src - OpenBSD base system

diff options


context:
space:
mode:

author	Todd C. Miller <millert@cvs.openbsd.org>	2001-01-15 20:52:42 +0000
committer	Todd C. Miller <millert@cvs.openbsd.org>	2001-01-15 20:52:42 +0000
commit	249395028cd5152a22beb827afe020a69b842928 (patch)
tree	37e6c7dc6018ad97126653790ba0e2a5eb98b372 /gnu/usr.sbin/sendmail/cf
parent	22559135ed5223c81e7a49b8726db8ee1927e322 (diff)

sendmail 8.11.2

Diffstat (limited to 'gnu/usr.sbin/sendmail/cf')

-rw-r--r--

gnu/usr.sbin/sendmail/cf/cf/generic-nextstep3.3.cf

1244

-rw-r--r--

gnu/usr.sbin/sendmail/cf/ostype/aix5.m4

-rw-r--r--

gnu/usr.sbin/sendmail/cf/ostype/darwin.m4

-rw-r--r--

gnu/usr.sbin/sendmail/cf/ostype/solaris8.m4

4 files changed, 1304 insertions, 0 deletions

diff --git a/gnu/usr.sbin/sendmail/cf/cf/generic-nextstep3.3.cf b/gnu/usr.sbin/sendmail/cf/cf/generic-nextstep3.3.cf
new file mode 100644
index 00000000000..df6ba61778a
--- /dev/null
+++ b/gnu/usr.sbin/sendmail/cf/cf/generic-nextstep3.3.cf

@@ -0,0 +1,1244 @@

+# By using this file, you agree to the terms and conditions set

+# forth in the LICENSE file which can be found at the top level of

+# the sendmail distribution.

+######################################################################

+#####

+##### SENDMAIL CONFIGURATION FILE

+#####

+##### built by gshapiro@horsey.gshapiro.net on Fri Dec 29 22:31:00 PST 2000

+##### in /usr/local/src/sendmail/devel/8.11/OpenSource/sendmail-8.11.2/cf/cf

+##### using ../ as configuration include directory

+#####

+######################################################################

+##### $Id: generic-nextstep3.3.cf,v 1.1 2001/01/15 20:52:26 millert Exp $ #####

+# level 9 config file format

+V9/Berkeley

+# override file safeties - setting this option compromises system security,

+# addressing the actual file configuration problem is preferred

+# need to set this before any file actions are encountered in the cf file

+#O DontBlameSendmail=safe

+# default LDAP map specification

+# need to set this now before any LDAP maps are defined

+#O LDAPDefaultSpec=-h localhost

+##################

+# local info #

+##################

+Cwlocalhost

+# file containing names of hosts for which we receive email

+Fw/etc/mail/local-host-names

+# my official domain name

+# ... define this only if sendmail cannot automatically determine your domain

+#Dj$w.Foo.COM

+CP.

+# "Smart" relay host (may be null)

+DS

+# operators that cannot be in local usernames (i.e., network indicators)

+CO @ % !

+# a class with just dot (for identifying canonical names)

+C..

+# a class with just a left bracket (for identifying domain literals)

+C[[

+# Resolve map (to check if a host exists in check_mail)

+Kresolve host -a<OK> -T<TEMP>

+# Hosts for which relaying is permitted ($=R)

+FR-o /etc/mail/relay-domains

+# arithmetic map

+Karith arith

+# who I send unqualified names to (null means deliver locally)

+DR

+# who gets all local email traffic ($R has precedence for unqualified names)

+DH

+# dequoting map

+Kdequote dequote

+# class E: names that should be exposed as from this host, even if we masquerade

+# class L: names that should be delivered locally, even if we have a relay

+# class M: domains that should be converted to $M

+# class N: domains that should not be converted to $M

+#CL root

+CEroot

+# who I masquerade as (null for no masquerading) (see also $=M)

+DM

+# my name for error messages

+DnMAILER-DAEMON

+CPREDIRECT

+# Configuration version number

+DZ8.11.2

+###############

+# Options #

+###############

+# strip message body to 7 bits on input?

+O SevenBitInput=False

+# 8-bit data handling

+O EightBitMode=pass8

+# wait for alias file rebuild (default units: minutes)

+O AliasWait=10

+# location of alias file

+O AliasFile=/etc/mail/aliases

+# minimum number of free blocks on filesystem

+O MinFreeBlocks=100

+# maximum message size

+#O MaxMessageSize=1000000

+# substitution for space (blank) characters

+O BlankSub=.

+# avoid connecting to "expensive" mailers on initial submission?

+O HoldExpensive=False

+# checkpoint queue runs after every N successful deliveries

+#O CheckpointInterval=10

+# default delivery mode

+O DeliveryMode=background

+# automatically rebuild the alias database?

+# NOTE: There is a potential for a denial of service attack if this is set.

+# This option is deprecated and will be removed from a future version.

+#O AutoRebuildAliases=False

+# error message header/file

+#O ErrorHeader=/etc/mail/error-header

+# error mode

+#O ErrorMode=print

+# save Unix-style "From_" lines at top of header?

+#O SaveFromLine=False

+# temporary file mode

+O TempFileMode=0600

+# match recipients against GECOS field?

+#O MatchGECOS=False

+# maximum hop count

+#O MaxHopCount=17

+# location of help file

+O HelpFile=/etc/mail/helpfile

+# ignore dots as terminators in incoming messages?

+#O IgnoreDots=False

+# name resolver options

+#O ResolverOptions=+AAONLY

+# deliver MIME-encapsulated error messages?

+O SendMimeErrors=True

+# Forward file search path

+O ForwardPath=$z/.forward.$w+$h:$z/.forward+$h:$z/.forward.$w:$z/.forward

+# open connection cache size

+O ConnectionCacheSize=2

+# open connection cache timeout

+O ConnectionCacheTimeout=5m

+# persistent host status directory

+#O HostStatusDirectory=.hoststat

+# single thread deliveries (requires HostStatusDirectory)?

+#O SingleThreadDelivery=False

+# use Errors-To: header?

+O UseErrorsTo=False

+# log level

+O LogLevel=9

+# send to me too, even in an alias expansion?

+#O MeToo=True

+# verify RHS in newaliases?

+O CheckAliases=False

+# default messages to old style headers if no special punctuation?

+O OldStyleHeaders=True

+# SMTP daemon options

+O DaemonPortOptions=Name=MTA

+O DaemonPortOptions=Port=587, Name=MSA, M=E

+# SMTP client options

+#O ClientPortOptions=Address=0.0.0.0

+# privacy flags

+O PrivacyOptions=authwarnings

+# who (if anyone) should get extra copies of error messages

+#O PostmasterCopy=Postmaster

+# slope of queue-only function

+#O QueueFactor=600000

+# queue directory

+O QueueDirectory=/usr/spool/mqueue

+# timeouts (many of these)

+#O Timeout.initial=5m

+#O Timeout.connect=5m

+#O Timeout.iconnect=5m

+#O Timeout.helo=5m

+#O Timeout.mail=10m

+#O Timeout.rcpt=1h

+#O Timeout.datainit=5m

+#O Timeout.datablock=1h

+#O Timeout.datafinal=1h

+#O Timeout.rset=5m

+#O Timeout.quit=2m

+#O Timeout.misc=2m

+#O Timeout.command=1h

+#O Timeout.ident=5s

+#O Timeout.fileopen=60s

+#O Timeout.control=2m

+O Timeout.queuereturn=5d

+#O Timeout.queuereturn.normal=5d

+#O Timeout.queuereturn.urgent=2d

+#O Timeout.queuereturn.non-urgent=7d

+O Timeout.queuewarn=4h

+#O Timeout.queuewarn.normal=4h

+#O Timeout.queuewarn.urgent=1h

+#O Timeout.queuewarn.non-urgent=12h

+#O Timeout.hoststatus=30m

+#O Timeout.resolver.retrans=5s

+#O Timeout.resolver.retrans.first=5s

+#O Timeout.resolver.retrans.normal=5s

+#O Timeout.resolver.retry=4

+#O Timeout.resolver.retry.first=4

+#O Timeout.resolver.retry.normal=4

+# should we not prune routes in route-addr syntax addresses?

+#O DontPruneRoutes=False

+# queue up everything before forking?

+O SuperSafe=True

+# status file

+O StatusFile=/etc/mail/statistics

+# time zone handling:

+# if undefined, use system default

+# if defined but null, use TZ envariable passed in

+# if defined and non-null, use that info

+#O TimeZoneSpec=

+# default UID (can be username or userid:groupid)

+#O DefaultUser=mailnull

+# list of locations of user database file (null means no lookup)

+#O UserDatabaseSpec=/etc/mail/userdb

+# fallback MX host

+#O FallbackMXhost=fall.back.host.net

+# if we are the best MX host for a site, try it directly instead of config err

+#O TryNullMXList=False

+# load average at which we just queue messages

+#O QueueLA=8

+# load average at which we refuse connections

+#O RefuseLA=12

+# maximum number of children we allow at one time

+#O MaxDaemonChildren=12

+# maximum number of new connections per second

+#O ConnectionRateThrottle=0

+# work recipient factor

+#O RecipientFactor=30000

+# deliver each queued job in a separate process?

+#O ForkEachJob=False

+# work class factor

+#O ClassFactor=1800

+# work time factor

+#O RetryFactor=90000

+# shall we sort the queue by hostname first?

+#O QueueSortOrder=priority

+# minimum time in queue before retry

+#O MinQueueAge=30m

+# default character set

+#O DefaultCharSet=iso-8859-1

+# service switch file (ignored on Solaris, Ultrix, OSF/1, others)

+#O ServiceSwitchFile=/etc/mail/service.switch

+# hosts file (normally /etc/hosts)

+#O HostsFile=/etc/hosts

+# dialup line delay on connection failure

+#O DialDelay=10s

+# action to take if there are no recipients in the message

+#O NoRecipientAction=add-to-undisclosed

+# chrooted environment for writing to files

+#O SafeFileEnvironment=/arch

+# are colons OK in addresses?

+#O ColonOkInAddr=True

+# how many jobs can you process in the queue?

+#O MaxQueueRunSize=10000

+# shall I avoid expanding CNAMEs (violates protocols)?

+#O DontExpandCnames=False

+# SMTP initial login message (old $e macro)

+O SmtpGreetingMessage=$j Sendmail $v/$Z; $b

+# UNIX initial From header format (old $l macro)

+O UnixFromLine=From $g $d

+# From: lines that have embedded newlines are unwrapped onto one line

+#O SingleLineFromHeader=False

+# Allow HELO SMTP command that does not include a host name

+#O AllowBogusHELO=False

+# Characters to be quoted in a full name phrase (@,;:\()[] are automatic)

+#O MustQuoteChars=.

+# delimiter (operator) characters (old $o macro)

+O OperatorChars=.:%@!^/[]+

+# shall I avoid calling initgroups(3) because of high NIS costs?

+#O DontInitGroups=False

+# are group-writable :include: and .forward files (un)trustworthy?

+#O UnsafeGroupWrites=True

+# where do errors that occur when sending errors get sent?

+#O DoubleBounceAddress=postmaster

+# where to save bounces if all else fails

+#O DeadLetterDrop=/var/tmp/dead.letter

+# what user id do we assume for the majority of the processing?

+#O RunAsUser=sendmail

+# maximum number of recipients per SMTP envelope

+#O MaxRecipientsPerMessage=100

+# shall we get local names from our installed interfaces?

+#O DontProbeInterfaces=False

+# Return-Receipt-To: header implies DSN request

+#O RrtImpliesDsn=False

+# override connection address (for testing)

+#O ConnectOnlyTo=0.0.0.0

+# Trusted user for file ownership and starting the daemon

+#O TrustedUser=root

+# Control socket for daemon management

+#O ControlSocketName=/var/spool/mqueue/.control

+# Maximum MIME header length to protect MUAs

+#O MaxMimeHeaderLength=0/0

+# Maximum length of the sum of all headers

+O MaxHeadersLength=32768

+# Maximum depth of alias recursion

+#O MaxAliasRecursion=10

+# location of pid file

+#O PidFile=/var/run/sendmail.pid

+# Prefix string for the process title shown on 'ps' listings

+#O ProcessTitlePrefix=prefix

+# Data file (df) memory-buffer file maximum size

+#O DataFileBufferSize=4096

+# Transcript file (xf) memory-buffer file maximum size

+#O XscriptFileBufferSize=4096

+# list of authentication mechanisms

+#O AuthMechanisms=GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5

+# default authentication information for outgoing connections

+#O DefaultAuthInfo=/etc/mail/default-auth-info

+# SMTP AUTH flags

+#O AuthOptions

+# CA directory

+#O CACERTPath

+# CA file

+#O CACERTFile

+# Server Cert

+#O ServerCertFile

+# Server private key

+#O ServerKeyFile

+# Client Cert

+#O ClientCertFile

+# Client private key

+#O ClientKeyFile

+# DHParameters (only required if DSA/DH is used)

+#O DHParameters

+# Random data source (required for systems without /dev/urandom under OpenSSL)

+#O RandFile

+###########################

+# Message precedences #

+###########################

+Pfirst-class=0

+Pspecial-delivery=100

+Plist=-30

+Pbulk=-60

+Pjunk=-100

+#####################

+# Trusted users #

+#####################

+# this is equivalent to setting class "t"

+#Ft/etc/mail/trusted-users

+Troot

+Tdaemon

+Tuucp

+#########################

+# Format of headers #

+#########################

+H?P?Return-Path: <$g>

+HReceived: $?sfrom $s $.$?_($?s$|from $.$_)

+ $.$?{auth_type}(authenticated$?{auth_ssf} (${auth_ssf} bits)$.)

+ $.by $j ($v/$Z)$?r with $r$. id $i$?{tls_version}

+ (using ${tls_version} with cipher ${cipher} (${cipher_bits} bits) verified ${verify})$.$?u

+ for $u; $|;

+ $.$b

+H?D?Resent-Date: $a

+H?D?Date: $a

+H?F?Resent-From: $?x$x <$g>$|$g$.

+H?F?From: $?x$x <$g>$|$g$.

+H?x?Full-Name: $x

+# HPosted-Date: $a

+# H?l?Received-Date: $b

+H?M?Resent-Message-Id: <$t.$i@$j>

+H?M?Message-Id: <$t.$i@$j>

+######################################################################

+#####

+##### REWRITING RULES

+#####

+######################################################################

+############################################

+### Ruleset 3 -- Name Canonicalization ###

+############################################

+Scanonify=3

+# handle null input (translate to <@> special case)

+R$@ $@ <@>

+# strip group: syntax (not inside angle brackets!) and trailing semicolon

+R$* $: $1 <@> mark addresses

+R$* < $* > $* <@> $: $1 < $2 > $3 unmark <addr>

+R@ $* <@> $: @ $1 unmark @host:...

+R$* :: $* <@> $: $1 :: $2 unmark node::addr

+R:include: $* <@> $: :include: $1 unmark :include:...

+R$* [ IPv6 $- ] <@> $: $1 [ IPv6 $2 ] unmark IPv6 addr

+R$* : $* [ $* ] $: $1 : $2 [ $3 ] <@> remark if leading colon

+R$* : $* <@> $: $2 strip colon if marked

+R$* <@> $: $1 unmark

+R$* ; $1 strip trailing semi

+R$* < $+ :; > $* $@ $2 :; <@> catch <list:;>

+R$* < $* ; > $1 < $2 > bogus bracketed semi

+# null input now results from list:; syntax

+R$@ $@ :; <@>

+# strip angle brackets -- note RFC733 heuristic to get innermost item

+R$* $: < $1 > housekeeping <>

+R$+ < $* > < $2 > strip excess on left

+R< $* > $+ < $1 > strip excess on right

+R<> $@ < @ > MAIL FROM:<> case

+R< $+ > $: $1 remove housekeeping <>

+# strip route address <@a,@b,@c:user@d> -> <user@d>

+R@ $+ , $+ $2

+R@ $+ : $+ $2

+# find focus for list syntax

+R $+ : $* ; @ $+ $@ $>Canonify2 $1 : $2 ; < @ $3 > list syntax

+R $+ : $* ; $@ $1 : $2; list syntax

+# find focus for @ syntax addresses

+R$+ @ $+ $: $1 < @ $2 > focus on domain

+R$+ < $+ @ $+ > $1 $2 < @ $3 > move gaze right

+R$+ < @ $+ > $@ $>Canonify2 $1 < @ $2 > already canonical

+# do some sanity checking

+R$* < @ $* : $* > $* $1 < @ $2 $3 > $4 nix colons in addrs

+# convert old-style addresses to a domain-based address

+R$- ! $+ $@ $>Canonify2 $2 < @ $1 .UUCP > resolve uucp names

+R$+ . $- ! $+ $@ $>Canonify2 $3 < @ $1 . $2 > domain uucps

+R$+ ! $+ $@ $>Canonify2 $2 < @ $1 .UUCP > uucp subdomains

+# if we have % signs, take the rightmost one

+R$* % $* $1 @ $2 First make them all @s.

+R$* @ $* @ $* $1 % $2 @ $3 Undo all but the last.

+R$* @ $* $@ $>Canonify2 $1 < @ $2 > Insert < > and finish

+# else we must be a local name

+R$* $@ $>Canonify2 $1

+################################################

+### Ruleset 96 -- bottom half of ruleset 3 ###

+################################################

+SCanonify2=96

+# handle special cases for local names

+R$* < @ localhost > $* $: $1 < @ $j . > $2 no domain at all

+R$* < @ localhost . $m > $* $: $1 < @ $j . > $2 local domain

+R$* < @ localhost . UUCP > $* $: $1 < @ $j . > $2 .UUCP domain

+# check for IPv6 domain literal (save quoted form)

+R$* < @ [ IPv6 $- ] > $* $: $2 $| $1 < @@ [ $(dequote $2 $) ] > $3 mark IPv6 addr

+R$- $| $* < @@ $=w > $* $: $2 < @ $j . > $4 self-literal

+R$- $| $* < @@ [ $+ ] > $* $@ $2 < @ [ IPv6 $1 ] > $4 canon IP addr

+# check for IPv4 domain literal

+R$* < @ [ $+ ] > $* $: $1 < @@ [ $2 ] > $3 mark [a.b.c.d]

+R$* < @@ $=w > $* $: $1 < @ $j . > $3 self-literal

+R$* < @@ $+ > $* $@ $1 < @ $2 > $3 canon IP addr

+# if really UUCP, handle it immediately

+# try UUCP traffic as a local address

+R$* < @ $+ . UUCP > $* $: $1 < @ $[ $2 $] . UUCP . > $3

+R$* < @ $+ . . UUCP . > $* $@ $1 < @ $2 . > $3

+# hostnames ending in class P are always canonical

+R$* < @ $* $=P > $* $: $1 < @ $2 $3 . > $4

+R$* < @ $* $~P > $* $: $&{daemon_flags} $| $1 < @ $2 $3 > $4

+R$* CC $* $| $* < @ $+.$+ > $* $: $3 < @ $4.$5 . > $6

+R$* CC $* $| $* $: $3

+# pass to name server to make hostname canonical

+R$* $| $* < @ $* > $* $: $2 < @ $[ $3 $] > $4

+R$* $| $* $: $2

+# local host aliases and pseudo-domains are always canonical

+R$* < @ $=w > $* $: $1 < @ $2 . > $3

+R$* < @ $=M > $* $: $1 < @ $2 . > $3

+R$* < @ $* . . > $* $1 < @ $2 . > $3

+##################################################

+### Ruleset 4 -- Final Output Post-rewriting ###

+##################################################

+Sfinal=4

+R$+ :; <@> $@ $1 : handle <list:;>

+R$* <@> $@ handle <> and list:;

+# strip trailing dot off possibly canonical name

+R$* < @ $+ . > $* $1 < @ $2 > $3

+# eliminate internal code

+R$* < @ *LOCAL* > $* $1 < @ $j > $2

+# externalize local domain info

+R$* < $+ > $* $1 $2 $3 defocus

+R@ $+ : @ $+ : $+ @ $1 , @ $2 : $3 <route-addr> canonical

+R@ $* $@ @ $1 ... and exit

+# UUCP must always be presented in old form

+R$+ @ $- . UUCP $2!$1 u@h.UUCP => h!u

+# delete duplicate local names

+R$+ % $=w @ $=w $1 @ $2 u%host@host => u@host

+##############################################################

+### Ruleset 97 -- recanonicalize and call ruleset zero ###

+### (used for recursive calls) ###

+##############################################################

+SRecurse=97

+R$* $: $>canonify $1

+R$* $@ $>parse $1

+######################################

+### Ruleset 0 -- Parse Address ###

+######################################

+Sparse=0

+R$* $: $>Parse0 $1 initial parsing

+R<@> $#local $: <@> special case error msgs

+R$* $: $>ParseLocal $1 handle local hacks

+R$* $: $>Parse1 $1 final parsing

+# Parse0 -- do initial syntax checking and eliminate local addresses.

+# This should either return with the (possibly modified) input

+# or return with a #error mailer. It should not return with a

+# #mailer other than the #error mailer.

+SParse0

+R<@> $@ <@> special case error msgs

+R$* : $* ; <@> $#error $@ 5.1.3 $: "501 List:; syntax illegal for recipient addresses"

+R@ <@ $* > < @ $1 > catch "@@host" bogosity

+R<@ $+> $#error $@ 5.1.3 $: "501 User address required"

+R$* $: <> $1

+R<> $* < @ [ $+ ] > $* $1 < @ [ $2 ] > $3

+R<> $* <$* : $* > $* $#error $@ 5.1.3 $: "501 Colon illegal in host name part"

+R<> $* $1

+R$* < @ . $* > $* $#error $@ 5.1.2 $: "501 Invalid host name"

+R$* < @ $* .. $* > $* $#error $@ 5.1.2 $: "501 Invalid host name"

+R$* , $~O $* $#error $@ 5.1.2 $: "501 Invalid route address"

+# now delete the local info -- note $=O to find characters that cause forwarding

+R$* < @ > $* $@ $>Parse0 $>canonify $1 user@ => user

+R< @ $=w . > : $* $@ $>Parse0 $>canonify $2 @here:... -> ...

+R$- < @ $=w . > $: $(dequote $1 $) < @ $2 . > dequote "foo"@here

+R< @ $+ > $#error $@ 5.1.3 $: "501 User address required"

+R$* $=O $* < @ $=w . > $@ $>Parse0 $>canonify $1 $2 $3 ...@here -> ...

+R$- $: $(dequote $1 $) < @ *LOCAL* > dequote "foo"

+R< @ *LOCAL* > $#error $@ 5.1.3 $: "501 User address required"

+R$* $=O $* < @ *LOCAL* >

+ $@ $>Parse0 $>canonify $1 $2 $3 ...@*LOCAL* -> ...

+R$* < @ *LOCAL* > $: $1

+# Parse1 -- the bottom half of ruleset 0.

+SParse1

+# handle numeric address spec

+R$* < @ [ $+ ] > $* $: $>ParseLocal $1 < @ [ $2 ] > $3 numeric internet spec

+R$* < @ [ $+ ] > $* $1 < @ [ $2 ] : $S > $3 Add smart host to path

+R$* < @ [ IPv6 $- ] : > $*

+ $#esmtp $@ [ $(dequote $2 $) ] $: $1 < @ [IPv6 $2 ] > $3 no smarthost: send

+R$* < @ [ $+ ] : > $* $#esmtp $@ [$2] $: $1 < @ [$2] > $3 no smarthost: send

+R$* < @ [ $+ ] : $- : $*> $* $#$3 $@ $4 $: $1 < @ [$2] > $5 smarthost with mailer

+R$* < @ [ $+ ] : $+ > $* $#esmtp $@ $3 $: $1 < @ [$2] > $4 smarthost without mailer

+# short circuit local delivery so forwarded email works

+R$=L < @ $=w . > $#local $: @ $1 special local names

+R$+ < @ $=w . > $#local $: $1 regular local name

+# resolve remotely connected UUCP links (if any)

+# resolve fake top level domains by forwarding to other hosts

+# pass names that still have a host to a smarthost (if defined)

+R$* < @ $* > $* $: $>MailerToTriple < $S > $1 < @ $2 > $3 glue on smarthost name

+# deal with other remote names

+R$* < @$* > $* $#esmtp $@ $2 $: $1 < @ $2 > $3 user@host.domain

+# handle locally delivered names

+R$=L $#local $: @ $1 special local names

+R$+ $#local $: $1 regular local names

+###########################################################################

+### Ruleset 5 -- special rewriting after aliases have been expanded ###

+###########################################################################

+SLocal_localaddr

+Slocaladdr=5

+R$+ $: $1 $| $>"Local_localaddr" $1

+R$+ $| $#$* $#$2

+R$+ $| $* $: $1

+# deal with plussed users so aliases work nicely

+R$+ + * $#local $@ $&h $: $1

+R$+ + $* $#local $@ + $2 $: $1 + *

+# prepend an empty "forward host" on the front

+R$+ $: <> $1

+# see if we have a relay or a hub

+R< > $+ $: < $H > $1 try hub

+R< > $+ $: < $R > $1 try relay

+R< > $+ $: < > < $1 <> $&h > nope, restore +detail

+R< > < $+ <> + $* > $: < > < $1 + $2 > check whether +detail

+R< > < $+ <> $* > $: < > < $1 > else discard

+R< > < $+ + $* > $* < > < $1 > + $2 $3 find the user part

+R< > < $+ > + $* $#local $@ $2 $: @ $1 strip the extra +

+R< > < $+ > $@ $1 no +detail

+R$+ $: $1 <> $&h add +detail back in

+R$+ <> + $* $: $1 + $2 check whether +detail

+R$+ <> $* $: $1 else discard

+R< local : $* > $* $: $>MailerToTriple < local : $1 > $2 no host extension

+R< error : $* > $* $: $>MailerToTriple < error : $1 > $2 no host extension

+R< $- : $+ > $+ $: $>MailerToTriple < $1 : $2 > $3 < @ $2 >

+R< $+ > $+ $@ $>MailerToTriple < $1 > $2 < @ $1 >

+###################################################################

+### Ruleset 95 -- canonify mailer:[user@]host syntax to triple ###

+###################################################################

+SMailerToTriple=95

+R< > $* $@ $1 strip off null relay

+R< error : $-.$-.$- : $+ > $* $#error $@ $1.$2.$3 $: $4

+R< error : $- $+ > $* $#error $@ $(dequote $1 $) $: $2

+R< local : $* > $* $>CanonLocal < $1 > $2

+R< $- : $+ @ $+ > $*<$*>$* $# $1 $@ $3 $: $2<@$3> use literal user

+R< $- : $+ > $* $# $1 $@ $2 $: $3 try qualified mailer

+R< $=w > $* $@ $2 delete local host

+R< [ IPv6 $+ ] > $* $#relay $@ $(dequote $1 $) $: $2 use unqualified mailer

+R< $+ > $* $#relay $@ $1 $: $2 use unqualified mailer

+###################################################################

+### Ruleset CanonLocal -- canonify local: syntax ###

+###################################################################

+SCanonLocal

+# strip local host from routed addresses

+R< $* > < @ $+ > : $+ $@ $>Recurse $3

+R< $* > $+ $=O $+ < @ $+ > $@ $>Recurse $2 $3 $4

+# strip trailing dot from any host name that may appear

+R< $* > $* < @ $* . > $: < $1 > $2 < @ $3 >

+# handle local: syntax -- use old user, either with or without host

+R< > $* < @ $* > $* $#local $@ $1@$2 $: $1

+R< > $+ $#local $@ $1 $: $1

+# handle local:user@host syntax -- ignore host part

+R< $+ @ $+ > $* < @ $* > $: < $1 > $3 < @ $4 >

+# handle local:user syntax

+R< $+ > $* <@ $* > $* $#local $@ $2@$3 $: $1

+R< $+ > $* $#local $@ $2 $: $1

+###################################################################

+### Ruleset 93 -- convert header names to masqueraded form ###

+###################################################################

+SMasqHdr=93

+# do not masquerade anything in class N

+R$* < @ $* $=N . > $@ $1 < @ $2 $3 . >

+# special case the users that should be exposed

+R$=E < @ *LOCAL* > $@ $1 < @ $j . > leave exposed

+R$=E < @ $=M . > $@ $1 < @ $2 . >

+R$=E < @ $=w . > $@ $1 < @ $2 . >

+# handle domain-specific masquerading

+R$* < @ $=M . > $* $: $1 < @ $2 . @ $M > $3 convert masqueraded doms

+R$* < @ $=w . > $* $: $1 < @ $2 . @ $M > $3

+R$* < @ *LOCAL* > $* $: $1 < @ $j . @ $M > $2

+R$* < @ $+ @ > $* $: $1 < @ $2 > $3 $M is null

+R$* < @ $+ @ $+ > $* $: $1 < @ $3 . > $4 $M is not null

+###################################################################

+### Ruleset 94 -- convert envelope names to masqueraded form ###

+###################################################################

+SMasqEnv=94

+R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2

+###################################################################

+### Ruleset 98 -- local part of ruleset zero (can be null) ###

+###################################################################

+SParseLocal=98

+# addresses sent to foo@host.REDIRECT will give a 551 error code

+R$* < @ $+ .REDIRECT. > $: $1 < @ $2 . REDIRECT . > < ${opMode} >

+R$* < @ $+ .REDIRECT. > <i> $: $1 < @ $2 . REDIRECT. >

+R$* < @ $+ .REDIRECT. > < $- > $#error $@ 5.1.1 $: "551 User has moved; please try " <$1@$2>

+######################################################################

+### CanonAddr -- Convert an address into a standard form for

+### relay checking. Route address syntax is

+### crudely converted into a %-hack address.

+###

+### Parameters:

+### $1 -- full recipient address

+###

+### Returns:

+### parsed address, not in source route form

+######################################################################

+SCanonAddr

+R$* $: $>Parse0 $>canonify $1 make domain canonical

+######################################################################

+### ParseRecipient -- Strip off hosts in $=R as well as possibly

+### $* $=m or the access database.

+### Check user portion for host separators.

+###

+### Parameters:

+### $1 -- full recipient address

+###

+### Returns:

+### parsed, non-local-relaying address

+######################################################################

+SParseRecipient

+R$* $: <?> $>CanonAddr $1

+R<?> $* < @ $* . > <?> $1 < @ $2 > strip trailing dots

+R<?> $- < @ $* > $: <?> $(dequote $1 $) < @ $2 > dequote local part

+# if no $=O character, no host in the user portion, we are done

+R<?> $* $=O $* < @ $* > $: <NO> $1 $2 $3 < @ $4>

+R<?> $* $@ $1

+R<NO> $* < @ $* $=R > $: <RELAY> $1 < @ $2 $3 >

+R<RELAY> $* < @ $* > $@ $>ParseRecipient $1

+R<$-> $* $@ $2

+######################################################################

+### check_relay -- check hostname/address on SMTP startup

+######################################################################

+SLocal_check_relay

+Scheck_relay

+R$* $: $1 $| $>"Local_check_relay" $1

+R$* $| $* $| $#$* $#$3

+R$* $| $* $| $* $@ $>"Basic_check_relay" $1 $| $2

+SBasic_check_relay

+# check for deferred delivery mode

+R$* $: < ${deliveryMode} > $1

+R< d > $* $@ deferred

+R< $* > $* $: $2

+######################################################################

+### check_mail -- check SMTP `MAIL FROM:' command argument

+######################################################################

+SLocal_check_mail

+Scheck_mail

+R$* $: $1 $| $>"Local_check_mail" $1

+R$* $| $#$* $#$2

+R$* $| $* $@ $>"Basic_check_mail" $1

+SBasic_check_mail

+# check for deferred delivery mode

+R$* $: < ${deliveryMode} > $1

+R< d > $* $@ deferred

+R< $* > $* $: $2

+# authenticated?

+R$* $: $1 $| $>"tls_client" $&{verify} $| MAIL

+R$* $| $#$+ $#$2

+R$* $| $* $: $1

+R<> $@ <OK> we MUST accept <> (RFC 1123)

+R$+ $: <?> $1

+R<?><$+> $: <@> <$1>

+R<?>$+ $: <@> <$1>

+R$* $: $&{daemon_flags} $| $1

+R$* f $* $| <@> < $* @ $- > $: < ? $&{client_name} > < $3 @ $4 >

+R$* u $* $| <@> < $* > $: <?> < $3 >

+R$* $| $* $: $2

+# handle case of @localhost on address

+R<@> < $* @ localhost > $: < ? $&{client_name} > < $1 @ localhost >

+R<@> < $* @ [127.0.0.1] >

+ $: < ? $&{client_name} > < $1 @ [127.0.0.1] >

+R<@> < $* @ localhost.$m >

+ $: < ? $&{client_name} > < $1 @ localhost.$m >

+R<@> < $* @ localhost.UUCP >

+ $: < ? $&{client_name} > < $1 @ localhost.UUCP >

+R<@> $* $: $1 no localhost as domain

+R<? $=w> $* $: $2 local client: ok

+R<? $+> <$+> $#error $@ 5.5.4 $: "501 Real domain name required for sender address"

+R<?> $* $: $1

+R$* $: <?> $>CanonAddr $1 canonify sender address and mark it

+R<?> $* < @ $+ . > <?> $1 < @ $2 > strip trailing dots

+# handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc)

+R<?> $* < @ $* $=P > $: <OK> $1 < @ $2 $3 >

+R<?> $* < @ $+ > $: <? $(resolve $2 $: $2 <PERM> $) > $1 < @ $2 >

+R<? $* <$->> $* < @ $+ >

+ $: <$2> $3 < @ $4 >

+# handle case of no @domain on address

+R<?> $* $: $&{daemon_flags} $| <?> $1

+R$* u $* $| <?> $* $: <OK> $3

+R$* $| $* $: $2

+R<?> $* $: < ? $&{client_name} > $1

+R<?> $* $@ <OK> ...local unqualed ok

+R<? $+> $* $#error $@ 5.5.4 $: "501 Domain name required for sender address " $&f

+ ...remote is not

+# check results

+R<?> $* $: @ $1 mark address: nothing known about it

+R<OK> $* $@ <OK>

+R<TEMP> $* $#error $@ 4.1.8 $: "451 Domain of sender address " $&f " does not resolve"

+R<PERM> $* $#error $@ 5.1.8 $: "501 Domain of sender address " $&f " does not exist"

+######################################################################

+### check_rcpt -- check SMTP `RCPT TO:' command argument

+######################################################################

+SLocal_check_rcpt

+Scheck_rcpt

+R$* $: $1 $| $>"Local_check_rcpt" $1

+R$* $| $#$* $#$2

+R$* $| $* $@ $>"Basic_check_rcpt" $1

+SBasic_check_rcpt

+# check for deferred delivery mode

+R$* $: < ${deliveryMode} > $1

+R< d > $* $@ deferred

+R< $* > $* $: $2

+R$* $: $>ParseRecipient $1 strip relayable hosts

+# authenticated?

+R$* $: $1 $| $>RelayAuth $1 $| $&{verify} client authenticated?

+R$* $| $# $+ $# $2 error/ok?

+R$* $| $* $: $1 no

+# authenticated by a trusted mechanism?

+R$* $: $1 $| $&{auth_type}

+R$* $| $: $1

+R$* $| $={TrustAuthMech} $# RELAYAUTH

+R$* $| $* $: $1

+# anything terminating locally is ok

+R$+ < @ $=w > $@ RELAYTO

+R$+ < @ $* $=R > $@ RELAYTO

+# check for local user (i.e. unqualified address)

+R$* $: <?> $1

+R<?> $* < @ $+ > $: <REMOTE> $1 < @ $2 >

+# local user is ok

+R<?> $+ $@ RELAYTOLOCAL

+R<$+> $* $: $2

+# anything originating locally is ok

+# check IP address

+R$* $: $&{client_addr}

+R$@ $@ RELAYFROM originated locally

+R0 $@ RELAYFROM originated locally

+R$=R $* $@ RELAYFROM relayable IP address

+R$* $: [ $1 ] put brackets around it...

+R$=w $@ RELAYFROM ... and see if it is local

+# check client name: first: did it resolve?

+R$* $: < $&{client_resolve} >

+R<TEMP> $#error $@ 4.7.1 $: "450 Relaying temporarily denied. Cannot resolve PTR record for " $&{client_addr}

+R<FORGED> $#error $@ 5.7.1 $: "550 Relaying denied. IP name possibly forged " $&{client_name}

+R<FAIL> $#error $@ 5.7.1 $: "550 Relaying denied. IP name lookup failed " $&{client_name}

+R$* $: <?> $&{client_name}

+# pass to name server to make hostname canonical

+R<?> $* $~P $:<?> $[ $1 $2 $]

+R$* . $1 strip trailing dots

+R<?> $@ RELAYFROM

+R<?> $=w $@ RELAYFROM

+R<?> $* $=R $@ RELAYFROM

+# anything else is bogus

+R$* $#error $@ 5.7.1 $: "550 Relaying denied"

+# is user trusted to authenticate as someone else?

+Strust_auth

+R$* $: $&{auth_type} $| $1

+# required by RFC 2554 section 4.

+R$@ $| $* $#error $@ 5.7.1 $: "550 not authenticated"

+R$* $| $&{auth_authen} $@ identical

+R$* $| <$&{auth_authen}> $@ identical

+R$* $| $* $: $1 $| $>"Local_trust_auth" $1

+R$* $| $#$* $#$2

+R$* $#error $@ 5.7.1 $: "550 " $&{auth_authen} " not allowed to act as " $&{auth_author}

+SLocal_trust_auth

+# is connection with client "good" enough? (done in server)

+# input: ${verify} $| (MAIL|STARTTLS)

+Stls_client

+R$* $| $* $@ $>"tls_connection" $1

+# is connection with server "good" enough? (done in client)

+# input: ${verify}

+Stls_server

+R$* $@ $>"tls_connection" $1

+Stls_connection

+RSOFTWARE $#error $@ 4.7.0 $: "403 TLS handshake."

+SRelayAuth

+# authenticated?

+R$* $| OK $: $1

+R$* $| $* $@ NO not authenticated

+######################################################################

+#####

+##### MAILER DEFINITIONS

+#####

+######################################################################

+##################################################

+### Local and Program Mailer specification ###

+##################################################

+##### $Id: generic-nextstep3.3.cf,v 1.1 2001/01/15 20:52:26 millert Exp $ #####

+# Envelope sender rewriting

+SEnvFromL=10

+R<@> $n errors to mailer-daemon

+R@ <@ $*> $n temporarily bypass Sun bogosity

+R$+ $: $>AddDomain $1 add local domain if needed

+R$* $: $>MasqEnv $1 do masquerading

+# Envelope recipient rewriting

+SEnvToL=20

+R$+ < @ $* > $: $1 strip host part

+# Header sender rewriting

+SHdrFromL=30

+R<@> $n errors to mailer-daemon

+R@ <@ $*> $n temporarily bypass Sun bogosity

+R$+ $: $>AddDomain $1 add local domain if needed

+R$* $: $>MasqHdr $1 do masquerading

+# Header recipient rewriting

+SHdrToL=40

+R$+ $: $>AddDomain $1 add local domain if needed

+R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2

+# Common code to add local domain name (only if always-add-domain)

+SAddDomain=50

+Mlocal, P=/bin/mail, F=lsDFMAw5:/|@qPrmn9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL,

+ T=DNS/RFC822/X-Unix,

+ A=mail -d $u

+Mprog, P=/bin/sh, F=lsDFMoqeuP, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, D=$z:/,

+ T=X-Unix/X-Unix/X-Unix,

+ A=sh -c $u

+#####################################

+### SMTP Mailer specification ###

+#####################################

+##### $Id: generic-nextstep3.3.cf,v 1.1 2001/01/15 20:52:26 millert Exp $ #####

+# common sender and masquerading recipient rewriting

+SMasqSMTP=61

+R$* < @ $* > $* $@ $1 < @ $2 > $3 already fully qualified

+R$+ $@ $1 < @ *LOCAL* > add local qualification

+# convert pseudo-domain addresses to real domain addresses

+SPseudoToReal=51

+# pass <route-addr>s through

+R< @ $+ > $* $@ < @ $1 > $2 resolve <route-addr>

+# output fake domains as user%fake@relay

+# do UUCP heuristics; note that these are shared with UUCP mailers

+R$+ < @ $+ .UUCP. > $: < $2 ! > $1 convert to UUCP form

+R$+ < @ $* > $* $@ $1 < @ $2 > $3 not UUCP form

+# leave these in .UUCP form to avoid further tampering

+R< $&h ! > $- ! $+ $@ $2 < @ $1 .UUCP. >

+R< $&h ! > $-.$+ ! $+ $@ $3 < @ $1.$2 >

+R< $&h ! > $+ $@ $1 < @ $&h .UUCP. >

+R< $+ ! > $+ $: $1 ! $2 < @ $Y > use UUCP_RELAY

+R$+ < @ $+ : $+ > $@ $1 < @ $3 > strip mailer: part

+R$+ < @ > $: $1 < @ *LOCAL* > if no UUCP_RELAY

+# envelope sender rewriting

+SEnvFromSMTP=11

+R$+ $: $>PseudoToReal $1 sender/recipient common

+R$* :; <@> $@ list:; special case

+R$* $: $>MasqSMTP $1 qualify unqual'ed names

+R$+ $: $>MasqEnv $1 do masquerading

+# envelope recipient rewriting --

+# also header recipient if not masquerading recipients

+SEnvToSMTP=21

+R$+ $: $>PseudoToReal $1 sender/recipient common

+R$+ $: $>MasqSMTP $1 qualify unqual'ed names

+R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2

+# header sender and masquerading header recipient rewriting

+SHdrFromSMTP=31

+R$+ $: $>PseudoToReal $1 sender/recipient common

+R:; <@> $@ list:; special case

+# do special header rewriting

+R$* <@> $* $@ $1 <@> $2 pass null host through

+R< @ $* > $* $@ < @ $1 > $2 pass route-addr through

+R$* $: $>MasqSMTP $1 qualify unqual'ed names

+R$+ $: $>MasqHdr $1 do masquerading

+# relay mailer header masquerading recipient rewriting

+SMasqRelay=71

+R$+ $: $>MasqSMTP $1

+R$+ $: $>MasqHdr $1

+Msmtp, P=[IPC], F=mDFMuX, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,

+ T=DNS/RFC822/SMTP,

+ A=TCP $h

+Mesmtp, P=[IPC], F=mDFMuXa, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,

+ T=DNS/RFC822/SMTP,

+ A=TCP $h

+Msmtp8, P=[IPC], F=mDFMuX8, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,

+ T=DNS/RFC822/SMTP,

+ A=TCP $h

+Mdsmtp, P=[IPC], F=mDFMuXa%, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,

+ T=DNS/RFC822/SMTP,

+ A=TCP $h

+Mrelay, P=[IPC], F=mDFMuXa8, S=EnvFromSMTP/HdrFromSMTP, R=MasqSMTP, E=\r\n, L=2040,

+ T=DNS/RFC822/SMTP,

+ A=TCP $h

diff --git a/gnu/usr.sbin/sendmail/cf/ostype/aix5.m4 b/gnu/usr.sbin/sendmail/cf/ostype/aix5.m4
new file mode 100644
index 00000000000..047a33f50ed
--- /dev/null
+++ b/gnu/usr.sbin/sendmail/cf/ostype/aix5.m4

@@ -0,0 +1,18 @@

+divert(-1)

+# By using this file, you agree to the terms and conditions set

+# forth in the LICENSE file which can be found at the top level of

+# the sendmail distribution.

+divert(0)

+VERSIONID(`$Id: aix5.m4,v 1.1 2001/01/15 20:52:34 millert Exp $')

+ifdef(`LOCAL_MAILER_PATH',, `define(`LOCAL_MAILER_PATH', /bin/bellmail)')dnl

+ifdef(`LOCAL_MAILER_ARGS',, `define(`LOCAL_MAILER_ARGS', mail -F $g $u)')dnl

+_DEFIFNOT(`LOCAL_MAILER_FLAGS', `mn9')dnl

+define(`confEBINDIR', `/usr/lib')dnl

+define(`confTIME_ZONE', `USE_TZ')dnl

diff --git a/gnu/usr.sbin/sendmail/cf/ostype/darwin.m4 b/gnu/usr.sbin/sendmail/cf/ostype/darwin.m4
new file mode 100644
index 00000000000..38a40e7993e
--- /dev/null
+++ b/gnu/usr.sbin/sendmail/cf/ostype/darwin.m4

@@ -0,0 +1,17 @@

+divert(-1)

+# By using this file, you agree to the terms and conditions set

+# forth in the LICENSE file which can be found at the top level of

+# the sendmail distribution.

+divert(0)

+VERSIONID(`$Id: darwin.m4,v 1.1 2001/01/15 20:52:34 millert Exp $')

+ifdef(`STATUS_FILE',, `define(`STATUS_FILE', `/var/log/sendmail.st')')dnl

+ifdef(`LOCAL_MAILER_PATH',, `define(`LOCAL_MAILER_PATH', /usr/libexec/mail.local)')dnl

+ifdef(`UUCP_MAILER_ARGS',, `define(`UUCP_MAILER_ARGS', `uux - -r -z -a$g $h!rmail ($u)')')dnl

diff --git a/gnu/usr.sbin/sendmail/cf/ostype/solaris8.m4 b/gnu/usr.sbin/sendmail/cf/ostype/solaris8.m4
new file mode 100644
index 00000000000..0e5b221c85f
--- /dev/null
+++ b/gnu/usr.sbin/sendmail/cf/ostype/solaris8.m4

@@ -0,0 +1,25 @@

+divert(-1)

+# By using this file, you agree to the terms and conditions set

+# forth in the LICENSE file which can be found at the top level of

+# the sendmail distribution.

+# This ostype file is suitable for use on Solaris 8 and later systems,

+# taking advantage of mail.local's LMTP support, the existence of

+# /var/run and support for IPv6, all of which where introduced in

+# Solaris 8.

+divert(0)

+VERSIONID(`$Id: solaris8.m4,v 1.1 2001/01/15 20:52:37 millert Exp $')

+divert(-1)

+ifdef(`UUCP_MAILER_ARGS',, `define(`UUCP_MAILER_ARGS', `uux - -r -a$g $h!rmail ($u)')')

+define(`confEBINDIR', `/usr/lib')dnl

+define(`confPID_FILE', `/var/run/sendmail.pid')dnl

+define(`_NETINET6_')dnl

+FEATURE(`local_lmtp')dnl