summaryrefslogtreecommitdiff
path: root/gnu
diff options
context:
space:
mode:
Diffstat (limited to 'gnu')
-rw-r--r--gnu/usr.sbin/sendmail/cf/cf/courtesan.mc21
1 files changed, 14 insertions, 7 deletions
diff --git a/gnu/usr.sbin/sendmail/cf/cf/courtesan.mc b/gnu/usr.sbin/sendmail/cf/cf/courtesan.mc
index 83d42a8045e..c81c1cab293 100644
--- a/gnu/usr.sbin/sendmail/cf/cf/courtesan.mc
+++ b/gnu/usr.sbin/sendmail/cf/cf/courtesan.mc
@@ -2,16 +2,14 @@ divert(-1)
#
# Sendmail 8 configuration file for courtesan.com.
# This machine gets a lot of mail so we use a queue-only config and:
-# sendmail_flags="-L sm-mta -bd"
-# There is a separate sendmail for queue control started as:
-# /usr/sbin/sendmail -L sm-queue -qp
+# sendmail_flags="-L sm-mta -bd -q1s"
# The queue group limits and confMIN_QUEUE_AGE keep things sane
# and prevent a sendmail DoS when thousands of messages (bounces)
# come in at once.
#
divert(0)dnl
-VERSIONID(`$OpenBSD: courtesan.mc,v 1.12 2003/08/13 23:43:56 millert Exp $')
+VERSIONID(`$OpenBSD: courtesan.mc,v 1.13 2004/01/13 19:44:20 millert Exp $')
OSTYPE(openbsd)
dnl
dnl First, we override some default values
@@ -24,14 +22,14 @@ dnl Just queue incoming messages, we have a queue runner for actual delivery
define(`confDELIVERY_MODE', `q')dnl
dnl
dnl Add X-Authentication-Warning: headers and disable EXPN and VRFY
-define(`confPRIVACY_FLAGS', `authwarnings,noexpn,novrfy')dnl
+define(`confPRIVACY_FLAGS', `authwarnings,needmailhelo,noexpn,novrfy,noetrn,noverb,nobodyreturn')dnl
dnl
dnl Some broken nameservers will return SERVFAIL (a temporary failure)
dnl on T_AAAA (IPv6) lookups.
define(`confBIND_OPTS', `WorkAroundBrokenAAAA')dnl
dnl
-dnl Wait at least 27 minutes before trying to redeliver a message.
-define(`confMIN_QUEUE_AGE', `27m')dnl
+dnl Wait at least 15 minutes before trying to redeliver a message.
+define(`confMIN_QUEUE_AGE', `15m')dnl
dnl
dnl TLS certificates for encrypted mail
define(`CERT_DIR', `MAIL_SETTINGS_DIR`'certs')dnl
@@ -106,6 +104,10 @@ LOCAL_CONFIG
Kcheckaddress regex -a@MATCH
^([0-9]+<@(aol|msn)\.com|[0-9][^<]*<@juno\.com|.{20}[^<]+<@aol\.com)\.?>
+# Regex to catch sobig worm
+#
+KSobigWormMarker regex -f -aSOBIG multipart/mixed;boundary=_NextPart_000_........$
+
#
# Names that won't be allowed in a To: line (local-part and domains)
#
@@ -159,6 +161,11 @@ R$* $: $>Parse0 $>3 $1
R$+ $: $(checkaddress $1 $)
R@MATCH $#error $: "553 Header error"
+# Catch Sobig.F
+SCheckContentType
+R$+ $: $(SobigWormMarker $1 $)
+RSOBIG $#discard $: discard
+
#
# Reject some mail based on To: header
#