1 | divert(-1) |
---|
2 | dnl # |
---|
3 | dnl # This is the sendmail macro config file for m4. If you make changes to |
---|
4 | dnl # /etc/mail/sendmail.mc, you will need to regenerate the |
---|
5 | dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is |
---|
6 | dnl # installed and then performing a |
---|
7 | dnl # |
---|
8 | dnl # make -C /etc/mail |
---|
9 | dnl # |
---|
10 | dnl # or running the following command: |
---|
11 | dnl # |
---|
12 | dnl # m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf |
---|
13 | dnl # |
---|
14 | include(`@@PATH@@/m4/cf.m4') |
---|
15 | VERSIONID(`linux setup for Vine Linux')dnl |
---|
16 | define(`confCF_VERSION', `Vine')dnl |
---|
17 | OSTYPE(`linux')dnl |
---|
18 | dnl # |
---|
19 | dnl # default logging level is 9, you might want to set it higher to |
---|
20 | dnl # debug the configuration |
---|
21 | dnl # |
---|
22 | dnl define(`confLOG_LEVEL', `9')dnl |
---|
23 | dnl # |
---|
24 | dnl # Uncomment and edit the following line if your outgoing mail needs to |
---|
25 | dnl # be sent out through an external mail server: |
---|
26 | dnl # |
---|
27 | dnl define(`SMART_HOST',`smtp.your.provider')dnl |
---|
28 | dnl # |
---|
29 | define(`confDEF_USER_ID',``8:12'')dnl |
---|
30 | undefine(`UUCP_RELAY')dnl |
---|
31 | undefine(`BITNET_RELAY')dnl |
---|
32 | dnl define(`confAUTO_REBUILD')dnl |
---|
33 | define(`confTO_CONNECT', `1m')dnl |
---|
34 | define(`confTRY_NULL_MX_LIST',true)dnl |
---|
35 | define(`confDONT_PROBE_INTERFACES',true)dnl |
---|
36 | define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl |
---|
37 | define(`ALIAS_FILE', `/etc/aliases')dnl |
---|
38 | dnl define(`STATUS_FILE', `/etc/mail/statistics')dnl |
---|
39 | define(`UUCP_MAILER_MAX', `2000000')dnl |
---|
40 | define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl |
---|
41 | define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl |
---|
42 | dnl define(`confAUTH_OPTIONS', `A')dnl |
---|
43 | dnl # |
---|
44 | dnl # The following allows relaying if the user authenticates, and disallows |
---|
45 | dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links |
---|
46 | dnl # |
---|
47 | dnl define(`confAUTH_OPTIONS', `A p')dnl |
---|
48 | dnl # |
---|
49 | dnl # PLAIN is the preferred plaintext authentication method and used by |
---|
50 | dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do |
---|
51 | dnl # use LOGIN. Other mechanisms should be used if the connection is not |
---|
52 | dnl # guaranteed secure. |
---|
53 | dnl # Please remember that saslauthd needs to be running for AUTH. |
---|
54 | dnl # |
---|
55 | dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl |
---|
56 | dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl |
---|
57 | dnl # |
---|
58 | dnl # Rudimentary information on creating certificates for sendmail TLS: |
---|
59 | dnl # make -C /usr/share/ssl/certs usage |
---|
60 | dnl # or use the included makecert.sh script |
---|
61 | dnl # |
---|
62 | dnl define(`confCACERT_PATH',`/usr/share/ssl/certs')dnl |
---|
63 | dnl define(`confCACERT',`/usr/share/ssl/certs/ca-bundle.crt')dnl |
---|
64 | dnl define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')dnl |
---|
65 | dnl define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')dnl |
---|
66 | dnl define(`confCLIENT_CERT',`/usr/share/ssl/certs/sendmail.pem')dnl |
---|
67 | dnl define(`confCLIENT_KEY',`/usr/share/ssl/certs/sendmail.pem')dnl |
---|
68 | dnl # |
---|
69 | dnl # This allows sendmail to use a keyfile that is shared with OpenLDAP's |
---|
70 | dnl # slapd, which requires the file to be readble by group ldap |
---|
71 | dnl # |
---|
72 | dnl define(`confDONT_BLAME_SENDMAIL',`groupreadablekeyfile')dnl |
---|
73 | dnl # |
---|
74 | dnl define(`confTO_QUEUEWARN', `4h')dnl |
---|
75 | dnl define(`confTO_QUEUERETURN', `5d')dnl |
---|
76 | dnl define(`confQUEUE_LA', `12')dnl |
---|
77 | dnl define(`confREFUSE_LA', `18')dnl |
---|
78 | define(`confTO_IDENT', `0')dnl |
---|
79 | dnl FEATURE(delay_checks)dnl |
---|
80 | FEATURE(`no_default_msa',`dnl')dnl |
---|
81 | FEATURE(`smrsh',`/usr/sbin/smrsh')dnl |
---|
82 | FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl |
---|
83 | FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl |
---|
84 | FEATURE(redirect)dnl |
---|
85 | FEATURE(always_add_domain)dnl |
---|
86 | FEATURE(use_cw_file)dnl |
---|
87 | FEATURE(use_ct_file)dnl |
---|
88 | dnl # |
---|
89 | dnl # The -t option will retry delivery if e.g. the user runs over his quota. |
---|
90 | dnl # |
---|
91 | FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl |
---|
92 | FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl |
---|
93 | FEATURE(`blacklist_recipients')dnl |
---|
94 | EXPOSED_USER(`root')dnl |
---|
95 | dnl # |
---|
96 | dnl # The following causes sendmail to only listen on the IPv4 loopback address |
---|
97 | dnl # 127.0.0.1 and not on any other network devices. Remove the loopback |
---|
98 | dnl # address restriction to accept email from the internet or intranet. |
---|
99 | dnl # |
---|
100 | DAEMON_OPTIONS(`Name=MTA-v4, Family=inet, Address=127.0.0.1, Port=smtp')dnl |
---|
101 | dnl # |
---|
102 | dnl # The following causes sendmail to additionally listen on the IPv6 loopback |
---|
103 | dnl # device. Remove the loopback address restriction listen to the network. |
---|
104 | dnl # |
---|
105 | dnl DAEMON_OPTIONS(`Name=MTA-v6, Family=inet6, Address=::1, Port=smtp')dnl |
---|
106 | dnl # |
---|
107 | dnl # The following causes sendmail to additionally listen to port 587 for |
---|
108 | dnl # mail from MUAs that authenticate. Roaming users who can't reach their |
---|
109 | dnl # preferred sendmail daemon due to port 25 being blocked or redirected find |
---|
110 | dnl # this useful. |
---|
111 | dnl # |
---|
112 | dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl |
---|
113 | dnl # |
---|
114 | dnl # The following causes sendmail to additionally listen to port 465, but |
---|
115 | dnl # starting immediately in TLS mode upon connecting. Port 25 or 587 followed |
---|
116 | dnl # by STARTTLS is preferred, but roaming clients using Outlook Express can't |
---|
117 | dnl # do STARTTLS on ports other than 25. Mozilla Mail can ONLY use STARTTLS |
---|
118 | dnl # and doesn't support the deprecated smtps; Evolution <1.1.1 uses smtps |
---|
119 | dnl # when SSL is enabled-- STARTTLS support is available in version 1.1.1. |
---|
120 | dnl # |
---|
121 | dnl # For this to work your OpenSSL certificates must be configured. |
---|
122 | dnl # |
---|
123 | dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl |
---|
124 | dnl # |
---|
125 | dnl # |
---|
126 | dnl # We strongly recommend not accepting unresolvable domains if you want to |
---|
127 | dnl # protect yourself from spam. However, the laptop and users on computers |
---|
128 | dnl # that do not have 24x7 DNS do need this. |
---|
129 | dnl # |
---|
130 | FEATURE(`accept_unresolvable_domains')dnl |
---|
131 | dnl # |
---|
132 | dnl FEATURE(`relay_based_on_MX')dnl |
---|
133 | dnl # |
---|
134 | dnl # Also accept email sent to "localhost.localdomain" as local email. |
---|
135 | dnl # |
---|
136 | LOCAL_DOMAIN(`localhost.localdomain')dnl |
---|
137 | dnl # |
---|
138 | dnl # The following example makes mail from this host and any additional |
---|
139 | dnl # specified domains appear to be sent from mydomain.com |
---|
140 | dnl # |
---|
141 | dnl MASQUERADE_AS(`mydomain.com')dnl |
---|
142 | dnl # masquerade not just the headers, but the envelope as well |
---|
143 | dnl # |
---|
144 | dnl FEATURE(masquerade_envelope)dnl |
---|
145 | dnl # |
---|
146 | dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well |
---|
147 | dnl # |
---|
148 | dnl FEATURE(masquerade_entire_domain)dnl |
---|
149 | dnl # |
---|
150 | dnl MASQUERADE_DOMAIN(localhost)dnl |
---|
151 | dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl |
---|
152 | dnl MASQUERADE_DOMAIN(mydomainalias.com)dnl |
---|
153 | dnl MASQUERADE_DOMAIN(mydomain.lan)dnl |
---|
154 | MAILER(smtp)dnl |
---|
155 | MAILER(procmail)dnl |
---|
156 | Cwlocalhost.localdomain |
---|