdef(`DECNET_RELAY',
1N/A`define(`_USE_DECNET_SYNTAX_', 1)dnl
1N/A# DECnet relay host
1N/ADC`'DECNET_RELAY
1N/ACPDECNET
1N/A
1N/A')dnl
1N/Aifdef(`FAX_RELAY',
1N/A`# FAX relay host
1N/ADF`'FAX_RELAY
1N/ACPFAX
1N/A
1N/A')dnl
1N/A# "Smart" relay host (may be null)
1N/ADS`'ifdef(`SMART_HOST', `SMART_HOST')
1N/A
1N/Aifdef(`LUSER_RELAY', `dnl
1N/A# place to which unknown users should be forwarded
1N/AKuser user -m -a<>
1N/ADL`'LUSER_RELAY',
1N/A`dnl')
1N/A
1N/A# operators that cannot be in local usernames (i.e., network indicators)
1N/ACO @ % ifdef(`_NO_UUCP_', `', `!')
1N/A
1N/A# a class with just dot (for identifying canonical names)
1N/AC..
1N/A
1N/A# a class with just a left bracket (for identifying domain literals)
1N/AC[[
1N/A
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/A# access_db acceptance class
1N/AC{Accept}OK RELAY
1N/Aifdef(`_DELAY_COMPAT_8_10_',`dnl
1N/Aifdef(`_BLACKLIST_RCPT_',`dnl
1N/A# possible access_db RHS for spam friends/haters
1N/AC{SpamTag}SPAMFRIEND SPAMHATER')')',
1N/A`dnl')
1N/A
1N/Adnl mark for "domain is ok" (resolved or accepted anyway)
1N/Adefine(`_RES_OK_', `OKR')dnl
1N/Aifdef(`_ACCEPT_UNRESOLVABLE_DOMAINS_',`dnl',`dnl
1N/A# Resolve map (to check if a host exists in check_mail)
1N/AKresolve host -a<_RES_OK_> -T<TEMP>')
1N/AC{ResOk}_RES_OK_
1N/A
1N/Aifdef(`_NEED_MACRO_MAP_', `dnl
1N/Aifdef(`_MACRO_MAP_', `', `# macro storage map
1N/Adefine(`_MACRO_MAP_', `1')dnl
1N/AKmacro macro')', `dnl')
1N/A
1N/Aifdef(`confCR_FILE', `dnl
1N/A# Hosts for which relaying is permitted ($=R)
1N/AFR`'confCR_FILE',
1N/A`dnl')
1N/A
1N/Adefine(`TLS_SRV_TAG', `"TLS_Srv"')dnl
1N/Adefine(`TLS_CLT_TAG', `"TLS_Clt"')dnl
1N/Adefine(`TLS_RCPT_TAG', `"TLS_Rcpt"')dnl
1N/Adefine(`TLS_TRY_TAG', `"Try_TLS"')dnl
1N/Adefine(`SRV_FEAT_TAG', `"Srv_Features"')dnl
1N/Adnl this may be useful in other contexts too
1N/Aifdef(`_ARITH_MAP_', `', `# arithmetic map
1N/Adefine(`_ARITH_MAP_', `1')dnl
1N/AKarith arith')
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/Aifdef(`_MACRO_MAP_', `', `# macro storage map
1N/Adefine(`_MACRO_MAP_', `1')dnl
1N/AKmacro macro')
1N/A# possible values for TLS_connection in access map
1N/AC{Tls}VERIFY ENCR', `dnl')
1N/Aifdef(`_CERT_REGEX_ISSUER_', `dnl
1N/A# extract relevant part from cert issuer
1N/AKCERTIssuer regex _CERT_REGEX_ISSUER_', `dnl')
1N/Aifdef(`_CERT_REGEX_SUBJECT_', `dnl
1N/A# extract relevant part from cert subject
1N/AKCERTSubject regex _CERT_REGEX_SUBJECT_', `dnl')
1N/A
1N/Aifdef(`LOCAL_RELAY', `dnl
1N/A# who I send unqualified names to if `FEATURE(stickyhost)' is used
1N/A# (null means deliver locally)
1N/ADR`'LOCAL_RELAY')
1N/A
1N/Aifdef(`MAIL_HUB', `dnl
1N/A# who gets all local email traffic
1N/A# ($R has precedence for unqualified names if `FEATURE(stickyhost)' is used)
1N/ADH`'MAIL_HUB')
1N/A
1N/A# dequoting map
1N/AKdequote dequote`'ifdef(`confDEQUOTE_OPTS', ` confDEQUOTE_OPTS', `')
1N/A
1N/Adivert(0)dnl # end of nullclient diversion
1N/A# class E: names that should be exposed as from this host, even if we masquerade
1N/A# class L: names that should be delivered locally, even if we have a relay
1N/A# class M: domains that should be converted to $M
1N/A# class N: domains that should not be converted to $M
1N/A#CL root
1N/Aundivert(5)dnl
1N/Aifdef(`_VIRTHOSTS_', `CR$={VirtHost}', `dnl')
1N/A
1N/Aifdef(`MASQUERADE_NAME', `dnl
1N/A# who I masquerade as (null for no masquerading) (see also $=M)
1N/ADM`'MASQUERADE_NAME')
1N/A
1N/A# my name for error messages
1N/Aifdef(`confMAILER_NAME', `Dn`'confMAILER_NAME', `#DnMAILER-DAEMON')
1N/A
1N/Aundivert(6)dnl LOCAL_CONFIG
1N/Ainclude(_CF_DIR_`m4/version.m4')
1N/A
1N/A###############
1N/A# Options #
1N/A###############
1N/Aifdef(`confAUTO_REBUILD',
1N/A`errprint(WARNING: `confAUTO_REBUILD' is no longer valid.
1N/A There was a potential for a denial of service attack if this is set.
1N/A)')dnl
1N/A
1N/A# strip message body to 7 bits on input?
1N/A_OPTION(SevenBitInput, `confSEVEN_BIT_INPUT', `False')
1N/A
1N/A# 8-bit data handling
1N/A_OPTION(EightBitMode, `confEIGHT_BIT_HANDLING', `pass8')
1N/A
1N/A# wait for alias file rebuild (default units: minutes)
1N/A_OPTION(AliasWait, `confALIAS_WAIT', `5m')
1N/A
1N/A# location of alias file
1N/A_OPTION(AliasFile, `ALIAS_FILE', `MAIL_SETTINGS_DIR`'aliases')
1N/A
1N/A# minimum number of free blocks on filesystem
1N/A_OPTION(MinFreeBlocks, `confMIN_FREE_BLOCKS', `100')
1N/A
1N/A# maximum message size
1N/A_OPTION(MaxMessageSize, `confMAX_MESSAGE_SIZE', `0')
1N/A
1N/A# substitution for space (blank) characters
1N/A_OPTION(BlankSub, `confBLANK_SUB', `_')
1N/A
1N/A# avoid connecting to "expensive" mailers on initial submission?
1N/A_OPTION(HoldExpensive, `confCON_EXPENSIVE', `False')
1N/A
1N/A# checkpoint queue runs after every N successful deliveries
1N/A_OPTION(CheckpointInterval, `confCHECKPOINT_INTERVAL', `10')
1N/A
1N/A# default delivery mode
1N/A_OPTION(DeliveryMode, `confDELIVERY_MODE', `background')
1N/A
1N/A# error message header/file
1N/A_OPTION(ErrorHeader, `confERROR_MESSAGE', `MAIL_SETTINGS_DIR`'error-header')
1N/A
1N/A# error mode
1N/A_OPTION(ErrorMode, `confERROR_MODE', `print')
1N/A
1N/A# save Unix-style "From_" lines at top of header?
1N/A_OPTION(SaveFromLine, `confSAVE_FROM_LINES', `False')
1N/A
1N/A# queue file mode (qf files)
1N/A_OPTION(QueueFileMode, `confQUEUE_FILE_MODE', `0600')
1N/A
1N/A# temporary file mode
1N/A_OPTION(TempFileMode, `confTEMP_FILE_MODE', `0600')
1N/A
1N/A# match recipients against GECOS field?
1N/A_OPTION(MatchGECOS, `confMATCH_GECOS', `False')
1N/A
1N/A# maximum hop count
1N/A_OPTION(MaxHopCount, `confMAX_HOP', `25')
1N/A
1N/A# location of help file
1N/AO HelpFile=ifdef(`HELP_FILE', HELP_FILE, `MAIL_SETTINGS_DIR`'helpfile')
1N/A
1N/A# ignore dots as terminators in incoming messages?
1N/A_OPTION(IgnoreDots, `confIGNORE_DOTS', `False')
1N/A
1N/A# name resolver options
1N/A_OPTION(ResolverOptions, `confBIND_OPTS', `+AAONLY')
1N/A
1N/A# deliver MIME-encapsulated error messages?
1N/A_OPTION(SendMimeErrors, `confMIME_FORMAT_ERRORS', `True')
1N/A
1N/A# Forward file search path
1N/A_OPTION(ForwardPath, `confFORWARD_PATH', `/var/forward/$u:$z/.forward.$w:$z/.forward')
1N/A
1N/A# open connection cache size
1N/A_OPTION(ConnectionCacheSize, `confMCI_CACHE_SIZE', `2')
1N/A
1N/A# open connection cache timeout
1N/A_OPTION(ConnectionCacheTimeout, `confMCI_CACHE_TIMEOUT', `5m')
1N/A
1N/A# persistent host status directory
1N/A_OPTION(HostStatusDirectory, `confHOST_STATUS_DIRECTORY', `.hoststat')
1N/A
1N/A# single thread deliveries (requires HostStatusDirectory)?
1N/A_OPTION(SingleThreadDelivery, `confSINGLE_THREAD_DELIVERY', `False')
1N/A
1N/A# use Errors-To: header?
1N/A_OPTION(UseErrorsTo, `confUSE_ERRORS_TO', `False')
1N/A
1N/A# log level
1N/A_OPTION(LogLevel, `confLOG_LEVEL', `10')
1N/A
1N/A# send to me too, even in an alias expansion?
1N/A_OPTION(MeToo, `confME_TOO', `True')
1N/A
1N/A# verify RHS in newaliases?
1N/A_OPTION(CheckAliases, `confCHECK_ALIASES', `False')
1N/A
1N/A# default messages to old style headers if no special punctuation?
1N/A_OPTION(OldStyleHeaders, `confOLD_STYLE_HEADERS', `False')
1N/A
1N/A# SMTP daemon options
1N/Aifelse(defn(`confDAEMON_OPTIONS'), `', `dnl',
1N/A`errprint(WARNING: `confDAEMON_OPTIONS' is no longer valid.
1N/A Use `DAEMON_OPTIONS()'; see cf/README.
1N/A)'dnl
1N/A`DAEMON_OPTIONS(`confDAEMON_OPTIONS')')
1N/Aifelse(defn(`_DPO_'), `',
1N/A`ifdef(`_NETINET6_', `O DaemonPortOptions=Name=MTA-v4, Family=inet
1N/AO DaemonPortOptions=Name=MTA-v6, Family=inet6',`O DaemonPortOptions=Name=MTA')', `_DPO_')
1N/Aifdef(`_NO_MSA_', `dnl', `O DaemonPortOptions=Port=587, Name=MSA, M=E')
1N/A
1N/A# SMTP client options
1N/Aifelse(defn(`confCLIENT_OPTIONS'), `', `dnl',
1N/A`errprint(WARNING: `confCLIENT_OPTIONS' is no longer valid. See cf/README for more information.
1N/A)'dnl
1N/A`CLIENT_OPTIONS(`confCLIENT_OPTIONS')')
1N/Aifelse(defn(`_CPO_'), `',
1N/A`#O ClientPortOptions=Family=inet, Address=0.0.0.0', `_CPO_')
1N/A
1N/A# Modifiers to `define' {daemon_flags} for direct submissions
1N/A_OPTION(DirectSubmissionModifiers, `confDIRECT_SUBMISSION_MODIFIERS', `')
1N/A
1N/A# Use as mail submission program? See sendmail/SECURITY
1N/A_OPTION(UseMSP, `confUSE_MSP', `')
1N/A
1N/A# privacy flags
1N/A_OPTION(PrivacyOptions, `confPRIVACY_FLAGS', `authwarnings')
1N/A
1N/A# who (if anyone) should get extra copies of error messages
1N/A_OPTION(PostmasterCopy, `confCOPY_ERRORS_TO', `Postmaster')
1N/A
1N/A# slope of queue-only function
1N/A_OPTION(QueueFactor, `confQUEUE_FACTOR', `600000')
1N/A
1N/A# limit on number of concurrent queue runners
1N/A_OPTION(MaxQueueChildren, `confMAX_QUEUE_CHILDREN', `')
1N/A
1N/A# maximum number of queue-runners per queue-grouping with multiple queues
1N/A_OPTION(MaxRunnersPerQueue, `confMAX_RUNNERS_PER_QUEUE', `1')
1N/A
1N/A# priority of queue runners (nice(3))
1N/A_OPTION(NiceQueueRun, `confNICE_QUEUE_RUN', `')
1N/A
1N/A# shall we sort the queue by hostname first?
1N/A_OPTION(QueueSortOrder, `confQUEUE_SORT_ORDER', `priority')
1N/A
1N/A# minimum time in queue before retry
1N/A_OPTION(MinQueueAge, `confMIN_QUEUE_AGE', `30m')
1N/A
1N/A# how many jobs can you process in the queue?
1N/A_OPTION(MaxQueueRunSize, `confMAX_QUEUE_RUN_SIZE', `0')
1N/A
1N/A# perform initial split of envelope without checking MX records
1N/A_OPTION(FastSplit, `confFAST_SPLIT', `1')
1N/A
1N/A# queue directory
1N/AO QueueDirectory=ifdef(`QUEUE_DIR', QUEUE_DIR, `/var/spool/mqueue')
1N/A
1N/A# key for shared memory; 0 to turn off, -1 to auto-select
1N/A_OPTION(SharedMemoryKey, `confSHARED_MEMORY_KEY', `0')
1N/A
1N/A# file to store auto-selected key for shared memory (SharedMemoryKey = -1)
1N/A_OPTION(SharedMemoryKeyFile, `confSHARED_MEMORY_KEY_FILE', `')
1N/A
1N/A# timeouts (many of these)
1N/A_OPTION(Timeout.initial, `confTO_INITIAL', `5m')
1N/A_OPTION(Timeout.connect, `confTO_CONNECT', `5m')
1N/A_OPTION(Timeout.aconnect, `confTO_ACONNECT', `0s')
1N/A_OPTION(Timeout.iconnect, `confTO_ICONNECT', `5m')
1N/A_OPTION(Timeout.helo, `confTO_HELO', `5m')
1N/A_OPTION(Timeout.mail, `confTO_MAIL', `10m')
1N/A_OPTION(Timeout.rcpt, `confTO_RCPT', `1h')
1N/A_OPTION(Timeout.datainit, `confTO_DATAINIT', `5m')
1N/A_OPTION(Timeout.datablock, `confTO_DATABLOCK', `1h')
1N/A_OPTION(Timeout.datafinal, `confTO_DATAFINAL', `1h')
1N/A_OPTION(Timeout.rset, `confTO_RSET', `5m')
1N/A_OPTION(Timeout.quit, `confTO_QUIT', `2m')
1N/A_OPTION(Timeout.misc, `confTO_MISC', `2m')
1N/A_OPTION(Timeout.command, `confTO_COMMAND', `1h')
1N/A_OPTION(Timeout.ident, `confTO_IDENT', `5s')
1N/A_OPTION(Timeout.fileopen, `confTO_FILEOPEN', `60s')
1N/A_OPTION(Timeout.control, `confTO_CONTROL', `2m')
1N/A_OPTION(Timeout.queuereturn, `confTO_QUEUERETURN', `5d')
1N/A_OPTION(Timeout.queuereturn.normal, `confTO_QUEUERETURN_NORMAL', `5d')
1N/A_OPTION(Timeout.queuereturn.urgent, `confTO_QUEUERETURN_URGENT', `2d')
1N/A_OPTION(Timeout.queuereturn.non-urgent, `confTO_QUEUERETURN_NONURGENT', `7d')
1N/A_OPTION(Timeout.queuereturn.dsn, `confTO_QUEUERETURN_DSN', `5d')
1N/A_OPTION(Timeout.queuewarn, `confTO_QUEUEWARN', `4h')
1N/A_OPTION(Timeout.queuewarn.normal, `confTO_QUEUEWARN_NORMAL', `4h')
1N/A_OPTION(Timeout.queuewarn.urgent, `confTO_QUEUEWARN_URGENT', `1h')
1N/A_OPTION(Timeout.queuewarn.non-urgent, `confTO_QUEUEWARN_NONURGENT', `12h')
1N/A_OPTION(Timeout.queuewarn.dsn, `confTO_QUEUEWARN_DSN', `4h')
1N/A_OPTION(Timeout.hoststatus, `confTO_HOSTSTATUS', `30m')
1N/A_OPTION(Timeout.resolver.retrans, `confTO_RESOLVER_RETRANS', `5s')
1N/A_OPTION(Timeout.resolver.retrans.first, `confTO_RESOLVER_RETRANS_FIRST', `5s')
1N/A_OPTION(Timeout.resolver.retrans.normal, `confTO_RESOLVER_RETRANS_NORMAL', `5s')
1N/A_OPTION(Timeout.resolver.retry, `confTO_RESOLVER_RETRY', `4')
1N/A_OPTION(Timeout.resolver.retry.first, `confTO_RESOLVER_RETRY_FIRST', `4')
1N/A_OPTION(Timeout.resolver.retry.normal, `confTO_RESOLVER_RETRY_NORMAL', `4')
1N/A_OPTION(Timeout.lhlo, `confTO_LHLO', `2m')
1N/A_OPTION(Timeout.auth, `confTO_AUTH', `10m')
1N/A_OPTION(Timeout.starttls, `confTO_STARTTLS', `1h')
1N/A
1N/A# time for DeliverBy; extension disabled if less than 0
1N/A_OPTION(DeliverByMin, `confDELIVER_BY_MIN', `0')
1N/A
1N/A# should we not prune routes in route-addr syntax addresses?
1N/A_OPTION(DontPruneRoutes, `confDONT_PRUNE_ROUTES', `False')
1N/A
1N/A# queue up everything before forking?
1N/A_OPTION(SuperSafe, `confSAFE_QUEUE', `True')
1N/A
1N/A# status file
1N/A_OPTION(StatusFile, `STATUS_FILE')
1N/A
1N/A# time zone handling:
1N/A# if undefined, use system default
1N/A# if defined but null, use TZ envariable passed in
1N/A# if defined and non-null, use that info
1N/Aifelse(confTIME_ZONE, `USE_SYSTEM', `#O TimeZoneSpec=',
1N/A confTIME_ZONE, `USE_TZ', `O TimeZoneSpec=',
1N/A `O TimeZoneSpec=confTIME_ZONE')
1N/A
1N/A# default UID (can be username or userid:groupid)
1N/A_OPTION(DefaultUser, `confDEF_USER_ID', `mailnull')
1N/A
1N/A# list of locations of user database file (null means no lookup)
1N/A_OPTION(UserDatabaseSpec, `confUSERDB_SPEC', `MAIL_SETTINGS_DIR`'userdb')
1N/A
1N/A# fallback MX host
1N/A_OPTION(FallbackMXhost, `confFALLBACK_MX', `fall.back.host.net')
1N/A
1N/A# fallback smart host
1N/A_OPTION(FallbackSmartHost, `confFALLBACK_SMARTHOST', `fall.back.host.net')
1N/A
1N/A# if we are the best MX host for a site, try it directly instead of config err
1N/A_OPTION(TryNullMXList, `confTRY_NULL_MX_LIST', `False')
1N/A
1N/A# load average at which we just queue messages
1N/A_OPTION(QueueLA, `confQUEUE_LA', `8')
1N/A
1N/A# load average at which we refuse connections
1N/A_OPTION(RefuseLA, `confREFUSE_LA', `12')
1N/A
1N/A# log interval when refusing connections for this long
1N/A_OPTION(RejectLogInterval, `confREJECT_LOG_INTERVAL', `3h')
1N/A
1N/A# load average at which we delay connections; 0 means no limit
1N/A_OPTION(DelayLA, `confDELAY_LA', `0')
1N/A
1N/A# maximum number of children we allow at one time
1N/A_OPTION(MaxDaemonChildren, `confMAX_DAEMON_CHILDREN', `0')
1N/A
1N/A# maximum number of new connections per second
1N/A_OPTION(ConnectionRateThrottle, `confCONNECTION_RATE_THROTTLE', `0')
1N/A
1N/A# Width of the window
1N/A_OPTION(ConnectionRateWindowSize, `confCONNECTION_RATE_WINDOW_SIZE', `60s')
1N/A
1N/A# work recipient factor
1N/A_OPTION(RecipientFactor, `confWORK_RECIPIENT_FACTOR', `30000')
1N/A
1N/A# deliver each queued job in a separate process?
1N/A_OPTION(ForkEachJob, `confSEPARATE_PROC', `False')
1N/A
1N/A# work class factor
1N/A_OPTION(ClassFactor, `confWORK_CLASS_FACTOR', `1800')
1N/A
1N/A# work time factor
1N/A_OPTION(RetryFactor, `confWORK_TIME_FACTOR', `90000')
1N/A
1N/A# default character set
1N/A_OPTION(DefaultCharSet, `confDEF_CHAR_SET', `unknown-8bit')
1N/A
1N/A# service switch file (name hardwired on Solaris, Ultrix, OSF/1, others)
1N/A_OPTION(ServiceSwitchFile, `confSERVICE_SWITCH_FILE', `MAIL_SETTINGS_DIR`'service.switch')
1N/A
1N/A# hosts file (normally /etc/hosts)
1N/A_OPTION(HostsFile, `confHOSTS_FILE', `/etc/hosts')
1N/A
1N/A# dialup line delay on connection failure
1N/A_OPTION(DialDelay, `confDIAL_DELAY', `0s')
1N/A
1N/A# action to take if there are no recipients in the message
1N/A_OPTION(NoRecipientAction, `confNO_RCPT_ACTION', `none')
1N/A
1N/A# chrooted environment for writing to files
1N/A_OPTION(SafeFileEnvironment, `confSAFE_FILE_ENV', `')
1N/A
1N/A# are colons OK in addresses?
1N/A_OPTION(ColonOkInAddr, `confCOLON_OK_IN_ADDR', `True')
1N/A
1N/A# shall I avoid expanding CNAMEs (violates protocols)?
1N/A_OPTION(DontExpandCnames, `confDONT_EXPAND_CNAMES', `False')
1N/A
1N/A# SMTP initial login message (old $e macro)
1N/A_OPTION(SmtpGreetingMessage, `confSMTP_LOGIN_MSG', `$j Sendmail $v ready at $b')
1N/A
1N/A# UNIX initial From header format (old $l macro)
1N/A_OPTION(UnixFromLine, `confFROM_LINE', `From $g $d')
1N/A
1N/A# From: lines that have embedded newlines are unwrapped onto one line
1N/A_OPTION(SingleLineFromHeader, `confSINGLE_LINE_FROM_HEADER', `False')
1N/A
1N/A# Allow HELO SMTP command that does not `include' a host name
1N/A_OPTION(AllowBogusHELO, `confALLOW_BOGUS_HELO', `False')
1N/A
1N/A# Characters to be quoted in a full name phrase (@,;:\()[] are automatic)
1N/A_OPTION(MustQuoteChars, `confMUST_QUOTE_CHARS', `.')
1N/A
1N/A# delimiter (operator) characters (old $o macro)
1N/A_OPTION(OperatorChars, `confOPERATORS', `.:@[]')
1N/A
1N/A# shall I avoid calling initgroups(3) because of high NIS costs?
1N/A_OPTION(DontInitGroups, `confDONT_INIT_GROUPS', `False')
1N/A
1N/A# are group-writable `:include:' and .forward files (un)trustworthy?
1N/A# True (the default) means they are not trustworthy.
1N/A_OPTION(UnsafeGroupWrites, `confUNSAFE_GROUP_WRITES', `True')
1N/Aifdef(`confUNSAFE_GROUP_WRITES',
1N/A`errprint(`WARNING: confUNSAFE_GROUP_WRITES is deprecated; use confDONT_BLAME_SENDMAIL.
1N/A')')
1N/A
1N/A# where do errors that occur when sending errors get sent?
1N/A_OPTION(DoubleBounceAddress, `confDOUBLE_BOUNCE_ADDRESS', `postmaster')
1N/A
1N/A# issue temporary errors (4xy) instead of permanent errors (5xy)?
1N/A_OPTION(SoftBounce, `confSOFT_BOUNCE', `False')
1N/A
1N/A# where to save bounces if all else fails
1N/A_OPTION(DeadLetterDrop, `confDEAD_LETTER_DROP', `/var/tmp/dead.letter')
1N/A
1N/A# what user id do we assume for the majority of the processing?
1N/A_OPTION(RunAsUser, `confRUN_AS_USER', `sendmail')
1N/A
1N/A# maximum number of recipients per SMTP envelope
1N/A_OPTION(MaxRecipientsPerMessage, `confMAX_RCPTS_PER_MESSAGE', `0')
1N/A
1N/A# limit the rate recipients per SMTP envelope are accepted
1N/A# once the threshold number of recipients have been rejected
1N/A_OPTION(BadRcptThrottle, `confBAD_RCPT_THROTTLE', `0')
1N/A
1N/A
1N/A# shall we get local names from our installed interfaces?
1N/A_OPTION(DontProbeInterfaces, `confDONT_PROBE_INTERFACES', `False')
1N/A
1N/A# Return-Receipt-To: header implies DSN request
1N/A_OPTION(RrtImpliesDsn, `confRRT_IMPLIES_DSN', `False')
1N/A
1N/A# override connection address (for testing)
1N/A_OPTION(ConnectOnlyTo, `confCONNECT_ONLY_TO', `0.0.0.0')
1N/A
1N/A# Trusted user for file ownership and starting the daemon
1N/A_OPTION(TrustedUser, `confTRUSTED_USER', `root')
1N/A
1N/A# Control socket for daemon management
1N/A_OPTION(ControlSocketName, `confCONTROL_SOCKET_NAME', `/var/spool/mqueue/.control')
1N/A
1N/A# Maximum MIME header length to protect MUAs
1N/A_OPTION(MaxMimeHeaderLength, `confMAX_MIME_HEADER_LENGTH', `2048/1024')
1N/A
1N/A# Maximum length of the sum of all headers
1N/A_OPTION(MaxHeadersLength, `confMAX_HEADERS_LENGTH', `32768')
1N/A
1N/A# Maximum depth of alias recursion
1N/A_OPTION(MaxAliasRecursion, `confMAX_ALIAS_RECURSION', `10')
1N/A
1N/A# location of pid file
1N/A_OPTION(PidFile, `confPID_FILE', `/var/run/sendmail.pid')
1N/A
1N/A# Prefix string for the process title shown on 'ps' listings
1N/A_OPTION(ProcessTitlePrefix, `confPROCESS_TITLE_PREFIX', `prefix')
1N/A
1N/A# Data file (df) memory-buffer file maximum size
1N/A_OPTION(DataFileBufferSize, `confDF_BUFFER_SIZE', `4096')
1N/A
1N/A# Transcript file (xf) memory-buffer file maximum size
1N/A_OPTION(XscriptFileBufferSize, `confXF_BUFFER_SIZE', `4096')
1N/A
1N/A# lookup type to find information about local mailboxes
1N/A_OPTION(MailboxDatabase, `confMAILBOX_DATABASE', `pw')
1N/A
1N/A# override compile time flag REQUIRES_DIR_FSYNC
1N/A_OPTION(RequiresDirfsync, `confREQUIRES_DIR_FSYNC', `true')
1N/A
1N/A# list of authentication mechanisms
1N/A_OPTION(AuthMechanisms, `confAUTH_MECHANISMS', `EXTERNAL GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5')
1N/A
1N/A# Authentication realm
1N/A_OPTION(AuthRealm, `confAUTH_REALM', `')
1N/A
1N/A# default authentication information for outgoing connections
1N/A_OPTION(DefaultAuthInfo, `confDEF_AUTH_INFO', `MAIL_SETTINGS_DIR`'default-auth-info')
1N/A
1N/A# SMTP AUTH flags
1N/A_OPTION(AuthOptions, `confAUTH_OPTIONS', `')
1N/A
1N/A# SMTP AUTH maximum encryption strength
1N/A_OPTION(AuthMaxBits, `confAUTH_MAX_BITS', `')
1N/A
1N/A# SMTP STARTTLS server options
1N/A_OPTION(TLSSrvOptions, `confTLS_SRV_OPTIONS', `')
1N/A
1N/A
1N/A# Input mail filters
1N/A_OPTION(InputMailFilters, `confINPUT_MAIL_FILTERS', `')
1N/A
1N/Aifelse(len(X`'_MAIL_FILTERS_DEF), `1', `dnl', `dnl
1N/A# Milter options
1N/A_OPTION(Milter.LogLevel, `confMILTER_LOG_LEVEL', `')
1N/A_OPTION(Milter.macros.connect, `confMILTER_MACROS_CONNECT', `')
1N/A_OPTION(Milter.macros.helo, `confMILTER_MACROS_HELO', `')
1N/A_OPTION(Milter.macros.envfrom, `confMILTER_MACROS_ENVFROM', `')
1N/A_OPTION(Milter.macros.envrcpt, `confMILTER_MACROS_ENVRCPT', `')
1N/A_OPTION(Milter.macros.eom, `confMILTER_MACROS_EOM', `')
1N/A_OPTION(Milter.macros.eoh, `confMILTER_MACROS_EOH', `')
1N/A_OPTION(Milter.macros.data, `confMILTER_MACROS_DATA', `')')
1N/A
1N/A# CA directory
1N/A_OPTION(CACertPath, `confCACERT_PATH', `')
1N/A# CA file
1N/A_OPTION(CACertFile, `confCACERT', `')
1N/A# Server Cert
1N/A_OPTION(ServerCertFile, `confSERVER_CERT', `')
1N/A# Server private key
1N/A_OPTION(ServerKeyFile, `confSERVER_KEY', `')
1N/A# Client Cert
1N/A_OPTION(ClientCertFile, `confCLIENT_CERT', `')
1N/A# Client private key
1N/A_OPTION(ClientKeyFile, `confCLIENT_KEY', `')
1N/A# File containing certificate revocation lists
1N/A_OPTION(CRLFile, `confCRL', `')
1N/A# DHParameters (only required if DSA/DH is used)
1N/A_OPTION(DHParameters, `confDH_PARAMETERS', `')
1N/A# Random data source (required for systems without /dev/urandom under OpenSSL)
1N/A_OPTION(RandFile, `confRAND_FILE', `')
1N/A
1N/A# Maximum number of "useless" commands before slowing down
1N/A_OPTION(MaxNOOPCommands, `confMAX_NOOP_COMMANDS', `20')
1N/A
1N/A# Name to use for EHLO (defaults to $j)
1N/A_OPTION(HeloName, `confHELO_NAME')
1N/A
1N/A############################
1N/A`# QUEUE GROUP DEFINITIONS #'
1N/A############################
1N/A_QUEUE_GROUP_
1N/A
1N/A###########################
1N/A# Message precedences #
1N/A###########################
1N/A
1N/APfirst-class=0
1N/APspecial-delivery=100
1N/APlist=-30
1N/APbulk=-60
1N/APjunk=-100
1N/A
1N/A#####################
1N/A# Trusted users #
1N/A#####################
1N/A
1N/A# this is equivalent to setting class "t"
1N/Aifdef(`_USE_CT_FILE_', `', `#')Ft`'ifdef(`confCT_FILE', confCT_FILE, `MAIL_SETTINGS_DIR`'trusted-users')
1N/ATroot
1N/ATdaemon
1N/Aifdef(`_NO_UUCP_', `dnl', `Tuucp')
1N/Aifdef(`confTRUSTED_USERS', `T`'confTRUSTED_USERS', `dnl')
1N/A
1N/A#########################
1N/A# Format of headers #
1N/A#########################
1N/A
1N/Aifdef(`confFROM_HEADER',, `define(`confFROM_HEADER', `$?x$x <$g>$|$g$.')')dnl
1N/Aifdef(`confMESSAGEID_HEADER',, `define(`confMESSAGEID_HEADER', `<$t.$i@$j>')')dnl
1N/AH?P?Return-Path: <$g>
1N/AHReceived: confRECEIVED_HEADER
1N/AH?D?Resent-Date: $a
1N/AH?D?Date: $a
1N/AH?F?Resent-From: confFROM_HEADER
1N/AH?F?From: confFROM_HEADER
1N/AH?x?Full-Name: $x
1N/A# HPosted-Date: $a
1N/A# H?l?Received-Date: $b
1N/AH?M?Resent-Message-Id: confMESSAGEID_HEADER
1N/AH?M?Message-Id: confMESSAGEID_HEADER
1N/A
1N/A#
1N/A######################################################################
1N/A######################################################################
1N/A#####
1N/A##### REWRITING RULES
1N/A#####
1N/A######################################################################
1N/A######################################################################
1N/A
1N/A############################################
1N/A### Ruleset 3 -- Name Canonicalization ###
1N/A############################################
1N/AScanonify=3
1N/A
1N/A# handle null input (translate to <@> special case)
1N/AR$@ $@ <@>
1N/A
1N/A# strip group: syntax (not inside angle brackets!) and trailing semicolon
1N/AR$* $: $1 <@> mark addresses
1N/AR$* < $* > $* <@> $: $1 < $2 > $3 unmark <addr>
1N/AR@ $* <@> $: @ $1 unmark @host:...
1N/AR$* [ IPv6 : $+ ] <@> $: $1 [ IPv6 : $2 ] unmark IPv6 addr
1N/AR$* :: $* <@> $: $1 :: $2 unmark node::addr
1N/AR:`include': $* <@> $: :`include': $1 unmark :`include':...
1N/AR$* : $* [ $* ] $: $1 : $2 [ $3 ] <@> remark if leading colon
1N/AR$* : $* <@> $: $2 strip colon if marked
1N/AR$* <@> $: $1 unmark
1N/AR$* ; $1 strip trailing semi
1N/AR$* < $+ :; > $* $@ $2 :; <@> catch <list:;>
1N/AR$* < $* ; > $1 < $2 > bogus bracketed semi
1N/A
1N/A# null input now results from list:; syntax
1N/AR$@ $@ :; <@>
1N/A
1N/A# strip angle brackets -- note RFC733 heuristic to get innermost item
1N/AR$* $: < $1 > housekeeping <>
1N/AR$+ < $* > < $2 > strip excess on left
1N/AR< $* > $+ < $1 > strip excess on right
1N/AR<> $@ < @ > MAIL FROM:<> case
1N/AR< $+ > $: $1 remove housekeeping <>
1N/A
1N/Aifdef(`_USE_DEPRECATED_ROUTE_ADDR_',`dnl
1N/A# make sure <@a,@b,@c:user@d> syntax is easy to parse -- undone later
1N/AR@ $+ , $+ @ $1 : $2 change all "," to ":"
1N/A
1N/A# localize and dispose of route-based addresses
1N/Adnl XXX: IPv6 colon conflict
1N/Aifdef(`NO_NETINET6', `dnl',
1N/A`R@ [$+] : $+ $@ $>Canonify2 < @ [$1] > : $2 handle <route-addr>')
1N/AR@ $+ : $+ $@ $>Canonify2 < @$1 > : $2 handle <route-addr>
1N/Adnl',`dnl
1N/A# strip route address <@a,@b,@c:user@d> -> <user@d>
1N/AR@ $+ , $+ $2
1N/Aifdef(`NO_NETINET6', `dnl',
1N/A`R@ [ $* ] : $+ $2')
1N/AR@ $+ : $+ $2
1N/Adnl')
1N/A
1N/A# find focus for list syntax
1N/AR $+ : $* ; @ $+ $@ $>Canonify2 $1 : $2 ; < @ $3 > list syntax
1N/AR $+ : $* ; $@ $1 : $2; list syntax
1N/A
1N/A# find focus for @ syntax addresses
1N/AR$+ @ $+ $: $1 < @ $2 > focus on domain
1N/AR$+ < $+ @ $+ > $1 $2 < @ $3 > move gaze right
1N/AR$+ < @ $+ > $@ $>Canonify2 $1 < @ $2 > already canonical
1N/A
1N/Adnl This is flagged as an error in S0; no need to silently fix it here.
1N/Adnl # do some sanity checking
1N/Adnl R$* < @ $~[ $* : $* > $* $1 < @ $2 $3 > $4 nix colons in addrs
1N/A
1N/Aifdef(`_NO_UUCP_', `dnl',
1N/A`# convert old-style addresses to a domain-based address
1N/AR$- ! $+ $@ $>Canonify2 $2 < @ $1 .UUCP > resolve uucp names
1N/AR$+ . $- ! $+ $@ $>Canonify2 $3 < @ $1 . $2 > domain uucps
1N/AR$+ ! $+ $@ $>Canonify2 $2 < @ $1 .UUCP > uucp subdomains
1N/A')
1N/Aifdef(`_USE_DECNET_SYNTAX_',
1N/A`# convert node::user addresses into a domain-based address
1N/AR$- :: $+ $@ $>Canonify2 $2 < @ $1 .DECNET > resolve DECnet names
1N/AR$- . $- :: $+ $@ $>Canonify2 $3 < @ $1.$2 .DECNET > numeric DECnet addr
1N/A',
1N/A `dnl')
1N/A# if we have % signs, take the rightmost one
1N/AR$* % $* $1 @ $2 First make them all @s.
1N/AR$* @ $* @ $* $1 % $2 @ $3 Undo all but the last.
1N/AR$* @ $* $@ $>Canonify2 $1 < @ $2 > Insert < > and finish
1N/A
1N/A# else we must be a local name
1N/AR$* $@ $>Canonify2 $1
1N/A
1N/A
1N/A################################################
1N/A### Ruleset 96 -- bottom half of ruleset 3 ###
1N/A################################################
1N/A
1N/ASCanonify2=96
1N/A
1N/A# handle special cases for local names
1N/AR$* < @ localhost > $* $: $1 < @ $j . > $2 no domain at all
1N/AR$* < @ localhost . $m > $* $: $1 < @ $j . > $2 local domain
1N/Aifdef(`_NO_UUCP_', `dnl',
1N/A`R$* < @ localhost . UUCP > $* $: $1 < @ $j . > $2 .UUCP domain')
1N/A
1N/A# check for IPv4/IPv6 domain literal
1N/AR$* < @ [ $+ ] > $* $: $1 < @@ [ $2 ] > $3 mark [addr]
1N/AR$* < @@ $=w > $* $: $1 < @ $j . > $3 self-literal
1N/AR$* < @@ $+ > $* $@ $1 < @ $2 > $3 canon IP addr
1N/A
1N/Aifdef(`_DOMAIN_TABLE_', `dnl
1N/A# look up domains in the domain table
1N/AR$* < @ $+ > $* $: $1 < @ $(domaintable $2 $) > $3', `dnl')
1N/A
1N/Aundivert(2)dnl LOCAL_RULE_3
1N/A
1N/Aifdef(`_BITDOMAIN_TABLE_', `dnl
1N/A# handle BITNET mapping
1N/AR$* < @ $+ .BITNET > $* $: $1 < @ $(bitdomain $2 $: $2.BITNET $) > $3', `dnl')
1N/A
1N/Aifdef(`_UUDOMAIN_TABLE_', `dnl
1N/A# handle UUCP mapping
1N/AR$* < @ $+ .UUCP > $* $: $1 < @ $(uudomain $2 $: $2.UUCP $) > $3', `dnl')
1N/A
1N/Aifdef(`_NO_UUCP_', `dnl',
1N/A`ifdef(`UUCP_RELAY',
1N/A`# pass UUCP addresses straight through
1N/AR$* < @ $+ . UUCP > $* $@ $1 < @ $2 . UUCP . > $3',
1N/A`# if really UUCP, handle it immediately
1N/Aifdef(`_CLASS_U_',
1N/A`R$* < @ $=U . UUCP > $* $@ $1 < @ $2 . UUCP . > $3', `dnl')
1N/Aifdef(`_CLASS_V_',
1N/A`R$* < @ $=V . UUCP > $* $@ $1 < @ $2 . UUCP . > $3', `dnl')
1N/Aifdef(`_CLASS_W_',
1N/A`R$* < @ $=W . UUCP > $* $@ $1 < @ $2 . UUCP . > $3', `dnl')
1N/Aifdef(`_CLASS_X_',
1N/A`R$* < @ $=X . UUCP > $* $@ $1 < @ $2 . UUCP . > $3', `dnl')
1N/Aifdef(`_CLASS_Y_',
1N/A`R$* < @ $=Y . UUCP > $* $@ $1 < @ $2 . UUCP . > $3', `dnl')
1N/A
1N/Aifdef(`_NO_CANONIFY_', `dnl', `dnl
1N/A# try UUCP traffic as a local address
1N/AR$* < @ $+ . UUCP > $* $: $1 < @ $[ $2 $] . UUCP . > $3
1N/AR$* < @ $+ . . UUCP . > $* $@ $1 < @ $2 . > $3')
1N/A')')
1N/A# hostnames ending in class P are always canonical
1N/AR$* < @ $* $=P > $* $: $1 < @ $2 $3 . > $4
1N/Adnl apply the next rule only for hostnames not in class P
1N/Adnl this even works for phrases in class P since . is in class P
1N/Adnl which daemon flags are set?
1N/AR$* < @ $* $~P > $* $: $&{daemon_flags} $| $1 < @ $2 $3 > $4
1N/Adnl the other rules in this section only apply if the hostname
1N/Adnl does not end in class P hence no further checks are done here
1N/Adnl if this ever changes make sure the lookups are "protected" again!
1N/Aifdef(`_NO_CANONIFY_', `dnl
1N/Adnl do not canonify unless:
1N/Adnl domain ends in class {Canonify} (this does not work if the intersection
1N/Adnl with class P is non-empty)
1N/Adnl or {daemon_flags} has c set
1N/A# pass to name server to make hostname canonical if in class {Canonify}
1N/AR$* $| $* < @ $* $={Canonify} > $* $: $2 < @ $[ $3 $4 $] > $5
1N/A# pass to name server to make hostname canonical if requested
1N/AR$* c $* $| $* < @ $* > $* $: $3 < @ $[ $4 $] > $5
1N/Adnl trailing dot? -> do not apply _CANONIFY_HOSTS_
1N/AR$* $| $* < @ $+ . > $* $: $2 < @ $3 . > $4
1N/A# add a trailing dot to qualified hostnames so other rules will work
1N/AR$* $| $* < @ $+.$+ > $* $: $2 < @ $3.$4 . > $5
1N/Aifdef(`_CANONIFY_HOSTS_', `dnl
1N/Adnl this should only apply to unqualified hostnames
1N/Adnl but if a valid character inside an unqualified hostname is an OperatorChar
1N/Adnl then $- does not work.
1N/A# lookup unqualified hostnames
1N/AR$* $| $* < @ $* > $* $: $2 < @ $[ $3 $] > $4', `dnl')', `dnl
1N/Adnl _NO_CANONIFY_ is not set: canonify unless:
1N/Adnl {daemon_flags} contains CC (do not canonify)
1N/Adnl but add a trailing dot to qualified hostnames so other rules will work
1N/Adnl should we do this for every hostname: even unqualified?
1N/AR$* CC $* $| $* < @ $+.$+ > $* $: $3 < @ $4.$5 . > $6
1N/AR$* CC $* $| $* $: $3
1N/Aifdef(`_FFR_NOCANONIFY_HEADERS', `dnl
1N/A# do not canonify header addresses
1N/AR$* $| $* < @ $* $~P > $* $: $&{addr_type} $| $2 < @ $3 $4 > $5
1N/AR$* h $* $| $* < @ $+.$+ > $* $: $3 < @ $4.$5 . > $6
1N/AR$* h $* $| $* $: $3', `dnl')
1N/A# pass to name server to make hostname canonical
1N/AR$* $| $* < @ $* > $* $: $2 < @ $[ $3 $] > $4')
1N/Adnl remove {daemon_flags} for other cases
1N/AR$* $| $* $: $2
1N/A
1N/A# local host aliases and pseudo-domains are always canonical
1N/AR$* < @ $=w > $* $: $1 < @ $2 . > $3
1N/Aifdef(`_MASQUERADE_ENTIRE_DOMAIN_',
1N/A`R$* < @ $* $=M > $* $: $1 < @ $2 $3 . > $4',
1N/A`R$* < @ $=M > $* $: $1 < @ $2 . > $3')
1N/Aifdef(`_VIRTUSER_TABLE_', `dnl
1N/Adnl virtual hosts are also canonical
1N/Aifdef(`_VIRTUSER_ENTIRE_DOMAIN_',
1N/A`R$* < @ $* $={VirtHost} > $* $: $1 < @ $2 $3 . > $4',
1N/A`R$* < @ $={VirtHost} > $* $: $1 < @ $2 . > $3')',
1N/A`dnl')
1N/Aifdef(`_GENERICS_TABLE_', `dnl
1N/Adnl hosts for genericstable are also canonical
1N/Aifdef(`_GENERICS_ENTIRE_DOMAIN_',
1N/A`R$* < @ $* $=G > $* $: $1 < @ $2 $3 . > $4',
1N/A`R$* < @ $=G > $* $: $1 < @ $2 . > $3')',
1N/A`dnl')
1N/Adnl remove superfluous dots (maybe repeatedly) which may have been added
1N/Adnl by one of the rules before
1N/AR$* < @ $* . . > $* $1 < @ $2 . > $3
1N/A
1N/A
1N/A##################################################
1N/A### Ruleset 4 -- Final Output Post-rewriting ###
1N/A##################################################
1N/ASfinal=4
1N/A
1N/AR$+ :; <@> $@ $1 : handle <list:;>
1N/AR$* <@> $@ handle <> and list:;
1N/A
1N/A# strip trailing dot off possibly canonical name
1N/AR$* < @ $+ . > $* $1 < @ $2 > $3
1N/A
1N/A# eliminate internal code
1N/AR$* < @ *LOCAL* > $* $1 < @ $j > $2
1N/A
1N/A# externalize local domain info
1N/AR$* < $+ > $* $1 $2 $3 defocus
1N/AR@ $+ : @ $+ : $+ @ $1 , @ $2 : $3 <route-addr> canonical
1N/AR@ $* $@ @ $1 ... and exit
1N/A
1N/Aifdef(`_NO_UUCP_', `dnl',
1N/A`# UUCP must always be presented in old form
1N/AR$+ @ $- . UUCP $2!$1 u@h.UUCP => h!u')
1N/A
1N/Aifdef(`_USE_DECNET_SYNTAX_',
1N/A`# put DECnet back in :: form
1N/AR$+ @ $+ . DECNET $2 :: $1 u@h.DECNET => h::u',
1N/A `dnl')
1N/A# delete duplicate local names
1N/AR$+ % $=w @ $=w $1 @ $2 u%host@host => u@host
1N/A
1N/A
1N/A
1N/A##############################################################
1N/A### Ruleset 97 -- recanonicalize and call ruleset zero ###
1N/A### (used for recursive calls) ###
1N/A##############################################################
1N/A
1N/ASRecurse=97
1N/AR$* $: $>canonify $1
1N/AR$* $@ $>parse $1
1N/A
1N/A
1N/A######################################
1N/A### Ruleset 0 -- Parse Address ###
1N/A######################################
1N/A
1N/ASparse=0
1N/A
1N/AR$* $: $>Parse0 $1 initial parsing
1N/AR<@> $#_LOCAL_ $: <@> special case error msgs
1N/AR$* $: $>ParseLocal $1 handle local hacks
1N/AR$* $: $>Parse1 $1 final parsing
1N/A
1N/A#
1N/A# Parse0 -- do initial syntax checking and eliminate local addresses.
1N/A# This should either return with the (possibly modified) input
1N/A# or return with a #error mailer. It should not return with a
1N/A# #mailer other than the #error mailer.
1N/A#
1N/A
1N/ASParse0
1N/AR<@> $@ <@> special case error msgs
1N/AR$* : $* ; <@> $#error $@ 5.1.3 $: "_CODE553 List:; syntax illegal for recipient addresses"
1N/AR@ <@ $* > < @ $1 > catch "@@host" bogosity
1N/AR<@ $+> $#error $@ 5.1.3 $: "_CODE553 User address required"
1N/AR$+ <@> $#error $@ 5.1.3 $: "_CODE553 Hostname required"
1N/AR$* $: <> $1
1N/Adnl allow tricks like [host1]:[host2]
1N/AR<> $* < @ [ $* ] : $+ > $* $1 < @ [ $2 ] : $3 > $4
1N/AR<> $* < @ [ $* ] , $+ > $* $1 < @ [ $2 ] , $3 > $4
1N/Adnl but no a@[b]c
1N/AR<> $* < @ [ $* ] $+ > $* $#error $@ 5.1.2 $: "_CODE553 Invalid address"
1N/AR<> $* < @ [ $+ ] > $* $1 < @ [ $2 ] > $3
1N/AR<> $* <$* : $* > $* $#error $@ 5.1.3 $: "_CODE553 Colon illegal in host name part"
1N/AR<> $* $1
1N/AR$* < @ . $* > $* $#error $@ 5.1.2 $: "_CODE553 Invalid host name"
1N/AR$* < @ $* .. $* > $* $#error $@ 5.1.2 $: "_CODE553 Invalid host name"
1N/Adnl no a@b@
1N/AR$* < @ $* @ > $* $#error $@ 5.1.2 $: "_CODE553 Invalid route address"
1N/Adnl no a@b@c
1N/AR$* @ $* < @ $* > $* $#error $@ 5.1.3 $: "_CODE553 Invalid route address"
1N/Adnl comma only allowed before @; this check is not complete
1N/AR$* , $~O $* $#error $@ 5.1.3 $: "_CODE553 Invalid route address"
1N/A
1N/Aifdef(`_STRICT_RFC821_', `# more RFC 821 checks
1N/AR$* . < @ $* > $* $#error $@ 5.1.2 $: "_CODE553 Local part must not end with a dot"
1N/AR. $* < @ $* > $* $#error $@ 5.1.2 $: "_CODE553 Local part must not begin with a dot"
1N/Adnl', `dnl')
1N/A
1N/A# now delete the local info -- note $=O to find characters that cause forwarding
1N/AR$* < @ > $* $@ $>Parse0 $>canonify $1 user@ => user
1N/AR< @ $=w . > : $* $@ $>Parse0 $>canonify $2 @here:... -> ...
1N/AR$- < @ $=w . > $: $(dequote $1 $) < @ $2 . > dequote "foo"@here
1N/AR< @ $+ > $#error $@ 5.1.3 $: "_CODE553 User address required"
1N/AR$* $=O $* < @ $=w . > $@ $>Parse0 $>canonify $1 $2 $3 ...@here -> ...
1N/AR$- $: $(dequote $1 $) < @ *LOCAL* > dequote "foo"
1N/AR< @ *LOCAL* > $#error $@ 5.1.3 $: "_CODE553 User address required"
1N/AR$* $=O $* < @ *LOCAL* >
1N/A $@ $>Parse0 $>canonify $1 $2 $3 ...@*LOCAL* -> ...
1N/AR$* < @ *LOCAL* > $: $1
1N/A
1N/A#
1N/A# Parse1 -- the bottom half of ruleset 0.
1N/A#
1N/A
1N/ASParse1
1N/Aifdef(`_LDAP_ROUTING_', `dnl
1N/A# handle LDAP routing for hosts in $={LDAPRoute}
1N/AR$+ < @ $={LDAPRoute} . > $: $>LDAPExpand <$1 < @ $2 . >> <$1 @ $2> <>
1N/AR$+ < @ $={LDAPRouteEquiv} . > $: $>LDAPExpand <$1 < @ $2 . >> <$1 @ $M> <>',
1N/A`dnl')
1N/A
1N/Aifdef(`_MAILER_smtp_',
1N/A`# handle numeric address spec
1N/Adnl there is no check whether this is really an IP number
1N/AR$* < @ [ $+ ] > $* $: $>ParseLocal $1 < @ [ $2 ] > $3 numeric internet spec
1N/AR$* < @ [ $+ ] > $* $: $1 < @ [ $2 ] : $S > $3 Add smart host to path
1N/AR$* < @ [ $+ ] : > $* $#_SMTP_ $@ [$2] $: $1 < @ [$2] > $3 no smarthost: send
1N/AR$* < @ [ $+ ] : $- : $*> $* $#$3 $@ $4 $: $1 < @ [$2] > $5 smarthost with mailer
1N/AR$* < @ [ $+ ] : $+ > $* $#_SMTP_ $@ $3 $: $1 < @ [$2] > $4 smarthost without mailer',
1N/A `dnl')
1N/A
1N/Aifdef(`_VIRTUSER_TABLE_', `dnl
1N/A# handle virtual users
1N/Aifdef(`_VIRTUSER_STOP_ONE_LEVEL_RECURSION_',`dnl
1N/Adnl this is not a documented option
1N/Adnl it stops looping in virtusertable mapping if input and output
1N/Adnl are identical, i.e., if address A is mapped to A.
1N/Adnl it does not deal with multi-level recursion
1N/A# handle full domains in RHS of virtusertable
1N/AR$+ < @ $+ > $: $(macro {RecipientAddress} $) $1 < @ $2 >
1N/AR$+ < @ $+ > $: <?> $1 < @ $2 > $| $>final $1 < @ $2 >
1N/AR<?> $+ $| $+ $: $1 $(macro {RecipientAddress} $@ $2 $)
1N/AR<?> $+ $| $* $: $1',
1N/A`dnl')
1N/AR$+ $: <!> $1 Mark for lookup
1N/Adnl input: <!> local<@domain>
1N/Aifdef(`_VIRTUSER_ENTIRE_DOMAIN_',
1N/A`R<!> $+ < @ $* $={VirtHost} . > $: < $(virtuser $1 @ $2 $3 $@ $1 $: @ $) > $1 < @ $2 $3 . >',
1N/A`R<!> $+ < @ $={VirtHost} . > $: < $(virtuser $1 @ $2 $@ $1 $: @ $) > $1 < @ $2 . >')
1N/Adnl input: <result-of-lookup | @> local<@domain> | <!> local<@domain>
1N/AR<!> $+ < @ $=w . > $: < $(virtuser $1 @ $2 $@ $1 $: @ $) > $1 < @ $2 . >
1N/Adnl if <@> local<@domain>: no match but try lookup
1N/Adnl user+detail: try user++@domain if detail not empty
1N/AR<@> $+ + $+ < @ $* . >
1N/A $: < $(virtuser $1 + + @ $3 $@ $1 $@ $2 $@ +$2 $: @ $) > $1 + $2 < @ $3 . >
1N/Adnl user+detail: try user+*@domain
1N/AR<@> $+ + $* < @ $* . >
1N/A $: < $(virtuser $1 + * @ $3 $@ $1 $@ $2 $@ +$2 $: @ $) > $1 + $2 < @ $3 . >
1N/Adnl user+detail: try user@domain
1N/AR<@> $+ + $* < @ $* . >
1N/A $: < $(virtuser $1 @ $3 $@ $1 $@ $2 $@ +$2 $: @ $) > $1 + $2 < @ $3 . >
1N/Adnl try default entry: @domain
1N/Adnl ++@domain
1N/AR<@> $+ + $+ < @ $+ . > $: < $(virtuser + + @ $3 $@ $1 $@ $2 $@ +$2 $: @ $) > $1 + $2 < @ $3 . >
1N/Adnl +*@domain
1N/AR<@> $+ + $* < @ $+ . > $: < $(virtuser + * @ $3 $@ $1 $@ $2 $@ +$2 $: @ $) > $1 + $2 < @ $3 . >
1N/Adnl @domain if +detail exists
1N/Adnl if no match, change marker to prevent a second @domain lookup
1N/AR<@> $+ + $* < @ $+ . > $: < $(virtuser @ $3 $@ $1 $@ $2 $@ +$2 $: ! $) > $1 + $2 < @ $3 . >
1N/Adnl without +detail
1N/AR<@> $+ < @ $+ . > $: < $(virtuser @ $2 $@ $1 $: @ $) > $1 < @ $2 . >
1N/Adnl no match
1N/AR<@> $+ $: $1
1N/Adnl remove mark
1N/AR<!> $+ $: $1
1N/AR< error : $-.$-.$- : $+ > $* $#error $@ $1.$2.$3 $: $4
1N/AR< error : $- $+ > $* $#error $@ $(dequote $1 $) $: $2
1N/Aifdef(`_VIRTUSER_STOP_ONE_LEVEL_RECURSION_',`dnl
1N/A# check virtuser input address against output address, if same, skip recursion
1N/AR< $+ > $+ < @ $+ > $: < $1 > $2 < @ $3 > $| $1
1N/A# it is the same: stop now
1N/AR< $+ > $+ < @ $+ > $| $&{RecipientAddress} $: $>ParseLocal $>Parse0 $>canonify $1
1N/AR< $+ > $+ < @ $+ > $| $* $: < $1 > $2 < @ $3 >
1N/Adnl', `dnl')
1N/Adnl this is not a documented option
1N/Adnl it performs no looping at all for virtusertable
1N/Aifdef(`_NO_VIRTUSER_RECURSION_',
1N/A`R< $+ > $+ < @ $+ > $: $>ParseLocal $>Parse0 $>canonify $1',
1N/A`R< $+ > $+ < @ $+ > $: $>Recurse $1')
1N/Adnl', `dnl')
1N/A
1N/A# short circuit local delivery so forwarded email works
1N/Aifdef(`_MAILER_usenet_', `dnl
1N/AR$+ . USENET < @ $=w . > $#usenet $@ usenet $: $1 handle usenet specially', `dnl')
1N/A
1N/A
1N/Aifdef(`_STICKY_LOCAL_DOMAIN_',
1N/A`R$+ < @ $=w . > $: < $H > $1 < @ $2 . > first try hub
1N/AR< $+ > $+ < $+ > $>MailerToTriple < $1 > $2 < $3 > yep ....
1N/Adnl $H empty (but @$=w.)
1N/AR< > $+ + $* < $+ > $#_LOCAL_ $: $1 + $2 plussed name?
1N/AR< > $+ < $+ > $#_LOCAL_ $: @ $1 nope, local address',
1N/A`R$=L < @ $=w . > $#_LOCAL_ $: @ $1 special local names
1N/AR$+ < @ $=w . > $#_LOCAL_ $: $1 regular local name')
1N/A
1N/Aifdef(`_MAILER_TABLE_', `dnl
1N/A# not local -- try mailer table lookup
1N/AR$* <@ $+ > $* $: < $2 > $1 < @ $2 > $3 extract host name
1N/AR< $+ . > $* $: < $1 > $2 strip trailing dot
1N/AR< $+ > $* $: < $(mailertable $1 $) > $2 lookup
1N/Adnl it is $~[ instead of $- to avoid matches on IPv6 addresses
1N/AR< $~[ : $* > $* $>MailerToTriple < $1 : $2 > $3 check -- resolved?
1N/AR< $+ > $* $: $>Mailertable <$1> $2 try domain',
1N/A`dnl')
1N/Aundivert(4)dnl UUCP rules from `MAILER(uucp)'
1N/A
1N/Aifdef(`_NO_UUCP_', `dnl',
1N/A`# resolve remotely connected UUCP links (if any)
1N/Aifdef(`_CLASS_V_',
1N/A`R$* < @ $=V . UUCP . > $* $: $>MailerToTriple < $V > $1 <@$2.UUCP.> $3',
1N/A `dnl')
1N/Aifdef(`_CLASS_W_',
1N/A`R$* < @ $=W . UUCP . > $* $: $>MailerToTriple < $W > $1 <@$2.UUCP.> $3',
1N/A `dnl')
1N/Aifdef(`_CLASS_X_',
1N/A`R$* < @ $=X . UUCP . > $* $: $>MailerToTriple < $X > $1 <@$2.UUCP.> $3',
1N/A `dnl')')
1N/A
1N/A# resolve fake top level domains by forwarding to other hosts
1N/Aifdef(`BITNET_RELAY',
1N/A`R$*<@$+.BITNET.>$* $: $>MailerToTriple < $B > $1 <@$2.BITNET.> $3 user@host.BITNET',
1N/A `dnl')
1N/Aifdef(`DECNET_RELAY',
1N/A`R$*<@$+.DECNET.>$* $: $>MailerToTriple < $C > $1 <@$2.DECNET.> $3 user@host.DECNET',
1N/A `dnl')
1N/Aifdef(`_MAILER_pop_',
1N/A`R$+ < @ POP. > $#pop $: $1 user@POP',
1N/A `dnl')
1N/Aifdef(`_MAILER_fax_',
1N/A`R$+ < @ $+ .FAX. > $#fax $@ $2 $: $1 user@host.FAX',
1N/A`ifdef(`FAX_RELAY',
1N/A`R$*<@$+.FAX.>$* $: $>MailerToTriple < $F > $1 <@$2.FAX.> $3 user@host.FAX',
1N/A `dnl')')
1N/A
1N/Aifdef(`UUCP_RELAY',
1N/A`# forward non-local UUCP traffic to our UUCP relay
1N/AR$*<@$*.UUCP.>$* $: $>MailerToTriple < $Y > $1 <@$2.UUCP.> $3 uucp mail',
1N/A`ifdef(`_MAILER_uucp_',
1N/A`# forward other UUCP traffic straight to UUCP
1N/AR$* < @ $+ .UUCP. > $* $#_UUCP_ $@ $2 $: $1 < @ $2 .UUCP. > $3 user@host.UUCP',
1N/A `dnl')')
1N/Aifdef(`_MAILER_usenet_', `
1N/A# addresses sent to net.group.USENET will get forwarded to a newsgroup
1N/AR$+ . USENET $#usenet $@ usenet $: $1',
1N/A `dnl')
1N/A
1N/Aifdef(`_LOCAL_RULES_',
1N/A`# figure out what should stay in our local mail system
1N/Aundivert(1)', `dnl')
1N/A
1N/A# pass names that still have a host to a smarthost (if defined)
1N/AR$* < @ $* > $* $: $>MailerToTriple < $S > $1 < @ $2 > $3 glue on smarthost name
1N/A
1N/A# deal with other remote names
1N/Aifdef(`_MAILER_smtp_',
1N/A`R$* < @$* > $* $#_SMTP_ $@ $2 $: $1 < @ $2 > $3 user@host.domain',
1N/A`R$* < @$* > $* $#error $@ 5.1.2 $: "_CODE553 Unrecognized host name " $2')
1N/A
1N/A# handle locally delivered names
1N/AR$=L $#_LOCAL_ $: @ $1 special local names
1N/AR$+ $#_LOCAL_ $: $1 regular local names
1N/A
1N/A###########################################################################
1N/A### Ruleset 5 -- special rewriting after aliases have been expanded ###
1N/A###########################################################################
1N/A
1N/ASLocal_localaddr
1N/ASlocaladdr=5
1N/AR$+ $: $1 $| $>"Local_localaddr" $1
1N/AR$+ $| $#ok $@ $1 no change
1N/AR$+ $| $#$* $#$2
1N/AR$+ $| $* $: $1
1N/A
1N/Aifdef(`_PRESERVE_LUSER_HOST_', `dnl
1N/A# Preserve rcpt_host in {Host}
1N/AR$+ $: $1 $| $&h $| $&{Host} check h and {Host}
1N/AR$+ $| $| $: $(macro {Host} $@ $) $1 no h or {Host}
1N/AR$+ $| $| $+ $: $1 h not set, {Host} set
1N/AR$+ $| +$* $| $* $: $1 h is +detail, {Host} set
1N/AR$+ $| $* @ $+ $| $* $: $(macro {Host} $@ @$3 $) $1 set {Host} to host in h
1N/AR$+ $| $+ $| $* $: $(macro {Host} $@ @$2 $) $1 set {Host} to h
1N/A')dnl
1N/A
1N/Aifdef(`_FFR_5_', `dnl
1N/A# Preserve host in a macro
1N/AR$+ $: $(macro {LocalAddrHost} $) $1
1N/AR$+ @ $+ $: $(macro {LocalAddrHost} $@ @ $2 $) $1')
1N/A
1N/Aifdef(`_PRESERVE_LOCAL_PLUS_DETAIL_', `', `dnl
1N/A# deal with plussed users so aliases work nicely
1N/AR$+ + * $#_LOCAL_ $@ $&h $: $1`'ifdef(`_FFR_5_', ` $&{LocalAddrHost}')
1N/AR$+ + $* $#_LOCAL_ $@ + $2 $: $1 + *`'ifdef(`_FFR_5_', ` $&{LocalAddrHost}')
1N/A')
1N/A# prepend an empty "forward host" on the front
1N/AR$+ $: <> $1
1N/A
1N/Aifdef(`LUSER_RELAY', `dnl
1N/A# send unrecognized local users to a relay host
1N/Aifdef(`_PRESERVE_LOCAL_PLUS_DETAIL_', `dnl
1N/AR< > $+ + $* $: < ? $L > <+ $2> $(user $1 $) look up user+
1N/AR< > $+ $: < ? $L > < > $(user $1 $) look up user
1N/AR< ? $* > < $* > $+ <> $: < > $3 $2 found; strip $L
1N/AR< ? $* > < $* > $+ $: < $1 > $3 $2 not found', `
1N/AR< > $+ $: < $L > $(user $1 $) look up user
1N/AR< $* > $+ <> $: < > $2 found; strip $L')
1N/Aifdef(`_PRESERVE_LUSER_HOST_', `dnl
1N/AR< $+ > $+ $: < $1 > $2 $&{Host}')
1N/Adnl')
1N/A
1N/Aifdef(`MAIL_HUB', `dnl
1N/AR< > $+ $: < $H > $1 try hub', `dnl')
1N/Aifdef(`LOCAL_RELAY', `dnl
1N/AR< > $+ $: < $R > $1 try relay', `dnl')
1N/Aifdef(`_PRESERVE_LOCAL_PLUS_DETAIL_', `dnl
1N/AR< > $+ $@ $1', `dnl
1N/AR< > $+ $: < > < $1 <> $&h > nope, restore +detail
1N/Aifdef(`_PRESERVE_LUSER_HOST_', `dnl
1N/AR< > < $+ @ $+ <> + $* > $: < > < $1 + $3 @ $2 > check whether +detail')
1N/AR< > < $+ <> + $* > $: < > < $1 + $2 > check whether +detail
1N/AR< > < $+ <> $* > $: < > < $1 > else discard
1N/AR< > < $+ + $* > $* < > < $1 > + $2 $3 find the user part
1N/AR< > < $+ > + $* $#_LOCAL_ $@ $2 $: @ $1`'ifdef(`_FFR_5_', ` $&{LocalAddrHost}') strip the extra +
1N/AR< > < $+ > $@ $1 no +detail
1N/AR$+ $: $1 <> $&h add +detail back in
1N/Aifdef(`_PRESERVE_LUSER_HOST_', `dnl
1N/AR$+ @ $+ <> + $* $: $1 + $3 @ $2 check whether +detail')
1N/AR$+ <> + $* $: $1 + $2 check whether +detail
1N/AR$+ <> $* $: $1 else discard')
1N/AR< local : $* > $* $: $>MailerToTriple < local : $1 > $2 no host extension
1N/AR< error : $* > $* $: $>MailerToTriple < error : $1 > $2 no host extension
1N/Aifdef(`_PRESERVE_LUSER_HOST_', `dnl
1N/Adnl it is $~[ instead of $- to avoid matches on IPv6 addresses
1N/AR< $~[ : $+ > $+ @ $+ $: $>MailerToTriple < $1 : $2 > $3 < @ $4 >')
1N/AR< $~[ : $+ > $+ $: $>MailerToTriple < $1 : $2 > $3 < @ $2 >
1N/Aifdef(`_PRESERVE_LUSER_HOST_', `dnl
1N/AR< $+ > $+ @ $+ $@ $>MailerToTriple < $1 > $2 < @ $3 >')
1N/AR< $+ > $+ $@ $>MailerToTriple < $1 > $2 < @ $1 >
1N/A
1N/Aifdef(`_MAILER_TABLE_', `dnl
1N/Aifdef(`_LDAP_ROUTING_', `dnl
1N/A###################################################################
1N/A### Ruleset LDAPMailertable -- mailertable lookup for LDAP ###
1N/Adnl input: <Domain> FullAddress
1N/A###################################################################
1N/A
1N/ASLDAPMailertable
1N/AR< $+ > $* $: < $(mailertable $1 $) > $2 lookup
1N/AR< $~[ : $* > $* $>MailerToTriple < $1 : $2 > $3 check resolved?
1N/AR< $+ > $* $: < $1 > $>Mailertable <$1> $2 try domain
1N/AR< $+ > $#$* $#$2 found
1N/AR< $+ > $* $#_RELAY_ $@ $1 $: $2 not found, direct relay',
1N/A`dnl')
1N/A
1N/A###################################################################
1N/A### Ruleset 90 -- try domain part of mailertable entry ###
1N/Adnl input: LeftPartOfDomain <RightPartOfDomain> FullAddress
1N/A###################################################################
1N/A
1N/ASMailertable=90
1N/Adnl shift and check
1N/Adnl %2 is not documented in cf/README
1N/AR$* <$- . $+ > $* $: $1$2 < $(mailertable .$3 $@ $1$2 $@ $2 $) > $4
1N/Adnl it is $~[ instead of $- to avoid matches on IPv6 addresses
1N/AR$* <$~[ : $* > $* $>MailerToTriple < $2 : $3 > $4 check -- resolved?
1N/AR$* < . $+ > $* $@ $>Mailertable $1 . <$2> $3 no -- strip & try again
1N/Adnl is $2 always empty?
1N/AR$* < $* > $* $: < $(mailertable . $@ $1$2 $) > $3 try "."
1N/AR< $~[ : $* > $* $>MailerToTriple < $1 : $2 > $3 "." found?
1N/Adnl return full address
1N/AR< $* > $* $@ $2 no mailertable match',
1N/A`dnl')
1N/A
1N/A###################################################################
1N/A### Ruleset 95 -- canonify mailer:[user@]host syntax to triple ###
1N/Adnl input: in general: <[mailer:]host> lp<@domain>rest
1N/Adnl <> address -> address
1N/Adnl <error:d.s.n:text> -> error
1N/Adnl <error:keyword:text> -> error
1N/Adnl <error:text> -> error
1N/Adnl <mailer:user@host> lp<@domain>rest -> mailer host user
1N/Adnl <mailer:host> address -> mailer host address
1N/Adnl <localdomain> address -> address
1N/Adnl <host> address -> relay host address
1N/A###################################################################
1N/A
1N/ASMailerToTriple=95
1N/AR< > $* $@ $1 strip off null relay
1N/AR< error : $-.$-.$- : $+ > $* $#error $@ $1.$2.$3 $: $4
1N/AR< error : $- : $+ > $* $#error $@ $(dequote $1 $) $: $2
1N/AR< error : $+ > $* $#error $: $1
1N/AR< local : $* > $* $>CanonLocal < $1 > $2
1N/Adnl it is $~[ instead of $- to avoid matches on IPv6 addresses
1N/AR< $~[ : $+ @ $+ > $*<$*>$* $# $1 $@ $3 $: $2<@$3> use literal user
1N/AR< $~[ : $+ > $* $# $1 $@ $2 $: $3 try qualified mailer
1N/AR< $=w > $* $@ $2 delete local host
1N/AR< $+ > $* $#_RELAY_ $@ $1 $: $2 use unqualified mailer
1N/A
1N/A###################################################################
1N/A### Ruleset CanonLocal -- canonify local: syntax ###
1N/Adnl input: <user> address
1N/Adnl <x> <@host> : rest -> Recurse rest
1N/Adnl <x> p1 $=O p2 <@host> -> Recurse p1 $=O p2
1N/Adnl <> user <@host> rest -> local user@host user
1N/Adnl <> user -> local user user
1N/Adnl <user@host> lp <@domain> rest -> <user> lp <@host> [cont]
1N/Adnl <user> lp <@host> rest -> local lp@host user
1N/Adnl <user> lp -> local lp user
1N/A###################################################################
1N/A
1N/ASCanonLocal
1N/A# strip local host from routed addresses
1N/AR< $* > < @ $+ > : $+ $@ $>Recurse $3
1N/AR< $* > $+ $=O $+ < @ $+ > $@ $>Recurse $2 $3 $4
1N/A
1N/A# strip trailing dot from any host name that may appear
1N/AR< $* > $* < @ $* . > $: < $1 > $2 < @ $3 >
1N/A
1N/A# handle local: syntax -- use old user, either with or without host
1N/AR< > $* < @ $* > $* $#_LOCAL_ $@ $1@$2 $: $1
1N/AR< > $+ $#_LOCAL_ $@ $1 $: $1
1N/A
1N/A# handle local:user@host syntax -- ignore host part
1N/AR< $+ @ $+ > $* < @ $* > $: < $1 > $3 < @ $4 >
1N/A
1N/A# handle local:user syntax
1N/AR< $+ > $* <@ $* > $* $#_LOCAL_ $@ $2@$3 $: $1
1N/AR< $+ > $* $#_LOCAL_ $@ $2 $: $1
1N/A
1N/A###################################################################
1N/A### Ruleset 93 -- convert header names to masqueraded form ###
1N/A###################################################################
1N/A
1N/ASMasqHdr=93
1N/A
1N/Aifdef(`_GENERICS_TABLE_', `dnl
1N/A# handle generics database
1N/Aifdef(`_GENERICS_ENTIRE_DOMAIN_',
1N/Adnl if generics should be applied add a @ as mark
1N/A`R$+ < @ $* $=G . > $: < $1@$2$3 > $1 < @ $2$3 . > @ mark',
1N/A`R$+ < @ $=G . > $: < $1@$2 > $1 < @ $2 . > @ mark')
1N/AR$+ < @ *LOCAL* > $: < $1@$j > $1 < @ *LOCAL* > @ mark
1N/Adnl workspace: either user<@domain> or <user@domain> user <@domain> @
1N/Adnl ignore the first case for now
1N/Adnl if it has the mark lookup full address
1N/Adnl broken: %1 is full address not just detail
1N/AR< $+ > $+ < $* > @ $: < $(generics $1 $: @ $1 $) > $2 < $3 >
1N/Adnl workspace: ... or <match|@user@domain> user <@domain>
1N/Adnl no match, try user+detail@domain
1N/AR<@$+ + $* @ $+> $+ < @ $+ >
1N/A $: < $(generics $1+*@$3 $@ $2 $:@$1 + $2@$3 $) > $4 < @ $5 >
1N/AR<@$+ + $* @ $+> $+ < @ $+ >
1N/A $: < $(generics $1@$3 $: $) > $4 < @ $5 >
1N/Adnl no match, remove mark
1N/AR<@$+ > $+ < @ $+ > $: < > $2 < @ $3 >
1N/Adnl no match, try @domain for exceptions
1N/AR< > $+ < @ $+ . > $: < $(generics @$2 $@ $1 $: $) > $1 < @ $2 . >
1N/Adnl workspace: ... or <match> user <@domain>
1N/Adnl no match, try local part
1N/AR< > $+ < @ $+ > $: < $(generics $1 $: $) > $1 < @ $2 >
1N/AR< > $+ + $* < @ $+ > $: < $(generics $1+* $@ $2 $: $) > $1 + $2 < @ $3 >
1N/AR< > $+ + $* < @ $+ > $: < $(generics $1 $: $) > $1 + $2 < @ $3 >
1N/AR< $* @ $* > $* < $* > $@ $>canonify $1 @ $2 found qualified
1N/AR< $+ > $* < $* > $: $>canonify $1 @ *LOCAL* found unqualified
1N/AR< > $* $: $1 not found',
1N/A`dnl')
1N/A
1N/A# do not masquerade anything in class N
1N/AR$* < @ $* $=N . > $@ $1 < @ $2 $3 . >
1N/A
1N/Aifdef(`MASQUERADE_NAME', `dnl
1N/A# special case the users that should be exposed
1N/AR$=E < @ *LOCAL* > $@ $1 < @ $j . > leave exposed
1N/Aifdef(`_MASQUERADE_ENTIRE_DOMAIN_',
1N/A`R$=E < @ $* $=M . > $@ $1 < @ $2 $3 . >',
1N/A`R$=E < @ $=M . > $@ $1 < @ $2 . >')
1N/Aifdef(`_LIMITED_MASQUERADE_', `dnl',
1N/A`R$=E < @ $=w . > $@ $1 < @ $2 . >')
1N/A
1N/A# handle domain-specific masquerading
1N/Aifdef(`_MASQUERADE_ENTIRE_DOMAIN_',
1N/A`R$* < @ $* $=M . > $* $: $1 < @ $2 $3 . @ $M > $4 convert masqueraded doms',
1N/A`R$* < @ $=M . > $* $: $1 < @ $2 . @ $M > $3 convert masqueraded doms')
1N/Aifdef(`_LIMITED_MASQUERADE_', `dnl',
1N/A`R$* < @ $=w . > $* $: $1 < @ $2 . @ $M > $3')
1N/AR$* < @ *LOCAL* > $* $: $1 < @ $j . @ $M > $2
1N/AR$* < @ $+ @ > $* $: $1 < @ $2 > $3 $M is null
1N/AR$* < @ $+ @ $+ > $* $: $1 < @ $3 . > $4 $M is not null
1N/Adnl', `dnl no masquerading
1N/Adnl just fix *LOCAL* leftovers
1N/AR$* < @ *LOCAL* > $@ $1 < @ $j . >')
1N/A
1N/A###################################################################
1N/A### Ruleset 94 -- convert envelope names to masqueraded form ###
1N/A###################################################################
1N/A
1N/ASMasqEnv=94
1N/Aifdef(`_MASQUERADE_ENVELOPE_',
1N/A`R$+ $@ $>MasqHdr $1',
1N/A`R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2')
1N/A
1N/A###################################################################
1N/A### Ruleset 98 -- local part of ruleset zero (can be null) ###
1N/A###################################################################
1N/A
1N/ASParseLocal=98
1N/Aundivert(3)dnl LOCAL_RULE_0
1N/A
1N/Aifdef(`_LDAP_ROUTING_', `dnl
1N/A######################################################################
1N/A### LDAPExpand: Expand address using LDAP routing
1N/A###
1N/A### Parameters:
1N/A### <$1> -- parsed address (user < @ domain . >) (pass through)
1N/A### <$2> -- RFC822 address (user @ domain) (used for lookup)
1N/A### <$3> -- +detail information
1N/A###
1N/A### Returns:
1N/A### Mailer triplet ($#mailer $@ host $: address)
1N/A### Parsed address (user < @ domain . >)
1N/A######################################################################
1N/A
1N/A# SMTP operation modes
1N/AC{SMTPOpModes} s d D
1N/A
1N/ASLDAPExpand
1N/A# do the LDAP lookups
1N/AR<$+><$+><$*> $: <$(ldapmra $2 $: $)> <$(ldapmh $2 $: $)> <$1> <$2> <$3>
1N/A
1N/A# look for temporary failures and...
1N/AR<$* <TMPF>> <$*> <$+> <$+> <$*> $: $&{opMode} $| TMPF <$&{addr_type}> $| $3
1N/AR<$*> <$* <TMPF>> <$+> <$+> <$*> $: $&{opMode} $| TMPF <$&{addr_type}> $| $3
1N/Aifelse(_LDAP_ROUTE_MAPTEMP_, `_TEMPFAIL_', `dnl
1N/A# ... temp fail RCPT SMTP commands
1N/AR$={SMTPOpModes} $| TMPF <e r> $| $+ $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."')
1N/A# ... return original address for MTA to queue up
1N/AR$* $| TMPF <$*> $| $+ $@ $3
1N/A
1N/A# if mailRoutingAddress and local or non-existant mailHost,
1N/A# return the new mailRoutingAddress
1N/Aifelse(_LDAP_ROUTE_DETAIL_, `_PRESERVE_', `dnl
1N/AR<$+@$+> <$=w> <$+> <$+> <$*> $@ $>Parse0 $>canonify $1 $6 @ $2
1N/AR<$+@$+> <> <$+> <$+> <$*> $@ $>Parse0 $>canonify $1 $5 @ $2')
1N/AR<$+> <$=w> <$+> <$+> <$*> $@ $>Parse0 $>canonify $1
1N/AR<$+> <> <$+> <$+> <$*> $@ $>Parse0 $>canonify $1
1N/A
1N/A
1N/A# if mailRoutingAddress and non-local mailHost,
1N/A# relay to mailHost with new mailRoutingAddress
1N/Aifelse(_LDAP_ROUTE_DETAIL_, `_PRESERVE_', `dnl
1N/Aifdef(`_MAILER_TABLE_', `dnl
1N/A# check mailertable for host, relay from there
1N/AR<$+@$+> <$+> <$+> <$+> <$*> $>LDAPMailertable <$3> $>canonify $1 $6 @ $2',
1N/A`R<$+@$+> <$+> <$+> <$+> <$*> $#_RELAY_ $@ $3 $: $>canonify $1 $6 @ $2')')
1N/Aifdef(`_MAILER_TABLE_', `dnl
1N/A# check mailertable for host, relay from there
1N/AR<$+> <$+> <$+> <$+> <$*> $>LDAPMailertable <$2> $>canonify $1',
1N/A`R<$+> <$+> <$+> <$+> <$*> $#_RELAY_ $@ $2 $: $>canonify $1')
1N/A
1N/A# if no mailRoutingAddress and local mailHost,
1N/A# return original address
1N/AR<> <$=w> <$+> <$+> <$*> $@ $2
1N/A
1N/A
1N/A# if no mailRoutingAddress and non-local mailHost,
1N/A# relay to mailHost with original address
1N/Aifdef(`_MAILER_TABLE_', `dnl
1N/A# check mailertable for host, relay from there
1N/AR<> <$+> <$+> <$+> <$*> $>LDAPMailertable <$1> $2',
1N/A`R<> <$+> <$+> <$+> <$*> $#_RELAY_ $@ $1 $: $2')
1N/A
1N/Aifdef(`_LDAP_ROUTE_DETAIL_',
1N/A`# if no mailRoutingAddress and no mailHost,
1N/A# try without +detail
1N/AR<> <> <$+> <$+ + $* @ $+> <> $@ $>LDAPExpand <$1> <$2 @ $4> <+$3>')dnl
1N/A
1N/Aifdef(`_LDAP_ROUTE_NODOMAIN_', `
1N/A# pretend we did the @domain lookup
1N/AR<> <> <$+> <$+ @ $+> <$*> $: <> <> <$1> <@ $3> <$4>', `
1N/A# if still no mailRoutingAddress and no mailHost,
1N/A# try @domain
1N/Aifelse(_LDAP_ROUTE_DETAIL_, `_PRESERVE_', `dnl
1N/AR<> <> <$+> <$+ + $* @ $+> <> $@ $>LDAPExpand <$1> <@ $4> <+$3>')
1N/AR<> <> <$+> <$+ @ $+> <$*> $@ $>LDAPExpand <$1> <@ $3> <$4>')
1N/A
1N/A# if no mailRoutingAddress and no mailHost and this was a domain attempt,
1N/Aifelse(_LDAP_ROUTING_, `_MUST_EXIST_', `dnl
1N/A# user does not exist
1N/AR<> <> <$+> <@ $+> <$*> $: <?> < $&{addr_type} > < $1 >
1N/A# only give error for envelope recipient
1N/AR<?> <e r> <$+> $#error $@ nouser $: "550 User unknown"
1N/Aifdef(`_LDAP_SENDER_MUST_EXIST_', `dnl
1N/A# and the sender too
1N/AR<?> <e s> <$+> $#error $@ nouser $: "550 User unknown"')
1N/AR<?> <$*> <$+> $@ $2',
1N/A`dnl
1N/A# return the original address
1N/AR<> <> <$+> <@ $+> <$*> $@ $1')',
1N/A`dnl')
1N/A
1N/Aifelse(substr(confDELIVERY_MODE,0,1), `d', `errprint(`WARNING: Antispam rules not available in deferred delivery mode.
1N/A')')
1N/Aifdef(`_ACCESS_TABLE_', `dnl', `divert(-1)')
1N/A######################################################################
1N/A### D: LookUpDomain -- search for domain in access database
1N/A###
1N/A### Parameters:
1N/A### <$1> -- key (domain name)
1N/A### <$2> -- default (what to return if not found in db)
1N/Adnl must not be empty
1N/A### <$3> -- mark (must be <(!|+) single-token>)
1N/A### ! does lookup only with tag
1N/A### + does lookup with and without tag
1N/A### <$4> -- passthru (additional data passed unchanged through)
1N/Adnl returns: <default> <passthru>
1N/Adnl <result> <passthru>
1N/A######################################################################
1N/A
1N/ASD
1N/Adnl workspace <key> <default> <passthru> <mark>
1N/Adnl lookup with tag (in front, no delimiter here)
1N/Adnl 2 3 4 5
1N/AR<$*> <$+> <$- $-> <$*> $: < $(access $4`'_TAG_DELIM_`'$1 $: ? $) > <$1> <$2> <$3 $4> <$5>
1N/Adnl workspace <result-of-lookup|?> <key> <default> <passthru> <mark>
1N/Adnl lookup without tag?
1N/Adnl 1 2 3 4
1N/AR<?> <$+> <$+> <+ $-> <$*> $: < $(access $1 $: ? $) > <$1> <$2> <+ $3> <$4>
1N/Aifdef(`_LOOKUPDOTDOMAIN_', `dnl omit first component: lookup .rest
1N/Adnl XXX apply this also to IP addresses?
1N/Adnl currently it works the wrong way round for [1.2.3.4]
1N/Adnl 1 2 3 4 5 6
1N/AR<?> <$+.$+> <$+> <$- $-> <$*> $: < $(access $5`'_TAG_DELIM_`'.$2 $: ? $) > <$1.$2> <$3> <$4 $5> <$6>
1N/Adnl 1 2 3 4 5
1N/AR<?> <$+.$+> <$+> <+ $-> <$*> $: < $(access .$2 $: ? $) > <$1.$2> <$3> <+ $4> <$5>', `dnl')
1N/Aifdef(`_ACCESS_SKIP_', `dnl
1N/Adnl found SKIP: return <default> and <passthru>
1N/Adnl 1 2 3 4 5
1N/AR<SKIP> <$+> <$+> <$- $-> <$*> $@ <$2> <$5>', `dnl')
1N/Adnl not found: IPv4 net (no check is done whether it is an IP number!)
1N/Adnl 1 2 3 4 5 6
1N/AR<?> <[$+.$-]> <$+> <$- $-> <$*> $@ $>D <[$1]> <$3> <$4 $5> <$6>
1N/Aifdef(`NO_NETINET6', `dnl',
1N/A`dnl not found: IPv6 net
1N/Adnl (could be merged with previous rule if we have a class containing .:)
1N/Adnl 1 2 3 4 5 6
1N/AR<?> <[$+::$-]> <$+> <$- $-> <$*> $: $>D <[$1]> <$3> <$4 $5> <$6>
1N/AR<?> <[$+:$-]> <$+> <$- $-> <$*> $: $>D <[$1]> <$3> <$4 $5> <$6>')
1N/Adnl not found, but subdomain: try again
1N/Adnl 1 2 3 4 5 6
1N/AR<?> <$+.$+> <$+> <$- $-> <$*> $@ $>D <$2> <$3> <$4 $5> <$6>
1N/Aifdef(`_FFR_LOOKUPTAG_', `dnl lookup Tag:
1N/Adnl 1 2 3 4
1N/AR<?> <$+> <$+> <! $-> <$*> $: < $(access $3`'_TAG_DELIM_ $: ? $) > <$1> <$2> <! $3> <$4>', `dnl')
1N/Adnl not found, no subdomain: return <default> and <passthru>
1N/Adnl 1 2 3 4 5
1N/AR<?> <$+> <$+> <$- $-> <$*> $@ <$2> <$5>
1N/Aifdef(`_ATMPF_', `dnl tempfail?
1N/Adnl 2 3 4 5 6
1N/AR<$* _ATMPF_> <$+> <$+> <$- $-> <$*> $@ <_ATMPF_> <$6>', `dnl')
1N/Adnl return <result of lookup> and <passthru>
1N/Adnl 2 3 4 5 6
1N/AR<$*> <$+> <$+> <$- $-> <$*> $@ <$1> <$6>
1N/A
1N/A######################################################################
1N/A### A: LookUpAddress -- search for host address in access database
1N/A###
1N/A### Parameters:
1N/A### <$1> -- key (dot quadded host address)
1N/A### <$2> -- default (what to return if not found in db)
1N/Adnl must not be empty
1N/A### <$3> -- mark (must be <(!|+) single-token>)
1N/A### ! does lookup only with tag
1N/A### + does lookup with and without tag
1N/A### <$4> -- passthru (additional data passed through)
1N/Adnl returns: <default> <passthru>
1N/Adnl <result> <passthru>
1N/A######################################################################
1N/A
1N/ASA
1N/Adnl lookup with tag
1N/Adnl 2 3 4 5
1N/AR<$+> <$+> <$- $-> <$*> $: < $(access $4`'_TAG_DELIM_`'$1 $: ? $) > <$1> <$2> <$3 $4> <$5>
1N/Adnl lookup without tag
1N/Adnl 1 2 3 4
1N/AR<?> <$+> <$+> <+ $-> <$*> $: < $(access $1 $: ? $) > <$1> <$2> <+ $3> <$4>
1N/Adnl workspace <result-of-lookup|?> <key> <default> <mark> <passthru>
1N/Aifdef(`_ACCESS_SKIP_', `dnl
1N/Adnl found SKIP: return <default> and <passthru>
1N/Adnl 1 2 3 4 5
1N/AR<SKIP> <$+> <$+> <$- $-> <$*> $@ <$2> <$5>', `dnl')
1N/Aifdef(`NO_NETINET6', `dnl',
1N/A`dnl no match; IPv6: remove last part
1N/Adnl 1 2 3 4 5 6
1N/AR<?> <$+::$-> <$+> <$- $-> <$*> $@ $>A <$1> <$3> <$4 $5> <$6>
1N/AR<?> <$+:$-> <$+> <$- $-> <$*> $@ $>A <$1> <$3> <$4 $5> <$6>')
1N/Adnl no match; IPv4: remove last part
1N/Adnl 1 2 3 4 5 6
1N/AR<?> <$+.$-> <$+> <$- $-> <$*> $@ $>A <$1> <$3> <$4 $5> <$6>
1N/Adnl no match: return default
1N/Adnl 1 2 3 4 5
1N/AR<?> <$+> <$+> <$- $-> <$*> $@ <$2> <$5>
1N/Aifdef(`_ATMPF_', `dnl tempfail?
1N/Adnl 2 3 4 5 6
1N/AR<$* _ATMPF_> <$+> <$+> <$- $-> <$*> $@ <_ATMPF_> <$6>', `dnl')
1N/Adnl match: return result
1N/Adnl 2 3 4 5 6
1N/AR<$*> <$+> <$+> <$- $-> <$*> $@ <$1> <$6>
1N/Adnl endif _ACCESS_TABLE_
1N/Adivert(0)
1N/A######################################################################
1N/A### CanonAddr -- Convert an address into a standard form for
1N/A### relay checking. Route address syntax is
1N/A### crudely converted into a %-hack address.
1N/A###
1N/A### Parameters:
1N/A### $1 -- full recipient address
1N/A###
1N/A### Returns:
1N/A### parsed address, not in source route form
1N/Adnl user%host%host<@domain>
1N/Adnl host!user<@domain>
1N/A######################################################################
1N/A
1N/ASCanonAddr
1N/AR$* $: $>Parse0 $>canonify $1 make domain canonical
1N/Aifdef(`_USE_DEPRECATED_ROUTE_ADDR_',`dnl
1N/AR< @ $+ > : $* @ $* < @ $1 > : $2 % $3 change @ to % in src route
1N/AR$* < @ $+ > : $* : $* $3 $1 < @ $2 > : $4 change to % hack.
1N/AR$* < @ $+ > : $* $3 $1 < @ $2 >
1N/Adnl')
1N/A
1N/A######################################################################
1N/A### ParseRecipient -- Strip off hosts in $=R as well as possibly
1N/A### $* $=m or the access database.
1N/A### Check user portion for host separators.
1N/A###
1N/A### Parameters:
1N/A### $1 -- full recipient address
1N/A###
1N/A### Returns:
1N/A### parsed, non-local-relaying address
1N/A######################################################################
1N/A
1N/ASParseRecipient
1N/Adnl mark and canonify address
1N/AR$* $: <?> $>CanonAddr $1
1N/Adnl workspace: <?> localpart<@domain[.]>
1N/AR<?> $* < @ $* . > <?> $1 < @ $2 > strip trailing dots
1N/Adnl workspace: <?> localpart<@domain>
1N/AR<?> $- < @ $* > $: <?> $(dequote $1 $) < @ $2 > dequote local part
1N/A
1N/A# if no $=O character, no host in the user portion, we are done
1N/AR<?> $* $=O $* < @ $* > $: <NO> $1 $2 $3 < @ $4>
1N/Adnl no $=O in localpart: return
1N/AR<?> $* $@ $1
1N/A
1N/Adnl workspace: <NO> localpart<@domain>, where localpart contains $=O
1N/Adnl mark everything which has an "authorized" domain with <RELAY>
1N/Aifdef(`_RELAY_ENTIRE_DOMAIN_', `dnl
1N/A# if we relay, check username portion for user%host so host can be checked also
1N/AR<NO> $* < @ $* $=m > $: <RELAY> $1 < @ $2 $3 >', `dnl')
1N/Adnl workspace: <(NO|RELAY)> localpart<@domain>, where localpart contains $=O
1N/Adnl if mark is <NO> then change it to <RELAY> if domain is "authorized"
1N/A
1N/Adnl what if access map returns something else than RELAY?
1N/Adnl we are only interested in RELAY entries...
1N/Adnl other To: entries: blacklist recipient; generic entries?
1N/Adnl if it is an error we probably do not want to relay anyway
1N/Aifdef(`_RELAY_HOSTS_ONLY_',
1N/A`R<NO> $* < @ $=R > $: <RELAY> $1 < @ $2 >
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/AR<NO> $* < @ $+ > $: <$(access To:$2 $: NO $)> $1 < @ $2 >
1N/AR<NO> $* < @ $+ > $: <$(access $2 $: NO $)> $1 < @ $2 >',`dnl')',
1N/A`R<NO> $* < @ $* $=R > $: <RELAY> $1 < @ $2 $3 >
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/AR<NO> $* < @ $+ > $: $>D <$2> <NO> <+ To> <$1 < @ $2 >>
1N/AR<$+> <$+> $: <$1> $2',`dnl')')
1N/A
1N/A
1N/Aifdef(`_RELAY_MX_SERVED_', `dnl
1N/Adnl do "we" ($=w) act as backup MX server for the destination domain?
1N/AR<NO> $* < @ $+ > $: <MX> < : $(mxserved $2 $) : > < $1 < @$2 > >
1N/AR<MX> < : $* <TEMP> : > $* $#TEMP $@ 4.4.0 $: "450 Can not check MX records for recipient host " $1
1N/Adnl yes: mark it as <RELAY>
1N/AR<MX> < $* : $=w. : $* > < $+ > $: <RELAY> $4
1N/Adnl no: put old <NO> mark back
1N/AR<MX> < : $* : > < $+ > $: <NO> $2', `dnl')
1N/A
1N/Adnl do we relay to this recipient domain?
1N/AR<RELAY> $* < @ $* > $@ $>ParseRecipient $1
1N/Adnl something else
1N/AR<$+> $* $@ $2
1N/A
1N/A
1N/A######################################################################
1N/A### check_relay -- check hostname/address on SMTP startup
1N/A######################################################################
1N/A
1N/Aifdef(`_CONTROL_IMMEDIATE_',`dnl
1N/AScheck_relay
1N/Aifdef(`_RATE_CONTROL_IMMEDIATE_',`dnl
1N/Adnl workspace: ignored...
1N/AR$* $: $>"RateControl" dummy', `dnl')
1N/Aifdef(`_CONN_CONTROL_IMMEDIATE_',`dnl
1N/Adnl workspace: ignored...
1N/AR$* $: $>"ConnControl" dummy', `dnl')
1N/Adnl')
1N/A
1N/ASLocal_check_relay
1N/AScheck`'_U_`'relay
1N/Aifdef(`_USE_CLIENT_PTR_',`dnl
1N/AR$* $| $* $: $&{client_ptr} $| $2', `dnl')
1N/AR$* $: $1 $| $>"Local_check_relay" $1
1N/AR$* $| $* $| $#$* $#$3
1N/AR$* $| $* $| $* $@ $>"Basic_check_relay" $1 $| $2
1N/A
1N/ASBasic_check_relay
1N/A# check for deferred delivery mode
1N/AR$* $: < $&{deliveryMode} > $1
1N/AR< d > $* $@ deferred
1N/AR< $* > $* $: $2
1N/A
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/Adnl workspace: {client_name} $| {client_addr}
1N/AR$+ $| $+ $: $>D < $1 > <?> <+ Connect> < $2 >
1N/Adnl workspace: <result-of-lookup> <{client_addr}>
1N/Adnl OR $| $+ if client_name is empty
1N/AR $| $+ $: $>A < $1 > <?> <+ Connect> <> empty client_name
1N/Adnl workspace: <result-of-lookup> <{client_addr}>
1N/AR<?> <$+> $: $>A < $1 > <?> <+ Connect> <> no: another lookup
1N/Adnl workspace: <result-of-lookup> (<>|<{client_addr}>)
1N/AR<?> <$*> $: OK found nothing
1N/Adnl workspace: <result-of-lookup> (<>|<{client_addr}>) | OK
1N/AR<$={Accept}> <$*> $@ $1 return value of lookup
1N/AR<REJECT> <$*> $#error ifdef(`confREJECT_MSG', `$: confREJECT_MSG', `$@ 5.7.1 $: "550 Access denied"')
1N/AR<DISCARD> <$*> $#discard $: discard
1N/AR<QUARANTINE:$+> <$*> $#error $@ quarantine $: $1
1N/Adnl error tag
1N/AR<ERROR:$-.$-.$-:$+> <$*> $#error $@ $1.$2.$3 $: $4
1N/AR<ERROR:$+> <$*> $#error $: $1
1N/Aifdef(`_ATMPF_', `R<$* _ATMPF_> <$*> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
1N/Adnl generic error from access map
1N/AR<$+> <$*> $#error $: $1', `dnl')
1N/A
1N/Aifdef(`_RBL_',`dnl
1N/A# DNS based IP address spam list
1N/Adnl workspace: ignored...
1N/AR$* $: $&{client_addr}
1N/AR$-.$-.$-.$- $: <?> $(host $4.$3.$2.$1._RBL_. $: OK $)
1N/AR<?>OK $: OKSOFAR
1N/AR<?>$+ $#error $@ 5.7.1 $: "550 Rejected: " $&{client_addr} " listed at _RBL_"',
1N/A`dnl')
1N/Aifdef(`_RATE_CONTROL_',`dnl
1N/Aifdef(`_RATE_CONTROL_IMMEDIATE_',`', `dnl
1N/Adnl workspace: ignored...
1N/AR$* $: $>"RateControl" dummy')', `dnl')
1N/Aifdef(`_CONN_CONTROL_',`dnl
1N/Aifdef(`_CONN_CONTROL_IMMEDIATE_',`',`dnl
1N/Adnl workspace: ignored...
1N/AR$* $: $>"ConnControl" dummy')', `dnl')
1N/Aundivert(8)dnl LOCAL_DNSBL
1N/Aifdef(`_REQUIRE_RDNS_', `dnl
1N/AR$* $: $&{client_addr} $| $&{client_resolve}
1N/AR$=R $* $@ RELAY We relay for these
1N/AR$* $| OK $@ OK Resolves.
1N/AR$* $| FAIL $#error $@ 5.7.1 $: 550 Fix reverse DNS for $1
1N/AR$* $| TEMP $#error $@ 4.1.8 $: 451 Client IP address $1 does not resolve
1N/AR$* $| FORGED $#error $@ 4.1.8 $: 451 Possibly forged hostname for $1
1N/A', `dnl')
1N/A
1N/A######################################################################
1N/A### check_mail -- check SMTP ``MAIL FROM:'' command argument
1N/A######################################################################
1N/A
1N/ASLocal_check_mail
1N/AScheck`'_U_`'mail
1N/AR$* $: $1 $| $>"Local_check_mail" $1
1N/AR$* $| $#$* $#$2
1N/AR$* $| $* $@ $>"Basic_check_mail" $1
1N/A
1N/ASBasic_check_mail
1N/A# check for deferred delivery mode
1N/AR$* $: < $&{deliveryMode} > $1
1N/AR< d > $* $@ deferred
1N/AR< $* > $* $: $2
1N/A
1N/A# authenticated?
1N/Adnl done first: we can require authentication for every mail transaction
1N/Adnl workspace: address as given by MAIL FROM: (sender)
1N/AR$* $: $1 $| $>"tls_client" $&{verify} $| MAIL
1N/AR$* $| $#$+ $#$2
1N/Adnl undo damage: remove result of tls_client call
1N/AR$* $| $* $: $1
1N/A
1N/Adnl workspace: address as given by MAIL FROM:
1N/AR<> $@ <OK> we MUST accept <> (RFC 1123)
1N/Aifdef(`_ACCEPT_UNQUALIFIED_SENDERS_',`dnl',`dnl
1N/Adnl do some additional checks
1N/Adnl no user@host
1N/Adnl no user@localhost (if nonlocal sender)
1N/Adnl this is a pretty simple canonification, it will not catch every case
1N/Adnl just make sure the address has <> around it (which is required by
1N/Adnl the RFC anyway, maybe we should complain if they are missing...)
1N/Adnl dirty trick: if it is user@host, just add a dot: user@host. this will
1N/Adnl not be modified by host lookups.
1N/AR$+ $: <?> $1
1N/AR<?><$+> $: <@> <$1>
1N/AR<?>$+ $: <@> <$1>
1N/Adnl workspace: <@> <address>
1N/Adnl prepend daemon_flags
1N/AR$* $: $&{daemon_flags} $| $1
1N/Adnl workspace: ${daemon_flags} $| <@> <address>
1N/Adnl do not allow these at all or only from local systems?
1N/AR$* f $* $| <@> < $* @ $- > $: < ? $&{client_name} > < $3 @ $4 >
1N/Adnl accept unqualified sender: change mark to avoid test
1N/AR$* u $* $| <@> < $* > $: <?> < $3 >
1N/Adnl workspace: ${daemon_flags} $| <@> <address>
1N/Adnl or: <? ${client_name} > <address>
1N/Adnl or: <?> <address>
1N/Adnl remove daemon_flags
1N/AR$* $| $* $: $2
1N/A# handle case of @localhost on address
1N/AR<@> < $* @ localhost > $: < ? $&{client_name} > < $1 @ localhost >
1N/AR<@> < $* @ [127.0.0.1] >
1N/A $: < ? $&{client_name} > < $1 @ [127.0.0.1] >
1N/AR<@> < $* @ localhost.$m >
1N/A $: < ? $&{client_name} > < $1 @ localhost.$m >
1N/Aifdef(`_NO_UUCP_', `dnl',
1N/A`R<@> < $* @ localhost.UUCP >
1N/A $: < ? $&{client_name} > < $1 @ localhost.UUCP >')
1N/Adnl workspace: < ? $&{client_name} > <user@localhost|host>
1N/Adnl or: <@> <address>
1N/Adnl or: <?> <address> (thanks to u in ${daemon_flags})
1N/AR<@> $* $: $1 no localhost as domain
1N/Adnl workspace: < ? $&{client_name} > <user@localhost|host>
1N/Adnl or: <address>
1N/Adnl or: <?> <address> (thanks to u in ${daemon_flags})
1N/AR<? $=w> $* $: $2 local client: ok
1N/AR<? $+> <$+> $#error $@ 5.5.4 $: "_CODE553 Real domain name required for sender address"
1N/Adnl remove <?> (happens only if ${client_name} == "" or u in ${daemon_flags})
1N/AR<?> $* $: $1')
1N/Adnl workspace: address (or <address>)
1N/AR$* $: <?> $>CanonAddr $1 canonify sender address and mark it
1N/Adnl workspace: <?> CanonicalAddress (i.e. address in canonical form localpart<@host>)
1N/Adnl there is nothing behind the <@host> so no trailing $* needed
1N/AR<?> $* < @ $+ . > <?> $1 < @ $2 > strip trailing dots
1N/A# handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc)
1N/AR<?> $* < @ $* $=P > $: <_RES_OK_> $1 < @ $2 $3 >
1N/Adnl workspace <mark> CanonicalAddress where mark is ? or OK
1N/Adnl A sender address with my local host name ($j) is safe
1N/AR<?> $* < @ $j > $: <_RES_OK_> $1 < @ $j >
1N/Aifdef(`_ACCEPT_UNRESOLVABLE_DOMAINS_',
1N/A`R<?> $* < @ $+ > $: <_RES_OK_> $1 < @ $2 > ... unresolvable OK',
1N/A`R<?> $* < @ $+ > $: <? $(resolve $2 $: $2 <PERM> $) > $1 < @ $2 >
1N/AR<? $* <$->> $* < @ $+ >
1N/A $: <$2> $3 < @ $4 >')
1N/Adnl workspace <mark> CanonicalAddress where mark is ?, _RES_OK_, PERM, TEMP
1N/Adnl mark is ? iff the address is user (wo @domain)
1N/A
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/A# check sender address: user@address, user@, address
1N/Adnl should we remove +ext from user?
1N/Adnl workspace: <mark> CanonicalAddress where mark is: ?, _RES_OK_, PERM, TEMP
1N/AR<$+> $+ < @ $* > $: @<$1> <$2 < @ $3 >> $| <F:$2@$3> <U:$2@> <D:$3>
1N/AR<$+> $+ $: @<$1> <$2> $| <U:$2@>
1N/Adnl workspace: @<mark> <CanonicalAddress> $| <@type:address> ....
1N/Adnl $| is used as delimiter, otherwise false matches may occur: <user<@domain>>
1N/Adnl will only return user<@domain when "reversing" the args
1N/AR@ <$+> <$*> $| <$+> $: <@> <$1> <$2> $| $>SearchList <+ From> $| <$3> <>
1N/Adnl workspace: <@><mark> <CanonicalAddress> $| <result>
1N/AR<@> <$+> <$*> $| <$*> $: <$3> <$1> <$2> reverse result
1N/Adnl workspace: <result> <mark> <CanonicalAddress>
1N/A# retransform for further use
1N/Adnl required form:
1N/Adnl <ResultOfLookup|mark> CanonicalAddress
1N/AR<?> <$+> <$*> $: <$1> $2 no match
1N/AR<$+> <$+> <$*> $: <$1> $3 relevant result, keep it', `dnl')
1N/Adnl workspace <ResultOfLookup|mark> CanonicalAddress
1N/Adnl mark is ? iff the address is user (wo @domain)
1N/A
1N/Aifdef(`_ACCEPT_UNQUALIFIED_SENDERS_',`dnl',`dnl
1N/A# handle case of no @domain on address
1N/Adnl prepend daemon_flags
1N/AR<?> $* $: $&{daemon_flags} $| <?> $1
1N/Adnl accept unqualified sender: change mark to avoid test
1N/AR$* u $* $| <?> $* $: <_RES_OK_> $3
1N/Adnl remove daemon_flags
1N/AR$* $| $* $: $2
1N/AR<?> $* $: < ? $&{client_addr} > $1
1N/AR<?> $* $@ <_RES_OK_> ...local unqualed ok
1N/AR<? $+> $* $#error $@ 5.5.4 $: "_CODE553 Domain name required for sender address " $&f
1N/A ...remote is not')
1N/A# check results
1N/AR<?> $* $: @ $1 mark address: nothing known about it
1N/AR<$={ResOk}> $* $: @ $2 domain ok
1N/AR<TEMP> $* $#error $@ 4.1.8 $: "451 Domain of sender address " $&f " does not resolve"
1N/AR<PERM> $* $#error $@ 5.1.8 $: "_CODE553 Domain of sender address " $&f " does not exist"
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/AR<$={Accept}> $* $# $1 accept from access map
1N/AR<DISCARD> $* $#discard $: discard
1N/AR<QUARANTINE:$+> $* $#error $@ quarantine $: $1
1N/AR<REJECT> $* $#error ifdef(`confREJECT_MSG', `$: confREJECT_MSG', `$@ 5.7.1 $: "550 Access denied"')
1N/Adnl error tag
1N/AR<ERROR:$-.$-.$-:$+> $* $#error $@ $1.$2.$3 $: $4
1N/AR<ERROR:$+> $* $#error $: $1
1N/Aifdef(`_ATMPF_', `R<_ATMPF_> $* $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
1N/Adnl generic error from access map
1N/AR<$+> $* $#error $: $1 error from access db',
1N/A`dnl')
1N/Adnl workspace: @ CanonicalAddress (i.e. address in canonical form localpart<@host>)
1N/A
1N/Aifdef(`_BADMX_CHK_', `dnl
1N/AR@ $*<@$+>$* $: $1<@$2>$3 $| $>BadMX $2
1N/AR$* $| $#$* $#$2
1N/A
1N/ASBadMX
1N/A# Look up MX records and ferret away a copy of the original address.
1N/A# input: domain part of address to check
1N/AR$+ $:<MX><$1><:$(mxlist $1$):><:>
1N/A# workspace: <MX><domain><: mxlist-result $><:>
1N/AR<MX><$+><:$*<TEMP>:><$*> $#error $@ 4.1.2 $: "450 MX lookup failure for "$1
1N/A# workspace: <MX> <original destination> <unchecked mxlist> <checked mxlist>
1N/A# Recursively run badmx check on each mx.
1N/AR<MX><$*><:$+:$*><:$*> <MX><$1><:$3><: $4 $(badmx $2 $):>
1N/A# See if any of them fail.
1N/AR<MX><$*><$*><$*<BADMX>:$*> $#error $@ 5.1.2 $:"550 Illegal MX record for host "$1
1N/A# Reverse the mxlists so we can use the same argument order again.
1N/AR<MX><$*><$*><$*> $:<MX><$1><$3><$2>
1N/AR<MX><$*><:$+:$*><:$*> <MX><$1><:$3><:$4 $(dnsA $2 $) :>
1N/A
1N/A# Reverse the lists so we can use the same argument order again.
1N/AR<MX><$*><$*><$*> $:<MX><$1><$3><$2>
1N/AR<MX><$*><:$+:$*><:$*> <MX><$1><:$3><:$4 $(BadMXIP $2 $) :>
1N/A
1N/AR<MX><$*><$*><$*<BADMXIP>:$*> $#error $@ 5.1.2 $:"550 Invalid MX record for host "$1',
1N/A`dnl')
1N/A
1N/A
1N/A######################################################################
1N/A### check_rcpt -- check SMTP ``RCPT TO:'' command argument
1N/A######################################################################
1N/A
1N/ASLocal_check_rcpt
1N/AScheck`'_U_`'rcpt
1N/AR$* $: $1 $| $>"Local_check_rcpt" $1
1N/AR$* $| $#$* $#$2
1N/AR$* $| $* $@ $>"Basic_check_rcpt" $1
1N/A
1N/ASBasic_check_rcpt
1N/A# empty address?
1N/AR<> $#error $@ nouser $: "553 User address required"
1N/AR$@ $#error $@ nouser $: "553 User address required"
1N/A# check for deferred delivery mode
1N/AR$* $: < $&{deliveryMode} > $1
1N/AR< d > $* $@ deferred
1N/AR< $* > $* $: $2
1N/A
1N/Aifdef(`_REQUIRE_QUAL_RCPT_', `dnl
1N/Adnl this code checks for user@host where host is not a FQHN.
1N/Adnl it is not activated.
1N/Adnl notice: code to check for a recipient without a domain name is
1N/Adnl available down below; look for the same macro.
1N/Adnl this check is done here because the name might be qualified by the
1N/Adnl canonicalization.
1N/A# require fully qualified domain part?
1N/Adnl very simple canonification: make sure the address is in < >
1N/AR$+ $: <?> $1
1N/AR<?> <$+> $: <@> <$1>
1N/AR<?> $+ $: <@> <$1>
1N/AR<@> < postmaster > $: postmaster
1N/AR<@> < $* @ $+ . $+ > $: < $1 @ $2 . $3 >
1N/Adnl prepend daemon_flags
1N/AR<@> $* $: $&{daemon_flags} $| <@> $1
1N/Adnl workspace: ${daemon_flags} $| <@> <address>
1N/Adnl _r_equire qual.rcpt: ok
1N/AR$* r $* $| <@> < $+ @ $+ > $: < $3 @ $4 >
1N/Adnl do not allow these at all or only from local systems?
1N/AR$* r $* $| <@> < $* > $: < ? $&{client_name} > < $3 >
1N/AR<?> < $* > $: <$1>
1N/AR<? $=w> < $* > $: <$1>
1N/AR<? $+> <$+> $#error $@ 5.5.4 $: "553 Fully qualified domain name required"
1N/Adnl remove daemon_flags for other cases
1N/AR$* $| <@> $* $: $2', `dnl')
1N/A
1N/Adnl ##################################################################
1N/Adnl call subroutines for recipient and relay
1N/Adnl possible returns from subroutines:
1N/Adnl $#TEMP temporary failure
1N/Adnl $#error permanent failure (or temporary if from access map)
1N/Adnl $#other stop processing
1N/Adnl RELAY RELAYing allowed
1N/Adnl other otherwise
1N/A######################################################################
1N/AR$* $: $1 $| @ $>"Rcpt_ok" $1
1N/Adnl temporary failure? remove mark @ and remember
1N/AR$* $| @ $#TEMP $+ $: $1 $| T $2
1N/Adnl error or ok (stop)
1N/AR$* $| @ $#$* $#$2
1N/Aifdef(`_PROMISCUOUS_RELAY_', `divert(-1)', `dnl')
1N/AR$* $| @ RELAY $@ RELAY
1N/Adnl something else: call check sender (relay)
1N/AR$* $| @ $* $: O $| $>"Relay_ok" $1
1N/Adnl temporary failure: call check sender (relay)
1N/AR$* $| T $+ $: T $2 $| $>"Relay_ok" $1
1N/Adnl temporary failure? return that
1N/AR$* $| $#TEMP $+ $#error $2
1N/Adnl error or ok (stop)
1N/AR$* $| $#$* $#$2
1N/AR$* $| RELAY $@ RELAY
1N/Adnl something else: return previous temp failure
1N/AR T $+ $| $* $#error $1
1N/A# anything else is bogus
1N/AR$* $#error $@ 5.7.1 $: confRELAY_MSG
1N/Adivert(0)
1N/A
1N/A######################################################################
1N/A### Rcpt_ok: is the recipient ok?
1N/Adnl input: recipient address (RCPT TO)
1N/Adnl output: see explanation at call
1N/A######################################################################
1N/ASRcpt_ok
1N/Aifdef(`_LOOSE_RELAY_CHECK_',`dnl
1N/AR$* $: $>CanonAddr $1
1N/AR$* < @ $* . > $1 < @ $2 > strip trailing dots',
1N/A`R$* $: $>ParseRecipient $1 strip relayable hosts')
1N/A
1N/Aifdef(`_BESTMX_IS_LOCAL_',`dnl
1N/Aifelse(_BESTMX_IS_LOCAL_, `', `dnl
1N/A# unlimited bestmx
1N/AR$* < @ $* > $* $: $1 < @ $2 @@ $(bestmx $2 $) > $3',
1N/A`dnl
1N/A# limit bestmx to $=B
1N/AR$* < @ $* $=B > $* $: $1 < @ $2 $3 @@ $(bestmx $2 $3 $) > $4')
1N/AR$* $=O $* < @ $* @@ $=w . > $* $@ $>"Rcpt_ok" $1 $2 $3
1N/AR$* < @ $* @@ $=w . > $* $: $1 < @ $3 > $4
1N/AR$* < @ $* @@ $* > $* $: $1 < @ $2 > $4')
1N/A
1N/Aifdef(`_BLACKLIST_RCPT_',`dnl
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/A# blacklist local users or any host from receiving mail
1N/AR$* $: <?> $1
1N/Adnl user is now tagged with @ to be consistent with check_mail
1N/Adnl and to distinguish users from hosts (com would be host, com@ would be user)
1N/AR<?> $+ < @ $=w > $: <> <$1 < @ $2 >> $| <F:$1@$2> <U:$1@> <D:$2>
1N/AR<?> $+ < @ $* > $: <> <$1 < @ $2 >> $| <F:$1@$2> <D:$2>
1N/AR<?> $+ $: <> <$1> $| <U:$1@>
1N/Adnl $| is used as delimiter, otherwise false matches may occur: <user<@domain>>
1N/Adnl will only return user<@domain when "reversing" the args
1N/AR<> <$*> $| <$+> $: <@> <$1> $| $>SearchList <+ To> $| <$2> <>
1N/AR<@> <$*> $| <$*> $: <$2> <$1> reverse result
1N/AR<?> <$*> $: @ $1 mark address as no match
1N/Adnl we may have to filter here because otherwise some RHSs
1N/Adnl would be interpreted as generic error messages...
1N/Adnl error messages should be "tagged" by prefixing them with error: !
1N/Adnl that would make a lot of things easier.
1N/AR<$={Accept}> <$*> $: @ $2 mark address as no match
1N/Aifdef(`_ACCESS_SKIP_', `dnl
1N/AR<SKIP> <$*> $: @ $1 mark address as no match', `dnl')
1N/Aifdef(`_DELAY_COMPAT_8_10_',`dnl
1N/Adnl compatility with 8.11/8.10:
1N/Adnl we have to filter these because otherwise they would be interpreted
1N/Adnl as generic error message...
1N/Adnl error messages should be "tagged" by prefixing them with error: !
1N/Adnl that would make a lot of things easier.
1N/Adnl maybe we should stop checks already here (if SPAM_xyx)?
1N/AR<$={SpamTag}> <$*> $: @ $2 mark address as no match')
1N/AR<REJECT> $* $#error $@ 5.2.1 $: confRCPTREJ_MSG
1N/AR<DISCARD> $* $#discard $: discard
1N/AR<QUARANTINE:$+> $* $#error $@ quarantine $: $1
1N/Adnl error tag
1N/AR<ERROR:$-.$-.$-:$+> $* $#error $@ $1.$2.$3 $: $4
1N/AR<ERROR:$+> $* $#error $: $1
1N/Aifdef(`_ATMPF_', `R<_ATMPF_> $* $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
1N/Adnl generic error from access map
1N/AR<$+> $* $#error $: $1 error from access db
1N/AR@ $* $1 remove mark', `dnl')', `dnl')
1N/A
1N/Aifdef(`_PROMISCUOUS_RELAY_', `divert(-1)', `dnl')
1N/A# authenticated via TLS?
1N/AR$* $: $1 $| $>RelayTLS client authenticated?
1N/AR$* $| $# $+ $# $2 error/ok?
1N/AR$* $| $* $: $1 no
1N/A
1N/AR$* $: $1 $| $>"Local_Relay_Auth" $&{auth_type}
1N/Adnl workspace: localpart<@domain> $| result of Local_Relay_Auth
1N/AR$* $| $# $* $# $2
1N/Adnl if Local_Relay_Auth returns NO then do not check $={TrustAuthMech}
1N/AR$* $| NO $: $1
1N/AR$* $| $* $: $1 $| $&{auth_type}
1N/Adnl workspace: localpart<@domain> [ $| ${auth_type} ]
1N/Adnl empty ${auth_type}?
1N/AR$* $| $: $1
1N/Adnl mechanism ${auth_type} accepted?
1N/Adnl use $# to override further tests (delay_checks): see check_rcpt below
1N/AR$* $| $={TrustAuthMech} $# RELAY
1N/Adnl remove ${auth_type}
1N/AR$* $| $* $: $1
1N/Adnl workspace: localpart<@domain> | localpart
1N/Aifelse(defn(`_NO_UUCP_'), `r',
1N/A`R$* ! $* < @ $* > $: <REMOTE> $2 < @ BANG_PATH >
1N/AR$* ! $* $: <REMOTE> $2 < @ BANG_PATH >', `dnl')
1N/A# anything terminating locally is ok
1N/Aifdef(`_RELAY_ENTIRE_DOMAIN_', `dnl
1N/AR$+ < @ $* $=m > $@ RELAY', `dnl')
1N/AR$+ < @ $=w > $@ RELAY
1N/Aifdef(`_RELAY_HOSTS_ONLY_',
1N/A`R$+ < @ $=R > $@ RELAY
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/Aifdef(`_RELAY_FULL_ADDR_', `dnl
1N/AR$+ < @ $+ > $: <$(access To:$1@$2 $: ? $)> <$1 < @ $2 >>
1N/AR<?> <$+ < @ $+ >> $: <$(access To:$2 $: ? $)> <$1 < @ $2 >>',`
1N/AR$+ < @ $+ > $: <$(access To:$2 $: ? $)> <$1 < @ $2 >>')
1N/Adnl workspace: <Result-of-lookup | ?> <localpart<@domain>>
1N/AR<?> <$+ < @ $+ >> $: <$(access $2 $: ? $)> <$1 < @ $2 >>',`dnl')',
1N/A`R$+ < @ $* $=R > $@ RELAY
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/Aifdef(`_RELAY_FULL_ADDR_', `dnl
1N/AR$+ < @ $+ > $: $1 < @ $2 > $| $>SearchList <+ To> $| <F:$1@$2> <D:$2> <F:$1@> <>
1N/AR$+ < @ $+ > $| <$*> $: <$3> <$1 <@ $2>>
1N/AR$+ < @ $+ > $| $* $: <$3> <$1 <@ $2>>',
1N/A`R$+ < @ $+ > $: $>D <$2> <?> <+ To> <$1 < @ $2 >>')')')
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/Adnl workspace: <Result-of-lookup | ?> <localpart<@domain>>
1N/AR<RELAY> $* $@ RELAY
1N/Aifdef(`_ATMPF_', `R<$* _ATMPF_> $* $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
1N/AR<$*> <$*> $: $2',`dnl')
1N/A
1N/A
1N/Aifdef(`_RELAY_MX_SERVED_', `dnl
1N/A# allow relaying for hosts which we MX serve
1N/AR$+ < @ $+ > $: < : $(mxserved $2 $) : > $1 < @ $2 >
1N/Adnl this must not necessarily happen if the client is checked first...
1N/AR< : $* <TEMP> : > $* $#TEMP $@ 4.4.0 $: "450 Can not check MX records for recipient host " $1
1N/AR<$* : $=w . : $*> $* $@ RELAY
1N/AR< : $* : > $* $: $2',
1N/A`dnl')
1N/A
1N/A# check for local user (i.e. unqualified address)
1N/AR$* $: <?> $1
1N/AR<?> $* < @ $+ > $: <REMOTE> $1 < @ $2 >
1N/A# local user is ok
1N/Adnl is it really? the standard requires user@domain, not just user
1N/Adnl but we should accept it anyway (maybe making it an option:
1N/Adnl RequireFQDN ?)
1N/Adnl postmaster must be accepted without domain (DRUMS)
1N/Aifdef(`_REQUIRE_QUAL_RCPT_', `dnl
1N/AR<?> postmaster $@ OK
1N/A# require qualified recipient?
1N/Adnl prepend daemon_flags
1N/AR<?> $+ $: $&{daemon_flags} $| <?> $1
1N/Adnl workspace: ${daemon_flags} $| <?> localpart
1N/Adnl do not allow these at all or only from local systems?
1N/Adnl r flag? add client_name
1N/AR$* r $* $| <?> $+ $: < ? $&{client_name} > <?> $3
1N/Adnl no r flag: relay to local user (only local part)
1N/A# no qualified recipient required
1N/AR$* $| <?> $+ $@ RELAY
1N/Adnl client_name is empty
1N/AR<?> <?> $+ $@ RELAY
1N/Adnl client_name is local
1N/AR<? $=w> <?> $+ $@ RELAY
1N/Adnl client_name is not local
1N/AR<? $+> $+ $#error $@ 5.5.4 $: "553 Domain name required"', `dnl
1N/Adnl no qualified recipient required
1N/AR<?> $+ $@ RELAY')
1N/Adnl it is a remote user: remove mark and then check client
1N/AR<$+> $* $: $2
1N/Adnl currently the recipient address is not used below
1N/A
1N/A######################################################################
1N/A### Relay_ok: is the relay/sender ok?
1N/Adnl input: ignored
1N/Adnl output: see explanation at call
1N/A######################################################################
1N/ASRelay_ok
1N/A# anything originating locally is ok
1N/A# check IP address
1N/AR$* $: $&{client_addr}
1N/AR$@ $@ RELAY originated locally
1N/AR0 $@ RELAY originated locally
1N/AR127.0.0.1 $@ RELAY originated locally
1N/ARIPv6:::1 $@ RELAY originated locally
1N/AR$=R $* $@ RELAY relayable IP address
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/AR$* $: $>A <$1> <?> <+ Connect> <$1>
1N/AR<RELAY> $* $@ RELAY relayable IP address
1N/Aifdef(`_FFR_REJECT_IP_IN_CHECK_RCPT_',`dnl
1N/Adnl this will cause rejections in cases like:
1N/Adnl Connect:My.Host.Domain RELAY
1N/Adnl Connect:My.Net REJECT
1N/Adnl since in check_relay client_name is checked before client_addr
1N/AR<REJECT> $* $@ REJECT rejected IP address')
1N/Aifdef(`_ATMPF_', `R<_ATMPF_> $* $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
1N/AR<$*> <$*> $: $2', `dnl')
1N/AR$* $: [ $1 ] put brackets around it...
1N/AR$=w $@ RELAY ... and see if it is local
1N/A
1N/Aifdef(`_RELAY_DB_FROM_', `define(`_RELAY_MAIL_FROM_', `1')')dnl
1N/Aifdef(`_RELAY_LOCAL_FROM_', `define(`_RELAY_MAIL_FROM_', `1')')dnl
1N/Aifdef(`_RELAY_MAIL_FROM_', `dnl
1N/Adnl input: {client_addr} or something "broken"
1N/Adnl just throw the input away; we do not need it.
1N/A# check whether FROM is allowed to use system as relay
1N/AR$* $: <?> $>CanonAddr $&f
1N/AR<?> $+ < @ $+ . > <?> $1 < @ $2 > remove trailing dot
1N/Aifdef(`_RELAY_LOCAL_FROM_', `dnl
1N/A# check whether local FROM is ok
1N/AR<?> $+ < @ $=w > $@ RELAY FROM local', `dnl')
1N/Aifdef(`_RELAY_DB_FROM_', `dnl
1N/AR<?> $+ < @ $+ > $: <@> $>SearchList <! From> $| <F:$1@$2> ifdef(`_RELAY_DB_FROM_DOMAIN_', ifdef(`_RELAY_HOSTS_ONLY_', `<E:$2>', `<D:$2>')) <>
1N/AR<@> <RELAY> $@ RELAY RELAY FROM sender ok
1N/Aifdef(`_ATMPF_', `R<@> <_ATMPF_> $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
1N/A', `dnl
1N/Aifdef(`_RELAY_DB_FROM_DOMAIN_',
1N/A`errprint(`*** ERROR: _RELAY_DB_FROM_DOMAIN_ requires _RELAY_DB_FROM_
1N/A')',
1N/A`dnl')
1N/Adnl')', `dnl')
1N/Adnl notice: the rulesets above do not leave a unique workspace behind.
1N/Adnl it does not matter in this case because the following rule ignores
1N/Adnl the input. otherwise these rules must "clean up" the workspace.
1N/A
1N/A# check client name: first: did it resolve?
1N/Adnl input: ignored
1N/AR$* $: < $&{client_resolve} >
1N/AR<TEMP> $#TEMP $@ 4.4.0 $: "450 Relaying temporarily denied. Cannot resolve PTR record for " $&{client_addr}
1N/AR<FORGED> $#error $@ 5.7.1 $: "550 Relaying denied. IP name possibly forged " $&{client_name}
1N/AR<FAIL> $#error $@ 5.7.1 $: "550 Relaying denied. IP name lookup failed " $&{client_name}
1N/Adnl ${client_resolve} should be OK, so go ahead
1N/AR$* $: <@> $&{client_name}
1N/Adnl should not be necessary since it has been done for client_addr already
1N/Adnl this rule actually may cause a problem if {client_name} resolves to ""
1N/Adnl however, this should not happen since the forward lookup should fail
1N/Adnl and {client_resolve} should be TEMP or FAIL.
1N/Adnl nevertheless, removing the rule doesn't hurt.
1N/Adnl R<@> $@ RELAY
1N/Adnl workspace: <@> ${client_name} (not empty)
1N/A# pass to name server to make hostname canonical
1N/AR<@> $* $=P $:<?> $1 $2
1N/AR<@> $+ $:<?> $[ $1 $]
1N/Adnl workspace: <?> ${client_name} (canonified)
1N/AR$* . $1 strip trailing dots
1N/Aifdef(`_RELAY_ENTIRE_DOMAIN_', `dnl
1N/AR<?> $* $=m $@ RELAY', `dnl')
1N/AR<?> $=w $@ RELAY
1N/Aifdef(`_RELAY_HOSTS_ONLY_',
1N/A`R<?> $=R $@ RELAY
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/AR<?> $* $: <$(access Connect:$1 $: ? $)> <$1>
1N/AR<?> <$*> $: <$(access $1 $: ? $)> <$1>',`dnl')',
1N/A`R<?> $* $=R $@ RELAY
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/AR<?> $* $: $>D <$1> <?> <+ Connect> <$1>',`dnl')')
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/AR<RELAY> $* $@ RELAY
1N/Aifdef(`_ATMPF_', `R<$* _ATMPF_> $* $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
1N/AR<$*> <$*> $: $2',`dnl')
1N/Adnl end of _PROMISCUOUS_RELAY_
1N/Adivert(0)
1N/Aifdef(`_DELAY_CHECKS_',`dnl
1N/A# turn a canonical address in the form user<@domain>
1N/A# qualify unqual. addresses with $j
1N/Adnl it might have been only user (without <@domain>)
1N/ASFullAddr
1N/AR$* <@ $+ . > $1 <@ $2 >
1N/AR$* <@ $* > $@ $1 <@ $2 >
1N/AR$+ $@ $1 <@ $j >
1N/A
1N/ASDelay_TLS_Clt
1N/A# authenticated?
1N/Adnl code repeated here from Basic_check_mail
1N/Adnl only called from check_rcpt in delay mode if checkrcpt returns $#
1N/AR$* $: $1 $| $>"tls_client" $&{verify} $| MAIL
1N/AR$* $| $#$+ $#$2
1N/Adnl return result from checkrcpt
1N/AR$* $| $* $# $1
1N/AR$* $# $1
1N/A
1N/ASDelay_TLS_Clt2
1N/A# authenticated?
1N/Adnl code repeated here from Basic_check_mail
1N/Adnl only called from check_rcpt in delay mode if stopping due to Friend/Hater
1N/AR$* $: $1 $| $>"tls_client" $&{verify} $| MAIL
1N/AR$* $| $#$+ $#$2
1N/Adnl return result from friend/hater check
1N/AR$* $| $* $@ $1
1N/AR$* $@ $1
1N/A
1N/A# call all necessary rulesets
1N/AScheck_rcpt
1N/Adnl this test should be in the Basic_check_rcpt ruleset
1N/Adnl which is the correct DSN code?
1N/A# R$@ $#error $@ 5.1.3 $: "553 Recipient address required"
1N/A
1N/AR$+ $: $1 $| $>checkrcpt $1
1N/Adnl now we can simply stop checks by returning "$# xyz" instead of just "ok"
1N/Adnl on error (or discard) stop now
1N/AR$+ $| $#error $* $#error $2
1N/AR$+ $| $#discard $* $#discard $2
1N/Adnl otherwise call tls_client; see above
1N/AR$+ $| $#$* $@ $>"Delay_TLS_Clt" $2
1N/AR$+ $| $* $: <?> $>FullAddr $>CanonAddr $1
1N/Aifdef(`_SPAM_FH_',
1N/A`dnl lookup user@ and user@address
1N/Aifdef(`_ACCESS_TABLE_', `',
1N/A`errprint(`*** ERROR: FEATURE(`delay_checks', `argument') requires FEATURE(`access_db')
1N/A')')dnl
1N/Adnl one of the next two rules is supposed to match
1N/Adnl this code has been copied from BLACKLIST... etc
1N/Adnl and simplified by omitting some < >.
1N/AR<?> $+ < @ $=w > $: <> $1 < @ $2 > $| <F: $1@$2 > <D: $2 > <U: $1@>
1N/AR<?> $+ < @ $* > $: <> $1 < @ $2 > $| <F: $1@$2 > <D: $2 >
1N/Adnl R<?> $@ something_is_very_wrong_here
1N/A# lookup the addresses only with Spam tag
1N/AR<> $* $| <$+> $: <@> $1 $| $>SearchList <! Spam> $| <$2> <>
1N/AR<@> $* $| $* $: $2 $1 reverse result
1N/Adnl', `dnl')
1N/Aifdef(`_SPAM_FRIEND_',
1N/A`# is the recipient a spam friend?
1N/Aifdef(`_SPAM_HATER_',
1N/A `errprint(`*** ERROR: define either Hater or Friend -- not both.
1N/A')', `dnl')
1N/AR<FRIEND> $+ $@ $>"Delay_TLS_Clt2" SPAMFRIEND
1N/AR<$*> $+ $: $2',
1N/A`dnl')
1N/Aifdef(`_SPAM_HATER_',
1N/A`# is the recipient no spam hater?
1N/AR<HATER> $+ $: $1 spam hater: continue checks
1N/AR<$*> $+ $@ $>"Delay_TLS_Clt2" NOSPAMHATER everyone else: stop
1N/Adnl',`dnl')
1N/A
1N/Adnl run further checks: check_mail
1N/Adnl should we "clean up" $&f?
1N/Aifdef(`_FFR_MAIL_MACRO',
1N/A`R$* $: $1 $| $>checkmail $&{mail_from}',
1N/A`R$* $: $1 $| $>checkmail <$&f>')
1N/Adnl recipient (canonical format) $| result of checkmail
1N/AR$* $| $#$* $#$2
1N/Adnl run further checks: check_relay
1N/AR$* $| $* $: $1 $| $>checkrelay $&{client_name} $| $&{client_addr}
1N/AR$* $| $#$* $#$2
1N/AR$* $| $* $: $1
1N/A', `dnl')
1N/A
1N/Aifdef(`_BLOCK_BAD_HELO_', `dnl
1N/AR$* $: $1 $| <$&{auth_authen}> Get auth info
1N/Adnl Bypass the test for users who have authenticated.
1N/AR$* $| <$+> $: $1 skip if auth
1N/AR$* $| <$*> $: $1 $| <$&{client_addr}> [$&s] Get connection info
1N/Adnl Bypass for local clients -- IP address starts with $=R
1N/AR$* $| <$=R $*> [$*] $: $1 skip if local client
1N/Adnl Bypass a "sendmail -bs" session, which use 0 for client ip address
1N/AR$* $| <0> [$*] $: $1 skip if sendmail -bs
1N/Adnl Reject our IP - assumes "[ip]" is in class $=w
1N/AR$* $| <$*> $=w $#error $@ 5.7.1 $:"550 bogus HELO name used: " $&s
1N/Adnl Reject our hostname
1N/AR$* $| <$*> [$=w] $#error $@ 5.7.1 $:"550 bogus HELO name used: " $&s
1N/Adnl Pass anything else with a "." in the domain parameter
1N/AR$* $| <$*> [$+.$+] $: $1 qualified domain ok
1N/Adnl Reject if there was no "." or only an initial or final "."
1N/AR$* $| <$*> [$*] $#error $@ 5.7.1 $:"550 bogus HELO name used: " $&s
1N/Adnl Clean up the workspace
1N/AR$* $| $* $: $1
1N/A', `dnl')
1N/A
1N/Aifdef(`_ACCESS_TABLE_', `dnl', `divert(-1)')
1N/A######################################################################
1N/A### F: LookUpFull -- search for an entry in access database
1N/A###
1N/A### lookup of full key (which should be an address) and
1N/A### variations if +detail exists: +* and without +detail
1N/A###
1N/A### Parameters:
1N/A### <$1> -- key
1N/A### <$2> -- default (what to return if not found in db)
1N/Adnl must not be empty
1N/A### <$3> -- mark (must be <(!|+) single-token>)
1N/A### ! does lookup only with tag
1N/A### + does lookup with and without tag
1N/A### <$4> -- passthru (additional data passed unchanged through)
1N/Adnl returns: <default> <passthru>
1N/Adnl <result> <passthru>
1N/A######################################################################
1N/A
1N/ASF
1N/Adnl workspace: <key> <def> <o tag> <thru>
1N/Adnl full lookup
1N/Adnl 2 3 4 5
1N/AR<$+> <$*> <$- $-> <$*> $: <$(access $4`'_TAG_DELIM_`'$1 $: ? $)> <$1> <$2> <$3 $4> <$5>
1N/Adnl no match, try without tag
1N/Adnl 1 2 3 4
1N/AR<?> <$+> <$*> <+ $-> <$*> $: <$(access $1 $: ? $)> <$1> <$2> <+ $3> <$4>
1N/Adnl no match, +detail: try +*
1N/Adnl 1 2 3 4 5 6 7
1N/AR<?> <$+ + $* @ $+> <$*> <$- $-> <$*>
1N/A $: <$(access $6`'_TAG_DELIM_`'$1+*@$3 $: ? $)> <$1+$2@$3> <$4> <$5 $6> <$7>
1N/Adnl no match, +detail: try +* without tag
1N/Adnl 1 2 3 4 5 6
1N/AR<?> <$+ + $* @ $+> <$*> <+ $-> <$*>
1N/A $: <$(access $1+*@$3 $: ? $)> <$1+$2@$3> <$4> <+ $5> <$6>
1N/Adnl no match, +detail: try without +detail
1N/Adnl 1 2 3 4 5 6 7
1N/AR<?> <$+ + $* @ $+> <$*> <$- $-> <$*>
1N/A $: <$(access $6`'_TAG_DELIM_`'$1@$3 $: ? $)> <$1+$2@$3> <$4> <$5 $6> <$7>
1N/Adnl no match, +detail: try without +detail and without tag
1N/Adnl 1 2 3 4 5 6
1N/AR<?> <$+ + $* @ $+> <$*> <+ $-> <$*>
1N/A $: <$(access $1@$3 $: ? $)> <$1+$2@$3> <$4> <+ $5> <$6>
1N/Adnl no match, return <default> <passthru>
1N/Adnl 1 2 3 4 5
1N/AR<?> <$+> <$*> <$- $-> <$*> $@ <$2> <$5>
1N/Aifdef(`_ATMPF_', `dnl tempfail?
1N/Adnl 2 3 4 5
1N/AR<$+ _ATMPF_> <$*> <$- $-> <$*> $@ <_ATMPF_> <$5>', `dnl')
1N/Adnl match, return <match> <passthru>
1N/Adnl 2 3 4 5
1N/AR<$+> <$*> <$- $-> <$*> $@ <$1> <$5>
1N/A
1N/A######################################################################
1N/A### E: LookUpExact -- search for an entry in access database
1N/A###
1N/A### Parameters:
1N/A### <$1> -- key
1N/A### <$2> -- default (what to return if not found in db)
1N/Adnl must not be empty
1N/A### <$3> -- mark (must be <(!|+) single-token>)
1N/A### ! does lookup only with tag
1N/A### + does lookup with and without tag
1N/A### <$4> -- passthru (additional data passed unchanged through)
1N/Adnl returns: <default> <passthru>
1N/Adnl <result> <passthru>
1N/A######################################################################
1N/A
1N/ASE
1N/Adnl 2 3 4 5
1N/AR<$*> <$*> <$- $-> <$*> $: <$(access $4`'_TAG_DELIM_`'$1 $: ? $)> <$1> <$2> <$3 $4> <$5>
1N/Adnl no match, try without tag
1N/Adnl 1 2 3 4
1N/AR<?> <$+> <$*> <+ $-> <$*> $: <$(access $1 $: ? $)> <$1> <$2> <+ $3> <$4>
1N/Adnl no match, return default passthru
1N/Adnl 1 2 3 4 5
1N/AR<?> <$+> <$*> <$- $-> <$*> $@ <$2> <$5>
1N/Aifdef(`_ATMPF_', `dnl tempfail?
1N/Adnl 2 3 4 5
1N/AR<$+ _ATMPF_> <$*> <$- $-> <$*> $@ <_ATMPF_> <$5>', `dnl')
1N/Adnl match, return <match> <passthru>
1N/Adnl 2 3 4 5
1N/AR<$+> <$*> <$- $-> <$*> $@ <$1> <$5>
1N/A
1N/A######################################################################
1N/A### U: LookUpUser -- search for an entry in access database
1N/A###
1N/A### lookup of key (which should be a local part) and
1N/A### variations if +detail exists: +* and without +detail
1N/A###
1N/A### Parameters:
1N/A### <$1> -- key (user@)
1N/A### <$2> -- default (what to return if not found in db)
1N/Adnl must not be empty
1N/A### <$3> -- mark (must be <(!|+) single-token>)
1N/A### ! does lookup only with tag
1N/A### + does lookup with and without tag
1N/A### <$4> -- passthru (additional data passed unchanged through)
1N/Adnl returns: <default> <passthru>
1N/Adnl <result> <passthru>
1N/A######################################################################
1N/A
1N/ASU
1N/Adnl user lookups are always with trailing @
1N/Adnl 2 3 4 5
1N/AR<$+> <$*> <$- $-> <$*> $: <$(access $4`'_TAG_DELIM_`'$1 $: ? $)> <$1> <$2> <$3 $4> <$5>
1N/Adnl no match, try without tag
1N/Adnl 1 2 3 4
1N/AR<?> <$+> <$*> <+ $-> <$*> $: <$(access $1 $: ? $)> <$1> <$2> <+ $3> <$4>
1N/Adnl do not remove the @ from the lookup:
1N/Adnl it is part of the +detail@ which is omitted for the lookup
1N/Adnl no match, +detail: try +*
1N/Adnl 1 2 3 4 5 6
1N/AR<?> <$+ + $* @> <$*> <$- $-> <$*>
1N/A $: <$(access $5`'_TAG_DELIM_`'$1+*@ $: ? $)> <$1+$2@> <$3> <$4 $5> <$6>
1N/Adnl no match, +detail: try +* without tag
1N/Adnl 1 2 3 4 5
1N/AR<?> <$+ + $* @> <$*> <+ $-> <$*>
1N/A $: <$(access $1+*@ $: ? $)> <$1+$2@> <$3> <+ $4> <$5>
1N/Adnl no match, +detail: try without +detail
1N/Adnl 1 2 3 4 5 6
1N/AR<?> <$+ + $* @> <$*> <$- $-> <$*>
1N/A $: <$(access $5`'_TAG_DELIM_`'$1@ $: ? $)> <$1+$2@> <$3> <$4 $5> <$6>
1N/Adnl no match, +detail: try without +detail and without tag
1N/Adnl 1 2 3 4 5
1N/AR<?> <$+ + $* @> <$*> <+ $-> <$*>
1N/A $: <$(access $1@ $: ? $)> <$1+$2@> <$3> <+ $4> <$5>
1N/Adnl no match, return <default> <passthru>
1N/Adnl 1 2 3 4 5
1N/AR<?> <$+> <$*> <$- $-> <$*> $@ <$2> <$5>
1N/Aifdef(`_ATMPF_', `dnl tempfail?
1N/Adnl 2 3 4 5
1N/AR<$+ _ATMPF_> <$*> <$- $-> <$*> $@ <_ATMPF_> <$5>', `dnl')
1N/Adnl match, return <match> <passthru>
1N/Adnl 2 3 4 5
1N/AR<$+> <$*> <$- $-> <$*> $@ <$1> <$5>
1N/A
1N/A######################################################################
1N/A### SearchList: search a list of items in the access map
1N/A### Parameters:
1N/A### <exact tag> $| <mark:address> <mark:address> ... <>
1N/Adnl maybe we should have a @ (again) in front of the mark to
1N/Adnl avoid errorneous matches (with error messages?)
1N/Adnl if we can make sure that tag is always a single token
1N/Adnl then we can omit the delimiter $|, otherwise we need it
1N/Adnl to avoid errorneous matchs (first rule: D: if there
1N/Adnl is that mark somewhere in the list, it will be taken).
1N/Adnl moreover, we can do some tricks to enforce lookup with
1N/Adnl the tag only, e.g.:
1N/A### where "exact" is either "+" or "!":
1N/A### <+ TAG> lookup with and w/o tag
1N/A### <! TAG> lookup with tag
1N/Adnl Warning: + and ! should be in OperatorChars (otherwise there must be
1N/Adnl a blank between them and the tag.
1N/A### possible values for "mark" are:
1N/A### D: recursive host lookup (LookUpDomain)
1N/Adnl A: recursive address lookup (LookUpAddress) [not yet required]
1N/A### E: exact lookup, no modifications
1N/A### F: full lookup, try user+ext@domain and user@domain
1N/A### U: user lookup, try user+ext and user (input must have trailing @)
1N/A### return: <RHS of lookup> or <?> (not found)
1N/A######################################################################
1N/A
1N/A# class with valid marks for SearchList
1N/Adnl if A is activated: add it
1N/AC{Src}E F D U ifdef(`_FFR_SRCHLIST_A', `A')
1N/ASSearchList
1N/A# just call the ruleset with the name of the tag... nice trick...
1N/Adnl 2 3 4
1N/AR<$+> $| <$={Src}:$*> <$*> $: <$1> $| <$4> $| $>$2 <$3> <?> <$1> <>
1N/Adnl workspace: <o tag> $| <rest> $| <result of lookup> <>
1N/Adnl no match and nothing left: return
1N/AR<$+> $| <> $| <?> <> $@ <?>
1N/Adnl no match but something left: continue
1N/AR<$+> $| <$+> $| <?> <> $@ $>SearchList <$1> $| <$2>
1N/Adnl match: return
1N/AR<$+> $| <$*> $| <$+> <> $@ <$3>
1N/Adnl return result from recursive invocation
1N/AR<$+> $| <$+> $@ <$2>
1N/Adnl endif _ACCESS_TABLE_
1N/Adivert(0)
1N/A
1N/A######################################################################
1N/A### trust_auth: is user trusted to authenticate as someone else?
1N/A###
1N/A### Parameters:
1N/A### $1: AUTH= parameter from MAIL command
1N/A######################################################################
1N/A
1N/Adnl empty ruleset definition so it can be called
1N/ASLocal_trust_auth
1N/AStrust_auth
1N/AR$* $: $&{auth_type} $| $1
1N/A# required by RFC 2554 section 4.
1N/AR$@ $| $* $#error $@ 5.7.1 $: "550 not authenticated"
1N/Adnl seems to be useful...
1N/AR$* $| $&{auth_authen} $@ identical
1N/AR$* $| <$&{auth_authen}> $@ identical
1N/Adnl call user supplied code
1N/AR$* $| $* $: $1 $| $>"Local_trust_auth" $2
1N/AR$* $| $#$* $#$2
1N/Adnl default: error
1N/AR$* $#error $@ 5.7.1 $: "550 " $&{auth_authen} " not allowed to act as " $&{auth_author}
1N/A
1N/A######################################################################
1N/A### Relay_Auth: allow relaying based on authentication?
1N/A###
1N/A### Parameters:
1N/A### $1: ${auth_type}
1N/A######################################################################
1N/ASLocal_Relay_Auth
1N/A
1N/A######################################################################
1N/A### srv_features: which features to offer to a client?
1N/A### (done in server)
1N/A######################################################################
1N/ASsrv_features
1N/Aifdef(`_LOCAL_SRV_FEATURES_', `dnl
1N/AR$* $: $1 $| $>"Local_srv_features" $1
1N/AR$* $| $#$* $#$2
1N/AR$* $| $* $: $1', `dnl')
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/AR$* $: $>D <$&{client_name}> <?> <! SRV_FEAT_TAG> <>
1N/AR<?>$* $: $>A <$&{client_addr}> <?> <! SRV_FEAT_TAG> <>
1N/AR<?>$* $: <$(access SRV_FEAT_TAG`'_TAG_DELIM_ $: ? $)>
1N/AR<?>$* $@ OK
1N/Aifdef(`_ATMPF_', `dnl tempfail?
1N/AR<$* _ATMPF_>$* $#temp', `dnl')
1N/AR<$+>$* $# $1')
1N/A
1N/A######################################################################
1N/A### try_tls: try to use STARTTLS?
1N/A### (done in client)
1N/A######################################################################
1N/AStry_tls
1N/Aifdef(`_LOCAL_TRY_TLS_', `dnl
1N/AR$* $: $1 $| $>"Local_try_tls" $1
1N/AR$* $| $#$* $#$2
1N/AR$* $| $* $: $1', `dnl')
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/AR$* $: $>D <$&{server_name}> <?> <! TLS_TRY_TAG> <>
1N/AR<?>$* $: $>A <$&{server_addr}> <?> <! TLS_TRY_TAG> <>
1N/AR<?>$* $: <$(access TLS_TRY_TAG`'_TAG_DELIM_ $: ? $)>
1N/AR<?>$* $@ OK
1N/Aifdef(`_ATMPF_', `dnl tempfail?
1N/AR<$* _ATMPF_>$* $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
1N/AR<NO>$* $#error $@ 5.7.1 $: "550 do not try TLS with " $&{server_name} " ["$&{server_addr}"]"')
1N/A
1N/A######################################################################
1N/A### tls_rcpt: is connection with server "good" enough?
1N/A### (done in client, per recipient)
1N/Adnl called from deliver() before RCPT command
1N/A###
1N/A### Parameters:
1N/A### $1: recipient
1N/A######################################################################
1N/AStls_rcpt
1N/Aifdef(`_LOCAL_TLS_RCPT_', `dnl
1N/AR$* $: $1 $| $>"Local_tls_rcpt" $1
1N/AR$* $| $#$* $#$2
1N/AR$* $| $* $: $1', `dnl')
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/Adnl store name of other side
1N/AR$* $: $(macro {TLS_Name} $@ $&{server_name} $) $1
1N/Adnl canonify recipient address
1N/AR$+ $: <?> $>CanonAddr $1
1N/Adnl strip trailing dots
1N/AR<?> $+ < @ $+ . > <?> $1 <@ $2 >
1N/Adnl full address?
1N/AR<?> $+ < @ $+ > $: $1 <@ $2 > $| <F:$1@$2> <U:$1@> <D:$2> <E:>
1N/Adnl only localpart?
1N/AR<?> $+ $: $1 $| <U:$1@> <E:>
1N/Adnl look it up
1N/Adnl also look up a default value via E:
1N/AR$* $| $+ $: $1 $| $>SearchList <! TLS_RCPT_TAG> $| $2 <>
1N/Adnl found nothing: stop here
1N/AR$* $| <?> $@ OK
1N/Aifdef(`_ATMPF_', `dnl tempfail?
1N/AR$* $| <$* _ATMPF_> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
1N/Adnl use the generic routine (for now)
1N/AR$* $| <$+> $@ $>"TLS_connection" $&{verify} $| <$2>')
1N/A
1N/A######################################################################
1N/A### tls_client: is connection with client "good" enough?
1N/A### (done in server)
1N/A###
1N/A### Parameters:
1N/A### ${verify} $| (MAIL|STARTTLS)
1N/A######################################################################
1N/Adnl MAIL: called from check_mail
1N/Adnl STARTTLS: called from smtp() after STARTTLS has been accepted
1N/AStls_client
1N/Aifdef(`_LOCAL_TLS_CLIENT_', `dnl
1N/AR$* $: $1 <?> $>"Local_tls_client" $1
1N/AR$* <?> $#$* $#$2
1N/AR$* <?> $* $: $1', `dnl')
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/Adnl store name of other side
1N/AR$* $: $(macro {TLS_Name} $@ $&{client_name} $) $1
1N/Adnl ignore second arg for now
1N/Adnl maybe use it to distinguish permanent/temporary error?
1N/Adnl if MAIL: permanent (STARTTLS has not been offered)
1N/Adnl if STARTTLS: temporary (offered but maybe failed)
1N/AR$* $| $* $: $1 $| $>D <$&{client_name}> <?> <! TLS_CLT_TAG> <>
1N/AR$* $| <?>$* $: $1 $| $>A <$&{client_addr}> <?> <! TLS_CLT_TAG> <>
1N/Adnl do a default lookup: just TLS_CLT_TAG
1N/AR$* $| <?>$* $: $1 $| <$(access TLS_CLT_TAG`'_TAG_DELIM_ $: ? $)>
1N/Aifdef(`_ATMPF_', `dnl tempfail?
1N/AR$* $| <$* _ATMPF_> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
1N/AR$* $@ $>"TLS_connection" $1', `dnl
1N/AR$* $| $* $@ $>"TLS_connection" $1')
1N/A
1N/A######################################################################
1N/A### tls_server: is connection with server "good" enough?
1N/A### (done in client)
1N/A###
1N/A### Parameter:
1N/A### ${verify}
1N/A######################################################################
1N/Adnl i.e. has the server been authenticated and is encryption active?
1N/Adnl called from deliver() after STARTTLS command
1N/AStls_server
1N/Aifdef(`_LOCAL_TLS_SERVER_', `dnl
1N/AR$* $: $1 $| $>"Local_tls_server" $1
1N/AR$* $| $#$* $#$2
1N/AR$* $| $* $: $1', `dnl')
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/Adnl store name of other side
1N/AR$* $: $(macro {TLS_Name} $@ $&{server_name} $) $1
1N/AR$* $: $1 $| $>D <$&{server_name}> <?> <! TLS_SRV_TAG> <>
1N/AR$* $| <?>$* $: $1 $| $>A <$&{server_addr}> <?> <! TLS_SRV_TAG> <>
1N/Adnl do a default lookup: just TLS_SRV_TAG
1N/AR$* $| <?>$* $: $1 $| <$(access TLS_SRV_TAG`'_TAG_DELIM_ $: ? $)>
1N/Aifdef(`_ATMPF_', `dnl tempfail?
1N/AR$* $| <$* _ATMPF_> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
1N/AR$* $@ $>"TLS_connection" $1', `dnl
1N/AR$* $@ $>"TLS_connection" $1')
1N/A
1N/A######################################################################
1N/A### TLS_connection: is TLS connection "good" enough?
1N/A###
1N/A### Parameters:
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/A### ${verify} $| <Requirement> [<>]', `dnl
1N/A### ${verify}')
1N/A### Requirement: RHS from access map, may be ? for none.
1N/Adnl syntax for Requirement:
1N/Adnl [(PERM|TEMP)+] (VERIFY[:bits]|ENCR:bits) [+extensions]
1N/Adnl extensions: could be a list of further requirements
1N/Adnl for now: CN:string {cn_subject} == string
1N/A######################################################################
1N/ASTLS_connection
1N/Aifdef(`_ACCESS_TABLE_', `dnl', `dnl use default error
1N/Adnl deal with TLS handshake failures: abort
1N/ARSOFTWARE $#error $@ ifdef(`TLS_PERM_ERR', `5.7.0', `4.7.0') $: "ifdef(`TLS_PERM_ERR', `503', `403') TLS handshake."
1N/Adivert(-1)')
1N/Adnl common ruleset for tls_{client|server}
1N/Adnl input: ${verify} $| <ResultOfLookup> [<>]
1N/Adnl remove optional <>
1N/AR$* $| <$*>$* $: $1 $| <$2>
1N/Adnl workspace: ${verify} $| <ResultOfLookup>
1N/A# create the appropriate error codes
1N/Adnl permanent or temporary error?
1N/AR$* $| <PERM + $={Tls} $*> $: $1 $| <503:5.7.0> <$2 $3>
1N/AR$* $| <TEMP + $={Tls} $*> $: $1 $| <403:4.7.0> <$2 $3>
1N/Adnl default case depends on TLS_PERM_ERR
1N/AR$* $| <$={Tls} $*> $: $1 $| <ifdef(`TLS_PERM_ERR', `503:5.7.0', `403:4.7.0')> <$2 $3>
1N/Adnl workspace: ${verify} $| [<SMTP:ESC>] <ResultOfLookup>
1N/A# deal with TLS handshake failures: abort
1N/ARSOFTWARE $| <$-:$+> $* $#error $@ $2 $: $1 " TLS handshake failed."
1N/Adnl no <reply:dns> i.e. not requirements in the access map
1N/Adnl use default error
1N/ARSOFTWARE $| $* $#error $@ ifdef(`TLS_PERM_ERR', `5.7.0', `4.7.0') $: "ifdef(`TLS_PERM_ERR', `503', `403') TLS handshake failed."
1N/A# deal with TLS protocol errors: abort
1N/ARPROTOCOL $| <$-:$+> $* $#error $@ $2 $: $1 " STARTTLS failed."
1N/Adnl no <reply:dns> i.e. not requirements in the access map
1N/Adnl use default error
1N/ARPROTOCOL $| $* $#error $@ ifdef(`TLS_PERM_ERR', `5.7.0', `4.7.0') $: "ifdef(`TLS_PERM_ERR', `503', `403') STARTTLS failed."
1N/AR$* $| <$*> <VERIFY> $: <$2> <VERIFY> <> $1
1N/Adnl separate optional requirements
1N/AR$* $| <$*> <VERIFY + $+> $: <$2> <VERIFY> <$3> $1
1N/AR$* $| <$*> <$={Tls}:$->$* $: <$2> <$3:$4> <> $1
1N/Adnl separate optional requirements
1N/AR$* $| <$*> <$={Tls}:$- + $+>$* $: <$2> <$3:$4> <$5> $1
1N/Adnl some other value in access map: accept
1N/Adnl this also allows to override the default case (if used)
1N/AR$* $| $* $@ OK
1N/A# authentication required: give appropriate error
1N/A# other side did authenticate (via STARTTLS)
1N/Adnl workspace: <SMTP:ESC> <{VERIFY,ENCR}[:BITS]> <[extensions]> ${verify}
1N/Adnl only verification required and it succeeded
1N/AR<$*><VERIFY> <> OK $@ OK
1N/Adnl verification required and it succeeded but extensions are given
1N/Adnl change it to <SMTP:ESC> <REQ:0> <extensions>
1N/AR<$*><VERIFY> <$+> OK $: <$1> <REQ:0> <$2>
1N/Adnl verification required + some level of encryption
1N/AR<$*><VERIFY:$-> <$*> OK $: <$1> <REQ:$2> <$3>
1N/Adnl just some level of encryption required
1N/AR<$*><ENCR:$-> <$*> $* $: <$1> <REQ:$2> <$3>
1N/Adnl workspace:
1N/Adnl 1. <SMTP:ESC> <VERIFY [:bits]> <[extensions]> {verify} (!= OK)
1N/Adnl 2. <SMTP:ESC> <REQ:bits> <[extensions]>
1N/Adnl verification required but ${verify} is not set (case 1.)
1N/AR<$-:$+><VERIFY $*> <$*> $#error $@ $2 $: $1 " authentication required"
1N/AR<$-:$+><VERIFY $*> <$*> FAIL $#error $@ $2 $: $1 " authentication failed"
1N/AR<$-:$+><VERIFY $*> <$*> NO $#error $@ $2 $: $1 " not authenticated"
1N/AR<$-:$+><VERIFY $*> <$*> NOT $#error $@ $2 $: $1 " no authentication requested"
1N/AR<$-:$+><VERIFY $*> <$*> NONE $#error $@ $2 $: $1 " other side does not support STARTTLS"
1N/Adnl some other value for ${verify}
1N/AR<$-:$+><VERIFY $*> <$*> $+ $#error $@ $2 $: $1 " authentication failure " $4
1N/Adnl some level of encryption required: get the maximum level (case 2.)
1N/AR<$*><REQ:$-> <$*> $: <$1> <REQ:$2> <$3> $>max $&{cipher_bits} : $&{auth_ssf}
1N/Adnl compare required bits with actual bits
1N/AR<$*><REQ:$-> <$*> $- $: <$1> <$2:$4> <$3> $(arith l $@ $4 $@ $2 $)
1N/AR<$-:$+><$-:$-> <$*> TRUE $#error $@ $2 $: $1 " encryption too weak " $4 " less than " $3
1N/Adnl strength requirements fulfilled
1N/Adnl TLS Additional Requirements Separator
1N/Adnl this should be something which does not appear in the extensions itself
1N/Adnl @ could be part of a CN, DN, etc...
1N/Adnl use < > ? those are encoded in CN, DN, ...
1N/Adefine(`_TLS_ARS_', `++')dnl
1N/Adnl workspace:
1N/Adnl <SMTP:ESC> <REQ:bits> <extensions> result-of-compare
1N/AR<$-:$+><$-:$-> <$*> $* $: <$1:$2 _TLS_ARS_ $5>
1N/Adnl workspace: <SMTP:ESC _TLS_ARS_ extensions>
1N/Adnl continue: check extensions
1N/AR<$-:$+ _TLS_ARS_ > $@ OK
1N/Adnl split extensions into own list
1N/AR<$-:$+ _TLS_ARS_ $+ > $: <$1:$2> <$3>
1N/AR<$-:$+> < $+ _TLS_ARS_ $+ > <$1:$2> <$3> <$4>
1N/AR<$-:$+> $+ $@ $>"TLS_req" $3 $| <$1:$2>
1N/A
1N/A######################################################################
1N/A### TLS_req: check additional TLS requirements
1N/A###
1N/A### Parameters: [<list> <of> <req>] $| <$-:$+>
1N/A### $-: SMTP reply code
1N/A### $+: Enhanced Status Code
1N/Adnl further requirements for this ruleset:
1N/Adnl name of "other side" is stored is {TLS_name} (client/server_name)
1N/Adnl
1N/Adnl currently only CN[:common_name] is implemented
1N/Adnl right now this is only a logical AND
1N/Adnl i.e. all requirements must be true
1N/Adnl how about an OR? CN must be X or CN must be Y or ..
1N/Adnl use a macro to compute this as a trivial sequential
1N/Adnl operations (no precedences etc)?
1N/A######################################################################
1N/ASTLS_req
1N/Adnl no additional requirements: ok
1N/AR $| $+ $@ OK
1N/Adnl require CN: but no CN specified: use name of other side
1N/AR<CN> $* $| <$+> $: <CN:$&{TLS_Name}> $1 $| <$2>
1N/Adnl match, check rest
1N/AR<CN:$&{cn_subject}> $* $| <$+> $@ $>"TLS_req" $1 $| <$2>
1N/Adnl CN does not match
1N/Adnl 1 2 3 4
1N/AR<CN:$+> $* $| <$-:$+> $#error $@ $4 $: $3 " CN " $&{cn_subject} " does not match " $1
1N/Adnl cert subject
1N/AR<CS:$&{cert_subject}> $* $| <$+> $@ $>"TLS_req" $1 $| <$2>
1N/Adnl CS does not match
1N/Adnl 1 2 3 4
1N/AR<CS:$+> $* $| <$-:$+> $#error $@ $4 $: $3 " Cert Subject " $&{cert_subject} " does not match " $1
1N/Adnl match, check rest
1N/AR<CI:$&{cert_issuer}> $* $| <$+> $@ $>"TLS_req" $1 $| <$2>
1N/Adnl CI does not match
1N/Adnl 1 2 3 4
1N/AR<CI:$+> $* $| <$-:$+> $#error $@ $4 $: $3 " Cert Issuer " $&{cert_issuer} " does not match " $1
1N/Adnl return from recursive call
1N/AROK $@ OK
1N/A
1N/A######################################################################
1N/A### max: return the maximum of two values separated by :
1N/A###
1N/A### Parameters: [$-]:[$-]
1N/A######################################################################
1N/ASmax
1N/AR: $: 0
1N/AR:$- $: $1
1N/AR$-: $: $1
1N/AR$-:$- $: $(arith l $@ $1 $@ $2 $) : $1 : $2
1N/ARTRUE:$-:$- $: $2
1N/AR$-:$-:$- $: $2
1N/Adnl endif _ACCESS_TABLE_
1N/Adivert(0)
1N/A
1N/A######################################################################
1N/A### RelayTLS: allow relaying based on TLS authentication
1N/A###
1N/A### Parameters:
1N/A### none
1N/A######################################################################
1N/ASRelayTLS
1N/A# authenticated?
1N/Adnl we do not allow relaying for anyone who can present a cert
1N/Adnl signed by a "trusted" CA. For example, even if we put verisigns
1N/Adnl CA in CertPath so we can authenticate users, we do not allow
1N/Adnl them to abuse our server (they might be easier to get hold of,
1N/Adnl but anyway).
1N/Adnl so here is the trick: if the verification succeeded
1N/Adnl we look up the cert issuer in the access map
1N/Adnl (maybe after extracting a part with a regular expression)
1N/Adnl if this returns RELAY we relay without further questions
1N/Adnl if it returns SUBJECT we perform a similar check on the
1N/Adnl cert subject.
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/AR$* $: <?> $&{verify}
1N/AR<?> OK $: OK authenticated: continue
1N/AR<?> $* $@ NO not authenticated
1N/Aifdef(`_CERT_REGEX_ISSUER_', `dnl
1N/AR$* $: $(CERTIssuer $&{cert_issuer} $)',
1N/A`R$* $: $&{cert_issuer}')
1N/AR$+ $: $(access CERTISSUER`'_TAG_DELIM_`'$1 $)
1N/Adnl use $# to stop further checks (delay_check)
1N/ARRELAY $# RELAY
1N/Aifdef(`_CERT_REGEX_SUBJECT_', `dnl
1N/ARSUBJECT $: <@> $(CERTSubject $&{cert_subject} $)',
1N/A`RSUBJECT $: <@> $&{cert_subject}')
1N/AR<@> $+ $: <@> $(access CERTSUBJECT`'_TAG_DELIM_`'$1 $)
1N/AR<@> RELAY $# RELAY
1N/AR$* $: NO', `dnl')
1N/A
1N/A######################################################################
1N/A### authinfo: lookup authinfo in the access map
1N/A###
1N/A### Parameters:
1N/A### $1: {server_name}
1N/A### $2: {server_addr}
1N/Adnl both are currently ignored
1N/Adnl if it should be done via another map, we either need to restrict
1N/Adnl functionality (it calls D and A) or copy those rulesets (or add another
1N/Adnl parameter which I want to avoid, it's quite complex already)
1N/A######################################################################
1N/Adnl omit this ruleset if neither is defined?
1N/Adnl it causes DefaultAuthInfo to be ignored
1N/Adnl (which may be considered a good thing).
1N/ASauthinfo
1N/Aifdef(`_AUTHINFO_TABLE_', `dnl
1N/AR$* $: <$(authinfo AuthInfo:$&{server_name} $: ? $)>
1N/AR<?> $: <$(authinfo AuthInfo:$&{server_addr} $: ? $)>
1N/AR<?> $: <$(authinfo AuthInfo: $: ? $)>
1N/AR<?> $@ no no authinfo available
1N/AR<$*> $# $1
1N/Adnl', `dnl
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/AR$* $: $1 $| $>D <$&{server_name}> <?> <! AuthInfo> <>
1N/AR$* $| <?>$* $: $1 $| $>A <$&{server_addr}> <?> <! AuthInfo> <>
1N/AR$* $| <?>$* $: $1 $| <$(access AuthInfo`'_TAG_DELIM_ $: ? $)> <>
1N/AR$* $| <?>$* $@ no no authinfo available
1N/AR$* $| <$*> <> $# $2
1N/Adnl', `dnl')')
1N/A
1N/Aifdef(`_RATE_CONTROL_',`dnl
1N/A######################################################################
1N/A### RateControl:
1N/A### Parameters: ignored
1N/A### return: $#error or OK
1N/A######################################################################
1N/ASRateControl
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/AR$* $: <A:$&{client_addr}> <E:>
1N/Adnl also look up a default value via E:
1N/AR$+ $: $>SearchList <! ClientRate> $| $1 <>
1N/Adnl found nothing: stop here
1N/AR<?> $@ OK
1N/Aifdef(`_ATMPF_', `dnl tempfail?
1N/AR<$* _ATMPF_> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
1N/Adnl use the generic routine (for now)
1N/AR<0> $@ OK no limit
1N/AR<$+> $: <$1> $| $(arith l $@ $1 $@ $&{client_rate} $)
1N/Adnl log this? Connection rate $&{client_rate} exceeds limit $1.
1N/AR<$+> $| TRUE $#error $@ 4.3.2 $: _RATE_CONTROL_REPLY Connection rate limit exceeded.
1N/A')')
1N/A
1N/Aifdef(`_CONN_CONTROL_',`dnl
1N/A######################################################################
1N/A### ConnControl:
1N/A### Parameters: ignored
1N/A### return: $#error or OK
1N/A######################################################################
1N/ASConnControl
1N/Aifdef(`_ACCESS_TABLE_', `dnl
1N/AR$* $: <A:$&{client_addr}> <E:>
1N/Adnl also look up a default value via E:
1N/AR$+ $: $>SearchList <! ClientConn> $| $1 <>
1N/Adnl found nothing: stop here
1N/AR<?> $@ OK
1N/Aifdef(`_ATMPF_', `dnl tempfail?
1N/AR<$* _ATMPF_> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
1N/Adnl use the generic routine (for now)
1N/AR<0> $@ OK no limit
1N/AR<$+> $: <$1> $| $(arith l $@ $1 $@ $&{client_connections} $)
1N/Adnl log this: Open connections $&{client_connections} exceeds limit $1.
1N/AR<$+> $| TRUE $#error $@ 4.3.2 $: _CONN_CONTROL_REPLY Too many open connections.
1N/A')')
1N/A
1N/Aundivert(9)dnl LOCAL_RULESETS
1N/A#
1N/A######################################################################
1N/A######################################################################
1N/A#####
1N/A`##### MAIL FILTER DEFINITIONS'
1N/A#####
1N/A######################################################################
1N/A######################################################################
1N/A_MAIL_FILTERS_
1N/A#
1N/A######################################################################
1N/A######################################################################
1N/A#####
1N/A`##### MAILER DEFINITIONS'
1N/A#####
1N/A######################################################################
1N/A######################################################################
1N/Aundivert(7)dnl MAILER_DEFINITIONS
1N/A