diff options
Diffstat (limited to 'debian/cf')
| -rw-r--r-- | debian/cf/cf/debproto.mc | 42 | ||||
| -rw-r--r-- | debian/cf/debian/autoconf.m4.in | 59 | ||||
| -rw-r--r-- | debian/cf/debian/sendmail.mc.in | 46 | ||||
| -rw-r--r-- | debian/cf/debian/starttls.m4.in | 52 | ||||
| -rw-r--r-- | debian/cf/debian/submit.mc.in | 56 | ||||
| -rw-r--r-- | debian/cf/domain/debian-msp.m4.in | 98 | ||||
| -rw-r--r-- | debian/cf/domain/debian-mta.m4.in | 134 | ||||
| -rw-r--r-- | debian/cf/feature/dont_masquerade_local.m4 | 9 | ||||
| -rw-r--r-- | debian/cf/feature/dssl.m4 | 5 | ||||
| -rw-r--r-- | debian/cf/feature/imrss.m4 | 5 | ||||
| -rw-r--r-- | debian/cf/feature/ldap.m4 | 13 | ||||
| -rw-r--r-- | debian/cf/feature/orbs.m4 | 7 | ||||
| -rw-r--r-- | debian/cf/feature/orca.m4 | 6 | ||||
| -rw-r--r-- | debian/cf/feature/rhsbl.m4 | 40 | ||||
| -rw-r--r-- | debian/cf/feature/vnet.m4 | 61 | ||||
| -rw-r--r-- | debian/cf/hack/debian_auth.m4.in | 47 | ||||
| -rw-r--r-- | debian/cf/hack/msp_nullclient.m4 | 95 | ||||
| -rw-r--r-- | debian/cf/hack/nodns.m4 | 47 | ||||
| -rw-r--r-- | debian/cf/hack/spamtrap.m4 | 62 | ||||
| -rw-r--r-- | debian/cf/hack/virthost_by_ip.m4.in | 77 | ||||
| -rw-r--r-- | debian/cf/mailer/cyrus21.m4 | 66 | ||||
| -rw-r--r-- | debian/cf/ostype/debian.m4 | 105 | ||||
| -rw-r--r-- | debian/cf/ostype/debian.m4.in | 110 |
23 files changed, 994 insertions, 248 deletions
diff --git a/debian/cf/cf/debproto.mc b/debian/cf/cf/debproto.mc deleted file mode 100644 index ea20179..0000000 --- a/debian/cf/cf/debproto.mc +++ /dev/null @@ -1,42 +0,0 @@ -divert(-1) -# -# Copyright (c) 1983 Eric P. Allman -# Copyright (c) 1988, 1993 -# The Regents of the University of California. All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# 3. All advertising materials mentioning features or use of this software -# must display the following acknowledgement: -# This product includes software developed by the University of -# California, Berkeley and its contributors. -# 4. Neither the name of the University nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# - -# -# This file is used to configure sendmail for use with Debian systems. -# - -divert(0) -VERSIONID(`@(#)sendmail.mc 8.9.3-21 (Debian) 20000309') -OSTYPE(debian)dnl diff --git a/debian/cf/debian/autoconf.m4.in b/debian/cf/debian/autoconf.m4.in new file mode 100644 index 0000000..e9d6430 --- /dev/null +++ b/debian/cf/debian/autoconf.m4.in @@ -0,0 +1,59 @@ +divert(-1)dnl +#----------------------------------------------------------------------------- +# $Sendmail: autoconf.m4,v @sm_version@ @sm_date@ @sm_time@ cowboy Exp $ +# +# Copyright (c) 2001-@SM_CPYRT@ Richard Nelson. All Rights Reserved. +# +# @configure_input@ +# +# m4 autoconf config file for building Sendmail @sm_version@@sm_revision@ +# +# Note: the .in file supports @SM_MINVERS@ - @SM_MAXVERS@, but the generated +# file is customized to the version noted above. +# +#----------------------------------------------------------------------------- +# +divert(0)dnl +VERSIONID(`$Id: autoconf.m4, v @sm_version@@sm_revision@ @sm_date@ @sm_time@ cowboy Exp $') +dnl # +dnl #--------------------------------------------------------------------- +dnl # Export (from autoconf to m4) some items of dubious value +dnl #--------------------------------------------------------------------- +define(`SM_VERS', `@SM_VERS@')dnl +define(`SM_DATE', `@SM_DATE@')dnl +define(`SM_MINVERS', `@SM_MINVERS@')dnl +define(`SM_MAXVERS', `@SM_MAXVERS@')dnl +define(`SM_CPYRT', `@SM_CPYRT@')dnl +define(`sm_date', `@sm_date@')dnl +define(`sm_time', `@sm_time@')dnl +define(`sm_utc', `@sm_utc@')dnl +define(`sm_version', `@sm_version@')dnl +define(`sm_revision', `@sm_revision@')dnl +define(`sm_version_v', `@sm_version_v@')dnl +define(`sm_version_r', `@sm_version_r@')dnl +define(`sm_version_major', `@sm_version_major@')dnl +define(`sm_version_minor', `@sm_version_minor@')dnl +define(`sm_version_beta', `@sm_version_beta@')dnl +define(`sm_version_math', `@sm_version_math@')dnl +define(`sm_enable_regex', `@sm_enable_regex@')dnl +define(`sm_enable_ndbm', `@sm_enable_ndbm@')dnl +define(`sm_enable_newdb', `@sm_enable_newdb@')dnl +define(`sm_newdb_lib', `@sm_newdb_lib@')dnl +define(`sm_enable_nis', `@sm_enable_nis@')dnl +define(`sm_enable_nisplus', `@sm_enable_nisplus@')dnl +define(`sm_enable_ldap', `@sm_enable_ldap@')dnl +define(`sm_ldap_lib', `@sm_ldap_lib@')dnl +define(`sm_enable_hesiod', `@sm_enable_hesiod@')dnl +define(`sm_hesiod_parms', `@sm_hesiod_parms@')dnl +define(`sm_enable_tcpd', `@sm_enable_tcpd@')dnl +define(`sm_enable_ipv6', `@sm_enable_ipv6@')dnl +define(`sm_enable_maillock',`@sm_enable_maillock@')dnl +define(`sm_enable_milter', `@sm_enable_milter@')dnl +define(`sm_enable_sfio', `@sm_enable_sfio@')dnl +define(`sm_enable_auth', `@sm_enable_auth@')dnl +define(`sm_enable_tls', `@sm_enable_tls@')dnl +define(`sm_enable_shm', `@sm_enable_shm@')dnl +define(`sm_ffr', `@sm_ffr@')dnl +define(`sm_m4_ffr', `@sm_m4_ffr@')dnl +define(`sm_enable_dev', `@sm_enable_dev@')dnl +define(`sm_enable_doc', `@sm_enable_doc@')dnl diff --git a/debian/cf/debian/sendmail.mc.in b/debian/cf/debian/sendmail.mc.in new file mode 100644 index 0000000..c52cadb --- /dev/null +++ b/debian/cf/debian/sendmail.mc.in @@ -0,0 +1,46 @@ +divert(-1)dnl +#----------------------------------------------------------------------------- +# $Sendmail: debproto.mc,v @sm_version@ @sm_date@ @sm_time@ cowboy Exp $ +# +# Copyright (c) 1998-@SM_CPYRT@ Richard Nelson. All Rights Reserved. +# +# @configure_input@ +# +# sendmail.mc prototype config file for building Sendmail @sm_version@ +# +# Note: the .in file supports @SM_MINVERS@ - @SM_MAXVERS@, but the generated +# file is customized to the version noted above. +# +# This file is used to configure Sendmail for use with Debian systems. +# +# If you modify this file, you will have to regenerate /etc/mail/sendmail.cf +# by running this file through the m4 preprocessor via one of the following: +# * `sendmailconfig` +# * `make` +# * `m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf` +# The first two options are preferred as they will also update other files +# that depend upon the contents of this file. +# +# The best documentation for this .mc file is: +# /usr/share/doc/sendmail-doc/cf.README.gz +# +#----------------------------------------------------------------------------- +divert(0)dnl +# +# Copyright (c) 1998-2002 Richard Nelson. All Rights Reserved. +# +# This file is used to configure Sendmail for use with Debian systems. +# +define(`_USE_ETC_MAIL_')dnl +include(`@datadir@/sendmail/cf/m4/cf.m4')dnl +VERSIONID(`$Id: sendmail.mc, v @sm_version@@sm_revision@ @sm_date@ @sm_time@ cowboy Exp $') +OSTYPE(`debian')dnl +DOMAIN(`debian-mta')dnl +dnl # +dnl # General defines +dnl # +dnl # SAFE_FILE_ENV: [undefined] If set, sendmail will do a chroot() +dnl # into this directory before writing files. +dnl # If *all* your user accounts are under /home then use that +dnl # instead - it will prevent any writes outside of /home ! +dnl # define(`confSAFE_FILE_ENV', `')dnl diff --git a/debian/cf/debian/starttls.m4.in b/debian/cf/debian/starttls.m4.in new file mode 100644 index 0000000..d9de9d0 --- /dev/null +++ b/debian/cf/debian/starttls.m4.in @@ -0,0 +1,52 @@ +divert(-1)dnl +#----------------------------------------------------------------------------- +# $Sendmail: starttls.m4,v @sm_version@ @sm_date@ @sm_time@ cowboy Exp $ +# +# Copyright (c) 2002-@SM_CPYRT@ Richard Nelson. All Rights Reserved. +# +# @configure_input@ +# +# starttls.m4 m4 file to support user->MTA, MSP->MTA, and MTA->MTA +# encryption and/or authentication. +# +# To use this file, add this line to sendmail.mc and possibly submit.mc: +# `include(`@sysconfdir@/mail/tls/starttls.m4')dnl' +# +#----------------------------------------------------------------------------- +# +divert(0)dnl +VERSIONID(`$Id: starttls.m4,v @sm_version@@sm_revision@ @sm_date@ @sm_time@ cowboy Exp $') +dnl # +dnl #--------------------------------------------------------------------- +dnl # Bring in Autoconf results +dnl #--------------------------------------------------------------------- +ifdef(`sm_version', `dnl', +`include(`@datadir@/sendmail/cf/debian/autoconf.m4')dnl') +dnl # +dnl # Check to see if inclusion is valid (version >= 8.11.0, tls enabled) +ifelse(eval(sm_version_math >= 527104), `1', dnl +`ifelse(sm_enable_tls, `yes', `dnl +dnl # +dnl # Do not touch anything above this line... +dnl # +dnl # CA directory - CA certs should be herein +define(`confCACERT_PATH', `@sysconfdir@/ssl/certs')dnl +dnl # +dnl # CA file (may be the same as client/server certificate) +define(`confCACERT', `@sysconfdir@/mail/tls/sendmail-server.crt')dnl +dnl # +dnl # Server certificate/key (can be in the same file, and shared w/client) +dnl # NOTE: The key must *NOT* be encrypted !!! +define(`confSERVER_CERT', `@sysconfdir@/mail/tls/sendmail-server.crt')dnl +define(`confSERVER_KEY', `@sysconfdir@/mail/tls/sendmail-common.key')dnl +dnl # +dnl # Clien certificate/key (can be in the same file, and shared w/server) +dnl # NOTE: The key must *NOT* be encrypted !!! +define(`confCLIENT_CERT', `@sysconfdir@/mail/tls/sendmail-client.crt')dnl +define(`confCLIENT_KEY', `@sysconfdir@/mail/tls/sendmail-common.key')dnl +dnl # +dnl # Optional settings +dnl define(`confTLS_SRV_OPTIONS', `V')dnl # don't request user certs +dnl # +dnl # Do not touch anything below this line... +)')dnl diff --git a/debian/cf/debian/submit.mc.in b/debian/cf/debian/submit.mc.in new file mode 100644 index 0000000..572b638 --- /dev/null +++ b/debian/cf/debian/submit.mc.in @@ -0,0 +1,56 @@ +divert(-1)dnl +#----------------------------------------------------------------------------- +# $Sendmail: submit.mc,v @sm_version@ @sm_date@ @sm_time@ cowboy Exp $ +# +# Copyright (c) 2000-@SM_CPYRT@ Richard Nelson. All Rights Reserved. +# +# @configure_input@ +# +# submit.mc prototype config file for building Sendmail @sm_version@ +# +# Note: the .in file supports @SM_MINVERS@ - @SM_MAXVERS@, but the generated +# file is customized to the version noted above. +# +# This file is used to configure Sendmail for use with Debian systems. +# +# If you modify this file, you will have to regenerate /etc/mail/submit.cf +# by running this file through the m4 preprocessor via one of the following: +# * `sendmailconfig` +# * `make` +# * `m4 /etc/mail/submit.mc > /etc/mail/submit.cf` +# The first two options are preferred as they will also update other files +# that depend upon the contents of this file. +# +# The best documentation for this .mc file is: +# /usr/share/doc/sendmail-doc/cf.README.gz +# +#----------------------------------------------------------------------------- +divert(0)dnl +# +# Copyright (c) 2000-2002 Richard Nelson. All Rights Reserved. +# +# This file is used to configure Sendmail for use with Debian systems. +# +define(`_USE_ETC_MAIL_')dnl +include(`@datadir@/sendmail/cf/m4/cf.m4')dnl +VERSIONID(`$Id: submit.mc, v @sm_version@@sm_revision@ @sm_date@ @sm_time@ cowboy Exp $') +OSTYPE(`debian')dnl +DOMAIN(`debian-msp')dnl +dnl # +dnl #--------------------------------------------------------------------- +dnl # Masquerading information, if needed, should go here +dnl # You likely will not need this, as the MTA will do it +dnl #--------------------------------------------------------------------- +dnl MASQUERADE_AS()dnl +dnl FEATURE(`masquerade_envelope')dnl +dnl # +dnl #--------------------------------------------------------------------- +dnl # The real reason we're here: the FEATURE(msp) +dnl #--------------------------------------------------------------------- +FEATURE(`msp', `[127.0.0.1]', `MSA')dnl +dnl # +dnl #--------------------------------------------------------------------- +dnl # Some minor cleanup from FEATURE(msp) +dnl #--------------------------------------------------------------------- +dnl # +dnl #--------------------------------------------------------------------- diff --git a/debian/cf/domain/debian-msp.m4.in b/debian/cf/domain/debian-msp.m4.in new file mode 100644 index 0000000..c3d04d5 --- /dev/null +++ b/debian/cf/domain/debian-msp.m4.in @@ -0,0 +1,98 @@ +divert(-1)dnl +#----------------------------------------------------------------------------- +# $Sendmail: debian-msp.m4,v @sm_version@ @sm_date@ @sm_time@ cowboy Exp $ +# +# Copyright (c) 1998-@SM_CPYRT@ Richard Nelson. All Rights Reserved. +# +# @configure_input@ +# +# domain(debian-msp) config file for building Sendmail @sm_version@@sm_revision@ +# +# Note: the .in file supports @SM_MINVERS@ - @SM_MAXVERS@, but the generated +# file is customized to the version noted above. +# +#----------------------------------------------------------------------------- +# +divert(0)dnl +dnl # +dnl #--------------------------------------------------------------------- +dnl # Bring in Autoconf results +dnl #--------------------------------------------------------------------- +ifdef(`sm_version', `dnl', +`include(`@datadir@/sendmail/cf/debian/autoconf.m4')dnl') +dnl # +VERSIONID(`$Id: debian-msp.m4, v @sm_version@@sm_revision@ @sm_date@ @sm_time@ cowboy Exp $') +define(`DEBIAN_MSP')dnl +dnl # +dnl # changes made herein *must* be reflected in parse_mc,update_db,debian.m4 +dnl # +define(`MSP_QUEUE_DIR', `@localstatedir@/spool/mqueue-client')dnl +define(`STATUS_FILE', `@localstatedir@/lib/sendmail/sm-client.st')dnl +dnl # +dnl # Since MSP only delivers to MTA, persistant status isn't needed +define(`confHOST_STATUS_DIRECTORY', `')dnl +dnl # +dnl # For FHS, we use a subdirectory in /var/run (multiple files) +dnl # For permissions, we use separate MSP/MTA subdirectories +define(`confPID_FILE', `@localstatedir@/run/sendmail/msp/sendmail.pid')dnl +define(`confCONTROL_SOCKET_NAME', + `@localstatedir@/run/sendmail/msp/smcontrol')dnl +dnl # +dnl # flags +define(`confPROCESS_TITLE_PREFIX', `MSP')dnl +define(`confCON_EXPENSIVE', `True')dnl +define(`confNO_RCPT_ACTION', `add-to-undisclosed')dnl +define(`confRRT_IMPLIES_DSN', `True')dnl +define(`confSAFE_FILE_ENV', `/')dnl +define(`confSAFE_QUEUE', `True')dnl +define(`confQUEUE_FILE_MODE', `0660')dnl +define(`confTEMP_FILE_MODE', `0600')dnl +dnl # +dnl # Provide some 'more reasonable' timeout values +dnl # See SASL/TLS sections below for more timeout values +dnl # +define(`confTO_ICONNECT', `2s')dnl # rfc min= , def=5m +define(`confTO_MAIL', `2m')dnl # rfc min=5m, def=10m, too long +define(`confTO_DATAINIT', `2m')dnl # rfc min=2m, def=5m +define(`confTO_RSET', `1m')dnl # rfc min= , def=5m +define(`confTO_QUIT', `2m')dnl # rfc min= , def=2m +define(`confTO_COMMAND', `5m')dnl # rfc min=5m, def=1h +define(`confTO_IDENT', `5s')dnl # , def=5s, 0=skip +define(`confTO_HOSTSTATUS',`0')dnl # , def=30m +dnl # +dnl # by default, disable Message Submission Agent (8.10.0+) +ifelse(eval(sm_version_math >= 526848), `1',dnl +`FEATURE(`no_default_msa')') +dnl # +dnl # Mail Submission Program uid/gid +define(`confRUN_AS_USER', `smmsp')dnl +define(`confTRUSTED_USER', confRUN_AS_USER)dnl +dnl # +dnl # Optional items (should be a subset site.config.m4 used for build) +dnl # to prevent sendmail error messages +dnl # +dnl #--------------------------------------------------------------------- +dnl # SMTP AUTH (SASL) support (sendmail 8.10.0 +) +dnl # NOTE: we'll us inaddr_any instead of 127.0.0.1 (or not...) +dnl # Sigh: MSP AUTH doesn't work in -bs mode (/etc/sasldb !o+r) +dnl #--------------------------------------------------------------------- +ifelse(sm_enable_auth, `yes',dnl +`define(`confAUTH_MECHANISMS',dnl + `GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5 PLAIN LOGIN')dnl' +`TRUST_AUTH_MECH(`GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5 PLAIN LOGIN')' +`ifelse(eval(sm_version_math >= 527360), `1',dnl +`define(`confTO_AUTH', `2m')dnl # , def=10m' +`define(`confDONT_BLAME_SENDMAIL',dnl +defn(`confDONT_BLAME_SENDMAIL')`,GroupReadableSASLDBFile,GroupWritableSASLDBFile')dnl')' +`DAEMON_OPTIONS(`Name=NoMTA, Addr=127.0.0.1, M=EA')dnl' +)dnl +dnl # +dnl #--------------------------------------------------------------------- +dnl # SMTP STARTTLS (OpenSSL) support (sendmail 8.11.0 +) +dnl #--------------------------------------------------------------------- +ifelse(sm_enable_tls, `yes',dnl +`ifelse(eval(sm_version_math >= 527360), `1',dnl +`define(`confTO_STARTTLS', `2m')dnl # , def=10m' +`define(`confDONT_BLAME_SENDMAIL',dnl + defn(`confDONT_BLAME_SENDMAIL')`,GroupReadableKeyFile')dnl')' +)dnl diff --git a/debian/cf/domain/debian-mta.m4.in b/debian/cf/domain/debian-mta.m4.in new file mode 100644 index 0000000..1a82051 --- /dev/null +++ b/debian/cf/domain/debian-mta.m4.in @@ -0,0 +1,134 @@ +divert(-1)dnl +#----------------------------------------------------------------------------- +# $Sendmail: debian-mta.m4,v @sm_version@ @sm_date@ @sm_time@ cowboy Exp $ +# +# Copyright (c) 1998-@SM_CPYRT@ Richard Nelson. All Rights Reserved. +# +# @configure_input@ +# +# domain(debian-mta) config file for building Sendmail @sm_version@@sm_revision@ +# +# Note: the .in file supports @SM_MINVERS@ - @SM_MAXVERS@, but the generated +# file is customized to the version noted above. +# +#----------------------------------------------------------------------------- +# +divert(0)dnl +dnl # +dnl #--------------------------------------------------------------------- +dnl # Bring in Autoconf results +dnl #--------------------------------------------------------------------- +ifdef(`sm_version', `dnl' , +`include(`@datadir@/sendmail/cf/debian/autoconf.m4')dnl') +dnl # +VERSIONID(`$Id: debian-mta.m4, v @sm_version@@sm_revision@ @sm_date@ @sm_time@ cowboy Exp $') +define(`DEBIAN_MTA')dnl +dnl # +dnl # changes made herein *must* be reflected in parse_mc,update_db,debian.m4 +dnl # +define(`STATUS_FILE', `@localstatedir@/lib/sendmail/sendmail.st')dnl +define(`confHOST_STATUS_DIRECTORY', + `@localstatedir@/lib/sendmail/host_status')dnl +dnl # +dnl # For FHS, we use a subdirectory in /var/run (multiple files) +dnl # For permissions, we use separate MSP/MTA subdirectories +define(`confPID_FILE', `@localstatedir@/run/sendmail/mta/sendmail.pid')dnl +define(`confCONTROL_SOCKET_NAME', + `@localstatedir@/run/sendmail/mta/smcontrol')dnl +dnl # +dnl # flags +define(`confPROCESS_TITLE_PREFIX', `MTA')dnl +define(`confCON_EXPENSIVE', `True')dnl +define(`confMAX_DAEMON_CHILDREN', `0')dnl +define(`confNO_RCPT_ACTION', `add-to-undisclosed')dnl +define(`confRRT_IMPLIES_DSN', `True')dnl +define(`confSAFE_FILE_ENV', `/')dnl +define(`confSAFE_QUEUE', `True')dnl +define(`confQUEUE_FILE_MODE', `0600')dnl +define(`confTEMP_FILE_MODE', `0600')dnl +dnl # +dnl # Provide some 'more reasonable' timeout values +dnl # See SASL/TLS sections below for more timeout values +dnl # +define(`confTO_ICONNECT', `5s')dnl # rfc min= , def=5m +define(`confTO_MAIL', `2m')dnl # rfc min=5m, def=10m, too long +define(`confTO_DATAINIT', `2m')dnl # rfc min=2m, def=5m +define(`confTO_RSET', `1m')dnl # rfc min= , def=5m +define(`confTO_QUIT', `2m')dnl # rfc min= , def=2m +define(`confTO_COMMAND', `5m')dnl # rfc min=5m, def=1h +define(`confTO_IDENT', `5s')dnl # , def=5s, 0=skip +dnl # +dnl # Debian users have group writable directories/files by default (8.9.0+) +ifelse(eval(sm_version_math >= 526592), `1',dnl +`define(`confDONT_BLAME_SENDMAIL',dnl +`AssumeSafeChown,ForwardFileInGroupWritableDirPath,GroupWritableForwardFileSafe,GroupWritableIncludeFileSafe,IncludeFileInGroupWritableDirPath')dnl' +)dnl +dnl # +dnl # Don't warn for non-existant forward files (8.10.0+) +ifelse(eval(sm_version_math >= 526848), `1',dnl +`define(`confDONT_BLAME_SENDMAIL',dnl + defn(`confDONT_BLAME_SENDMAIL')`,DontWarnForwardFileInUnsafeDirPath')dnl' +)dnl +dnl # +dnl # Allow group-writable include files (8.12.0+) +ifelse(eval(sm_version_math >= 527360), `1',dnl +`define(`confDONT_BLAME_SENDMAIL',dnl + defn(`confDONT_BLAME_SENDMAIL')`,GroupWritableIncludeFile')dnl' +)dnl +dnl # +dnl # by default, disable Message Submission Agent (8.10.0+) +dnl # except for 8.12.0+, where its needed for MSA ! +ifelse(eval(sm_version_math >= 526848), `1',dnl +`ifelse(eval(sm_version_math < 527360), `1',dnl +`FEATURE(`no_default_msa')',`dnl')') +dnl # +dnl # Allow mailq/hoststat to work with both MSP/MTA queues +ifelse(eval(sm_version_math >= 527360), `1',dnl +`define(`confQUEUE_FILE_MODE', `0640')dnl' +`define(`confTEMP_FILE_MODE', `0644')dnl') +dnl # +dnl # For security, we default to not letting lusers run the queues +dnl # If possible, we prevent sendmail -bv from reading things they shouldn't +dnl # +define(`confPRIVACY_FLAGS', `restrictqrun') +ifelse(eval(sm_version_math >= 527360), `1',dnl +`define(`confPRIVACY_FLAGS',dnl + defn(`confPRIVACY_FLAGS')`,restrictexpand')dnl') +dnl # +dnl # Provide a more reasonable default for number of queue-runners +dnl # because many/most? people will not discover this themselves +dnl # and the sendmail default is one! +dnl # +define(`confMAX_RUNNERS_PER_QUEUE', `5')dnl +dnl # +dnl # Optional items (should be a subset site.config.m4 used for build) +dnl # to prevent sendmail error messages +dnl # +dnl #--------------------------------------------------------------------- +dnl # SMTP AUTH (SASL) support (sendmail 8.10.0 +) +dnl # PLAIN/LOGIN needed to support SASL auth via PAM ;( +dnl # if this bothers you, you allow them only in conjunction w/STARTTLS ! +dnl # for 8.12.0+, add EXTERNAL as an available & trusted mech (w/STARTTLS) +dnl #--------------------------------------------------------------------- +ifelse(sm_enable_auth, `yes',dnl +`define(`confAUTH_MECHANISMS',dnl +`GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5 PLAIN LOGIN')dnl' +`TRUST_AUTH_MECH(`GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5 PLAIN LOGIN')' +`ifelse(eval(sm_version_math >= 527360), `1',dnl +`define(`confAUTH_MECHANISMS',dnl +`EXTERNAL 'defn(`confAUTH_MECHANISMS'))dnl' +`TRUST_AUTH_MECH(`EXTERNAL')' +`define(`confTO_AUTH', `2m')dnl # , def=10m' +`define(`confDONT_BLAME_SENDMAIL',dnl +defn(`confDONT_BLAME_SENDMAIL')`,GroupReadableSASLDBFile,GroupWritableSASLDBFile')dnl')' +)dnl +dnl # +dnl #--------------------------------------------------------------------- +dnl # SMTP STARTTLS (OpenSSL) support (sendmail 8.11.0 +) +dnl #--------------------------------------------------------------------- +ifelse(sm_enable_tls, `yes',dnl +`ifelse(eval(sm_version_math >= 527360), `1',dnl +`define(`confTO_STARTTLS', `2m')dnl # , def=10m' +`define(`confDONT_BLAME_SENDMAIL',dnl + defn(`confDONT_BLAME_SENDMAIL')`,GroupReadableKeyFile')dnl')' +)dnl diff --git a/debian/cf/feature/dont_masquerade_local.m4 b/debian/cf/feature/dont_masquerade_local.m4 deleted file mode 100644 index 5748721..0000000 --- a/debian/cf/feature/dont_masquerade_local.m4 +++ /dev/null @@ -1,9 +0,0 @@ -divert(-1) -# -# Prevent masquerading of local senders when sending to local recipients -# used by: mailer/local.m4 -# -divert(0) -VERSIONID(`@(#)dont_masquerade_local.m4 1.0 (Debian) 1999-04-22') -divert(-1) -define(`_DONT_MASQUERADE_LOCAL_', 1)dnl diff --git a/debian/cf/feature/dssl.m4 b/debian/cf/feature/dssl.m4 deleted file mode 100644 index 2ed99ee..0000000 --- a/debian/cf/feature/dssl.m4 +++ /dev/null @@ -1,5 +0,0 @@ -divert(0) -VERSIONID(`@(#)dssl.m4 1.0 (Debian) 1999-08-03') -divert(-1) -FEATURE(rbl,`dssl.imrss.org',` Mail from $&{client_addr} - rejected - dynamic ip; see http://www.imrss.org/dssl/unblock.html') diff --git a/debian/cf/feature/imrss.m4 b/debian/cf/feature/imrss.m4 deleted file mode 100644 index c01a992..0000000 --- a/debian/cf/feature/imrss.m4 +++ /dev/null @@ -1,5 +0,0 @@ -divert(0) -VERSIONID(`@(#)imrss.m4 1.0 (Debian) 1999-08-03') -divert(-1) -FEATURE(rbl,`mr-out.imrss.org',` Mail from $&{client_addr} - rejected - open relay; see http://www.imrss.org/error.html') diff --git a/debian/cf/feature/ldap.m4 b/debian/cf/feature/ldap.m4 deleted file mode 100644 index 57ea0e0..0000000 --- a/debian/cf/feature/ldap.m4 +++ /dev/null @@ -1,13 +0,0 @@ -divert(-1) -# commentary/copyright -divert(0) -VERSIONID(`@(#)ldap.m4 1.0 (Debian) 1999-04-23') -divert(-1) -dnl # -dnl # Mark LDAP in use for subsequent S5 rule -dnl # -define(`_LDAP_MAP_', 1)dnl -LOCAL_CONFIG -# Define ldap map, arguments come directly from the `FEATURE(ldap, xxx)' -# This version of ldap.m4 only checks the map in the S5 rule -Kldap ldapx _ARG_ diff --git a/debian/cf/feature/orbs.m4 b/debian/cf/feature/orbs.m4 deleted file mode 100644 index aec60a4..0000000 --- a/debian/cf/feature/orbs.m4 +++ /dev/null @@ -1,7 +0,0 @@ -divert(0) -VERSIONID(`@(#)orbs.m4 2.0 (Debian) 1999-04-22') -divert(-1) -dnl define(`_ORBS_', ifelse(_ARG_, `', `orbs.dorkslayers.com', `_ARG_'))dnl -dnl define(`_ORBS_', ifelse(_ARG_, `', `relays.orbs.org', `_ARG_'))dnl -FEATURE(rbl,`relays.orbs.org',` Mail from $&{client_addr} - rejected - open relay; see http://www.orbs.org') diff --git a/debian/cf/feature/orca.m4 b/debian/cf/feature/orca.m4 deleted file mode 100644 index 4f8e874..0000000 --- a/debian/cf/feature/orca.m4 +++ /dev/null @@ -1,6 +0,0 @@ -divert(0) -VERSIONID(`@(#)orca.m4 2.0 (Debian) 1999-04-22') -divert(-1) -dnl define(`_ORCA_', ifelse(_ARG_, `', `dul.orca.bc.ca', `_ARG_'))dnl -FEATURE(rbl,`dul.maps.vix.com',` Mail from $&{client_addr} - rejected - dul; see http://maps.vix.com') diff --git a/debian/cf/feature/rhsbl.m4 b/debian/cf/feature/rhsbl.m4 new file mode 100644 index 0000000..857ce58 --- /dev/null +++ b/debian/cf/feature/rhsbl.m4 @@ -0,0 +1,40 @@ +divert(-1) +# +# Copyright (c) 2001 Derek J. Balling +# All rights reserved. +# +# Permission to use granted for all purposes. If modifications are made +# they are requested to be sent to <dredd@megacity.org> for inclusion in future +# versions +# +# Allows (hopefully) for checking of access.db whitelisting now. This ONLY +# works on sendmail-8.12.x ... use on any other version may require tinkering +# by you the downloader. +# +divert(0) +ifdef(`_RHSBL_R_',`dnl',`dnl +VERSIONID(`$Id: rhsbl.m4,v 1.1 2001/08/27 15:41:15 dredd Exp $') +define(`_RHSBL_R_',`') +ifdef(`_DNSBL_R_',`dnl',`dnl +LOCAL_CONFIG +# map for DNS based blacklist lookups based on the sender RHS +Kdnsbl host -T<TMP>')') +divert(-1) +define(`_RHSBL_SRV_', `_ARG_')dnl +define(`_RHSBL_MSG_', `ifelse(len(X`'_ARG2_),`1',`"550 Mail from " $`'&{RHS} " refused by blackhole site '_RHSBL_SRV_`"',`_ARG2_')')dnl +define(`_RHSBL_MSG_TMP_', `ifelse(_ARG3_,`t',`"451 Temporary lookup failure of " $`'&{RHS} " at '_RHSBL_SRV_`"',`_ARG2_')')dnl +divert(8) +LOCAL_RULESETS +SLocal_check_mail +# DNS based RHS spam list _RHSBL_SRV_ +R$+ $: <@> $>CanonAddr $&f +R<@> $*<@$+.> $:<@>$1<@$2.>$|$>SearchList<+ rhs>$|<F:$1@$2><D:$2><> +R$* $| <$={Accept}> $: OKSOFAR +R<@> $*<@$+.> $| $* $: <?> $(dnsbl $2._RHSBL_SRV_. $: OK $) $(macro {RHS} $@ $2 $) +R<@> $* $: OKSOFAR +R<?>OK $: OKSOFAR +ifelse(len(X`'_ARG3_),`1', +`R<?>$+<TMP> $: TMPOK', +`R<?>$+<TMP> $#error $@ 4.7.1 $: _RHSBL_MSG_TMP_') +R<?>$+ $#error $@ 5.7.1 $: _RHSBL_MSG_ +divert(-1) diff --git a/debian/cf/feature/vnet.m4 b/debian/cf/feature/vnet.m4 index 56377f4..6086baf 100644 --- a/debian/cf/feature/vnet.m4 +++ b/debian/cf/feature/vnet.m4 @@ -1,16 +1,38 @@ -PUSHDIVERT(0) +divert(-1)dnl +#----------------------------------------------------------------------------- +# $Sendmail: ./vnet.m4,v 8.12.0 2001/09/24 12:00:00 cowboy Exp $ +# +# Copyright (c) 2001-2001 Richard Nelson. All Rights Reserved. +# +# feature(vnet) config file for building Sendmail +# +#----------------------------------------------------------------------------- +# +divert(0)dnl +dnl +dnl +dnl LOCAL_CONFIG +###################################################################### +### vnet: support .rscs domain and XAGENT +### +###################################################################### # # Support routing of .rscs nodes via XAGENT # # Define vnet/rscs node hlq -CAvnet rscs -# Note: you'll to define your XAGENT node: +CAvnet.ibm.com vnet rscs +# +# Note: you'll have to define your XAGENT node: #DAlexvmk.lexington.ibm.com -dnl # -dnl # -dnl # +dnl +dnl +dnl LOCAL_RULE_3 +###################################################################### +### vnet: support .rscs domain, XAGENT, and Lotus Notes +### +###################################################################### # # Support Lotus Notes and VM TCP/IP MTAs # @@ -20,14 +42,16 @@ R$* % ibmuk.rscs < @ $+> $* $: $1 < @ uk.ibm.com > $3 R$* % $-.rscs < @ $+> $* $: $1 < @ $2.rscs > $4 # Now, try the domaintable yet again... R$* < @ $-.rscs > $* $: $1 < @ $(domaintable $2.rscs $) > $3 -dnl # -dnl # -dnl # +# Finally, allow an override on simply the rscs domain... +R$* < @ $-.rscs > $* $: $1 < @ $2.$(domaintable rscs $) > $3 +dnl +dnl +dnl LOCAL_NET_CONFIG -#------------------------------------------------------------------------ -# Handle RSCS/VM messages and messages addressed to sites internal to IBM -#------------------------------------------------------------------------ -# +###################################################################### +### vnet: Handle .rscs domain, deliver to *.ibm.com, etc... +### +###################################################################### # Skip any local addresses # (or we'll get a "mail loops back to itself" error @@ -36,12 +60,11 @@ R$* < @ $=w > $* $@ $1 < @ $2 . > $3 regular local name # Recipients inside IBM--transfer the mail directly. -R$* < @ $+.ibm.com > $* $#smtp $@ $2.ibm.com $: $1 < @$2.ibm.com > $3 -R$* < @ $+.ibm.com. > $* $#smtp $@ $2.ibm.com $: $1 < @$2.ibm.com > $3 +R$* < @ $+.ibm.com > $* $#relay $@ $2.ibm.com $: $1 < @$2.ibm.com > $3 +R$* < @ $+.ibm.com. > $* $#relay $@ $2.ibm.com $: $1 < @$2.ibm.com > $3 # Recipients of the form user@node.vnet get rewritten to -# user@node.RSCS, the message itself is forwarded to the RSCS/VM node -# specified in $A. +# user@node.vnet.ibm.com, the message itself is forwarded to +# the RSCS/VM node specified in $A. -R$* < @ $-.$=A > $* $#smtp $@ $A $: $1 < @$2.RSCS > $4 -POPDIVERT +R$* < @ $-.$=A > $* $#relay $@ $A $: $1 < @$2.vnet.ibm.com > $4 diff --git a/debian/cf/hack/debian_auth.m4.in b/debian/cf/hack/debian_auth.m4.in new file mode 100644 index 0000000..66510b1 --- /dev/null +++ b/debian/cf/hack/debian_auth.m4.in @@ -0,0 +1,47 @@ +divert(-1)dnl +#----------------------------------------------------------------------------- +# $Sendmail: debian_auth.m4,v @sm_version@ @sm_date@ @sm_time@ cowboy Exp $ +# +# Copyright (c) 2001-@SM_CPYRT@ Richard Nelson. All Rights Reserved. +# +# @configure_input@ +# +# debian_trustauth.m4 m4 file for +# * supporting MSP->MTA and MTA->MTA authentication +# * supporting the auth= parameter on the mail from: command. +# +# This file is an extremely simple example that lets *ALL* trusted users +# sendmail, daemon, root, uucp, etc. proxy for any user. +# +# If you've a better idea, please let me know +# +#----------------------------------------------------------------------------- +divert(0)dnl +VERSIONID(`$Id: debian_auth.m4,v @sm_version@@sm_revision@ @sm_date@ @sm_time@ cowboy Exp $') +dnl # +dnl # MTA as Client authentication - only if authinfo/access_db *NOT* used... +define(`confDEF_AUTH_INFO', `MAIL_SETTINGS_DIR`'default-auth-info')dnl +dnl # +dnl # add (fake) uid 'sendmail' to trusted users - it is used as the id +dnl # for MSP->MTA, and MTA->MTA proxying. +ifdef(`confTRUSTED_USERS', + `define(`confTRUSTED_USERS', + defn(`confTRUSTED_USERS')`,sendmail')', + `define(`confTRUSTED_USERS', `sendmail')')dnl +dnl # +dnl # Define local rulesets for trust_auth +LOCAL_RULESETS +# +#----------------------------------------------------------------------------- +# Local_trust_auth: Define who is able to authenticate for whom... +# The sendmail default is to allow *IFF* authen == author +# This ruleset also allows trusted users to authenicate as anyone - needed +# for MSP->MTA and MTA->MTA forwarding of mail from: <...> auth=... +SLocal_trust_auth +R$* $: $&{auth_authen} Put authentication id in the workspace +ifdef(`DEBIAN_DEBUG',dnl +`R$* $: $(log authtype:$&{auth_type} $) $1 +R$* $: $(log authauthen:$&{auth_authen} $) $1 +R$* $: $(log authauthor:$&{auth_author} $) $1')dnl +R$=t $@ $#ok Trusted users... Allow trusted users to auth= as anyone +#----------------------------------------------------------------------------- diff --git a/debian/cf/hack/msp_nullclient.m4 b/debian/cf/hack/msp_nullclient.m4 new file mode 100644 index 0000000..db9f8cc --- /dev/null +++ b/debian/cf/hack/msp_nullclient.m4 @@ -0,0 +1,95 @@ +divert(-1)dnl +#----------------------------------------------------------------------------- +# $Sendmail: ./msp_nullclient.m4,v 8.12.0 2001/05/23 14:30:00 cowboy Exp $ +# +# Copyright (c) 2001-2001 Richard Nelson. All Rights Reserved. +# +# msp_nullclient.m4 m4 file for supporting a nullclient in the MSP +# environment. That is, change the feature(msp) to feature(msp_nullclient) +# in /etc/mail/submit.mc. An MTA listener is now optional, and you can +# run with only MSP mode (setgid mail). +# +# This file is blatantly cut&pasted from nullclient.m4 and msp.m4 !!! +# +# If you've a better idea, please let me know +# +#----------------------------------------------------------------------------- +# +# Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers. +# All rights reserved. +# Copyright (c) 1983 Eric P. Allman. All rights reserved. +# Copyright (c) 1988, 1993 +# The Regents of the University of California. All rights reserved. +# +# By using this file, you agree to the terms and conditions set +# forth in the LICENSE file which can be found at the top level of +# the sendmail distribution. +# +# +ifelse(defn(`_ARG_'), `', `errprint(`Hack "msp_nullclient" requires argument')', + `define(`_NULL_CLIENT_', _ARG_)') + +# +# This is used only for relaying mail from a client to a hub when +# that client does absolutely nothing else -- i.e., it is a "null +# mailer". In this sense, it acts like the "R" option in Sun +# sendmail. +# + +divert(0)dnl +VERSIONID(`$Id: msp_nullclient.m4,v 8.12.0 2001/05/23 14:30:00 cowboy Exp $') +divert(-1)dnl + +dnl # +dnl # This *MUST* be used within the context of MSP +ifdef(`DEBIAN_MSP', `dnl', `DOMAIN(`debian-msp')') +dnl # +dnl # Restrict listening to localhost (to increase security) +ifelse(defn(`_DPO_'), `', +`DAEMON_OPTIONS(`Name=NoMTA, Addr=127.0.0.1, M=E')dnl') + +dnl #-------------------- Now the Nullclient carp --------------------------- +undefine(`ALIAS_FILE') +define(`MAIL_HUB', _NULL_CLIENT_) +define(`SMART_HOST', _NULL_CLIENT_) +define(`confFORWARD_PATH', `') +ifdef(`confFROM_HEADER',, `define(`confFROM_HEADER', `<$g>')') +dnl #-------------------- Now the MSP carp ---------------------------------- +ifdef(`STATUS_FILE', +`define(`_F_', +`define(`_b_', index(STATUS_FILE, `sendmail.st'))ifelse(_b_, `-1', `STATUS_FILE', `substr(STATUS_FILE, 0, _b_)sm-client.st')') +define(`STATUS_FILE', _F_) +undefine(`_b_') undefine(`_F_')', +`define(`STATUS_FILE', `/var/run/sm-client.st')') +define(`confUSE_MSP', `True')dnl +define(`confFORWARD_PATH', `')dnl +define(`confPRIVACY_FLAGS', `goaway,noetrn')dnl +dnl --------------------------------------------- +dnl run as this user (even if called by root) +define(`confRUN_AS_USER', `smmsp')dnl +define(`confTRUSTED_USER', `confRUN_AS_USER')dnl +dnl --------------------------------------------- +dnl This queue directory must have the same group +dnl as sendmail and it must be group-writable. +dnl notice: do not test for QUEUE_DIR, it is set in some ostype/*.m4 files +ifdef(`MSP_QUEUE_DIR', +`define(`QUEUE_DIR', `MSP_QUEUE_DIR')', +`define(`QUEUE_DIR', `/var/spool/clientmqueue')')dnl +dnl --------------------------------------------- +ifdef(`confPID_FILE', `dnl', +`define(`confPID_FILE', QUEUE_DIR`/sm-client.pid')') +define(`confQUEUE_FILE_MODE', `0660')dnl +FEATURE(`no_default_msa')dnl +ifelse(defn(`_DPO_'), `', +`DAEMON_OPTIONS(`Name=NoMTA, Addr=127.0.0.1, M=E')dnl') +dnl #---------------------- Debian MSP fixup ------------------------------- +dnl define(`confHOST_STATUS_DIRECTORY', `/var/lib/sendmail/host_status')dnl +define(`confRUN_AS_USER', `mail')dnl +define(`confTRUSTED_USER', `confRUN_AS_USER')dnl +dnl #---------------------- back to nullclient carp ------------------------ +define(`_DEF_LOCAL_MAILER_FLAGS', `lsDFM5q') +MASQUERADE_AS(_NULL_CLIENT_) +FEATURE(`allmasquerade') +FEATURE(`masquerade_envelope') +MAILER(`local') +MAILER(`smtp') diff --git a/debian/cf/hack/nodns.m4 b/debian/cf/hack/nodns.m4 index 41216f1..1f3f71e 100644 --- a/debian/cf/hack/nodns.m4 +++ b/debian/cf/hack/nodns.m4 @@ -1,44 +1,17 @@ -divert(-1) +divert(-1)dnl +#----------------------------------------------------------------------------- +# $Sendmail: ./nodns.m4,v 8.12.0 2001/08/24 12:00:00 cowboy Exp $ # -# Copyright (c) 1983 Eric P. Allman -# Copyright (c) 1988, 1993 -# The Regents of the University of California. All rights reserved. +# Copyright (c) 1999-2001 Richard Nelson. All Rights Reserved. # -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# 3. All advertising materials mentioning features or use of this software -# must display the following acknowledgement: -# This product includes software developed by the University of -# California, Berkeley and its contributors. -# 4. Neither the name of the University nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. +# hack/nodns.m4 m4 file for omitting DNS queries # -# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. +# If you've a better idea, please let me know # -divert(0) -VERSIONID(`@(#)nodns.m4 8.1 (Debian) 19991013') -divert(-1) -LOCAL_CONFIG +#----------------------------------------------------------------------------- +divert(0)dnl +VERSIONID(`$Id: nodns.m4,v @sm_version@@sm_revision@ @sm_date@ @sm_time@ cowboy Exp $') undefine(`confBIND_OPTS')dnl define(`confSERVICE_SWITCH_FILE', `/etc/mail/service.switch-nodns')dnl -FEATURE(nocanonify)dnl define(`confDONT_PROBE_INTERFACES', `True')dnl - - +FEATURE(nocanonify)dnl diff --git a/debian/cf/hack/spamtrap.m4 b/debian/cf/hack/spamtrap.m4 new file mode 100644 index 0000000..9acd2c3 --- /dev/null +++ b/debian/cf/hack/spamtrap.m4 @@ -0,0 +1,62 @@ +divert(-1)dnl +#----------------------------------------------------------------------------- +# $Sendmail: ./spamtrap.m4,v 8.12.0 2001/09/24 12:00:00 cowboy Exp $ +# +# hack(spamtrap) config file for building Sendmail +# +# Courtesy of jeff@sdsc.edu (Jeff Makey) +# via c.m.s posting Sat, 8 Sep 2001 07:44:26 +0000 (UTC) +# +# Spamtrap addresses go into the access file like this: +# +# To:spamtrap@pandora.orbl.org POISON +# To:Friend@public.com POISON +# +#----------------------------------------------------------------------------- +# +divert(0)dnl +LOCAL_CONFIG +# provide access to macros as a map +Kmacro macro + +LOCAL_RULESETS +###################################################################### +### spamtrap: handle spamtrap(POISON) users +### +###################################################################### +# +# This is not only redundant, but fails with feature(`delay_checks') +# +#SLocal_check_mail +# Clear the "poison recipient" indicator macro for this message. +#R$* $: $(macro {PoisonRecipient} $) $1 + +SLocal_check_rcpt +# +# Spamtrap addresses go into the access file like this: +# To:spamtrap@pandora.orbl.org POISON +# +# Certain recipients are "poison" and cause the +# message to be rejected for all recipients. +R$* $: $1 $| $1 create workspace to right of $| +R$* $| $* <$+> $* $1 $| $3 focus on part in angle brackets +R$* $| $+ $: $1 $| $>SearchList <!To> $| <E:$2> <> +R$* $| <POISON> $: $1 $| $(macro {PoisonRecipient} $@ POISON $) +R$* $| $* $: $1 delete workspace + +Scheck_eoh +R$* $: $&{PoisonRecipient} +RPOISON $#error $@ 5.7.1 $: 550 Mail sent to spam lists is not accepted here + +# +# With a "To:Friend@public.com POISON" entry in the access file the +# following ruleset will block certain types of spam too: +# +# Certain To headers are sure-fire spam signatures. +HTo: $>CheckTo +SCheckTo +R$+ , $+ $@ $1 , $2 do not try to verify complex addresses +R$* $: $1 $| $>SearchList <!To> $| <E:$1> <> +R$* $| <POISON> $#error $@ 5.7.1 $: 550 Mail sent by spamware is not accepted here +R$* $| $* $: $1 delete lookup result + diff --git a/debian/cf/hack/virthost_by_ip.m4.in b/debian/cf/hack/virthost_by_ip.m4.in new file mode 100644 index 0000000..d304213 --- /dev/null +++ b/debian/cf/hack/virthost_by_ip.m4.in @@ -0,0 +1,77 @@ +divert(-1)dnl +#----------------------------------------------------------------------------- +# $Sendmail: virthost_by_ip.m4,v @sm_version@ @sm_date@ @sm_time@ cowboy Exp $ +# +# Copyright (c) 2001-@SM_CPYRT@ Richard Nelson. All Rights Reserved. +# +# @configure_input@ +# +# hack(virthost_by_ip) config file for building Sendmail @sm_version@@sm_revision@ +# Note: Also check op.{ps,txt} for the 'b' modifier to daemon_options - it +# extends ip based virtual hosting. +# +# Note: the .in file supports @SM_MINVERS@ - @SM_MAXVERS@, but the generated +# file is customized to the version noted above. +# +#----------------------------------------------------------------------------- +# +divert(0)dnl +dnl # +dnl #--------------------------------------------------------------------- +dnl # Bring in Autoconf results +dnl #--------------------------------------------------------------------- +ifdef(`sm_version', `dnl', +`include(`@datadir@/sendmail/cf/debian/autoconf.m4')dnl') +dnl # +VERSIONID(`$Id: virthost_by_ip.m4, v @sm_version@@sm_revision@ @sm_date@ @sm_time@ cowboy Exp $') +dnl # +dnl #--------------------------------------------------------------------- +dnl # Virtual hosting extensions - Login (greeting message) +dnl #--------------------------------------------------------------------- +define(`confSMTP_LOGIN_MSG', `$?{if_name}${if_name}$|$j$. Sendmail $v/$Z; $b; (No UCE/UBE) $?{client_addr}logging access from: ${client_name}(${client_resolve})-$_$.')dnl +dnl # +dnl #--------------------------------------------------------------------- +dnl # Virtual hosting extensions - Received-by headers (8.12.0 style) +dnl #--------------------------------------------------------------------- +dnl # 8.7.0+ +ifdef(`_REC_HDR_', `dnl', +`define(`_REC_HDR_', `$?sfrom $s $.$?_($?s$|from $.$_)')dnl' +`define(`_REC_END_', `for $u; $|; + $.$b')dnl' +) +dnl # AUTH(SASL) 8.10.0+ +ifdef(`_REC_AUTH_', `dnl', +`define(`_REC_AUTH_', `$.$?{auth_type}(authenticated')dnl' +`define(`_REC_FULL_AUTH_', `$.$?{auth_type}(user=${auth_authen} $?{auth_author}author=${auth_author} $.mech=${auth_type}')dnl' +) +dnl # TLS(SSL) 8.11.0+ +ifdef(`_REC_BY_', `dnl', +`define(`_REC_BY_', `$.by $j ($v/$Z)$?r with $r$. id $i$?{tls_version}')dnl' +`define(`_REC_TLS_', `(version=${tls_version} cipher=${cipher} bits=${cipher_bits} verify=${verify})$.$?u')dnl' +) +dnl # Now, override default settings for virtual hosting +define(`_REC_BY_', `$.by $?{if_name}${if_name}$|$j$. ($v/$Z)$?r with $r$. id $i$?{tls_version}')dnl +define(`confRECEIVED_HEADER', `_REC_HDR_ + _REC_AUTH_$?{auth_ssf} (${auth_ssf} bits)$.) + _REC_BY_ + _REC_TLS_ + _REC_END_')dnl +dnl # +dnl #--------------------------------------------------------------------- +dnl # Virtual hosting extensions - ClientPortOptions (modifier=h) +dnl # -- Use name of interface for HELO command +dnl #--------------------------------------------------------------------- +ifelse(eval(sm_version_math >= 526848), `1',dnl +`ifelse(defn(`_CPO_'), `dnl', +`CLIENT_OPTIONS(`Modifier=h')dnl')dnl') +dnl # +dnl #--------------------------------------------------------------------- +dnl # Virtual hosting extensions - DaemonPortOptions (modifier=b) +dnl # -- Bind to interface mail was received on +dnl # I can't do this for you, because each use of DAEMON_OPTIONS will +dnl # create a new listener ! +dnl #--------------------------------------------------------------------- +dnl ifelse(eval(sm_version_math >= 526848), `1',dnl +dnl `ifelse(defn(`_DPO_'), `dnl', +dnl `DAEMON_OPTIONS(`Modifier=b')dnl')dnl') + diff --git a/debian/cf/mailer/cyrus21.m4 b/debian/cf/mailer/cyrus21.m4 new file mode 100644 index 0000000..c12dce0 --- /dev/null +++ b/debian/cf/mailer/cyrus21.m4 @@ -0,0 +1,66 @@ +PUSHDIVERT(-1) +# +# Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers. +# All rights reserved. +# +# By using this file, you agree to the terms and conditions set +# forth in the LICENSE file which can be found at the top level of +# the sendmail distribution. +# +# +# This code incorporates code from Carnegie Mellon University, whose +# copyright notice and conditions of redistribution are as follows: +# +#*************************************************************************** +# (C) Copyright 1995 by Carnegie Mellon University +# +# All Rights Reserved +# +# Permission to use, copy, modify, and distribute this software and its +# documentation for any purpose and without fee is hereby granted, +# provided that the above copyright notice appear in all copies and that +# both that copyright notice and this permission notice appear in +# supporting documentation, and that the name of CMU not be +# used in advertising or publicity pertaining to distribution of the +# software without specific, written prior permission. +# +# CMU DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING +# ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL +# CMU BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR +# ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, +# WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, +# ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS +# SOFTWARE. +# +# Contributed to Berkeley by John Gardiner Myers <jgm+@CMU.EDU>. +# + +errprint(`*** Warning: cyrus21 deprecated in favour of cyrusv2') +errprint(`*** Please migrate to cyrusv2 ASAP') + +ifdef(`CYRUS_MAILER_USER',, `define(`CYRUS_MAILER_USER', `cyrus:mail')') +define(`_CYRUS_QGRP', `ifelse(defn(`CYRUS_MAILER_QGRP'),`',`', ` Q=CYRUS_MAILER_QGRP,')')dnl + +_DEFIFNOT(`CYRUS_MAILER_FLAGS', `AhmXz5@/:|') +ifdef(`CYRUS_MAILER_PATH',, `define(`CYRUS_MAILER_PATH', `[IPC]')') +ifdef(`CYRUS_MAILER_ARGS',, `define(`CYRUS_MAILER_ARGS', `FILE /var/run/cyrus/socket/lmtp')') + +_DEFIFNOT(`CYRUS_BB_MAILER_FLAGS', `SuX') +ifdef(`CYRUS_BB_MAILER_PATH',, `define(`CYRUS_BB_MAILER_PATH', `/usr/sbin/cyrdeliver')') +ifdef(`CYRUS_BB_MAILER_ARGS',, `define(`CYRUS_BB_MAILER_ARGS', `cyrdeliver -m $u')') + +POPDIVERT + +################################################## +### Cyrus Mailer specification ### +################################################## + +VERSIONID(`$Id: cyrus21.m4, v8.23.1 2002/04/05 12:36:34 Omniflux Exp $') + +Mcyrus, P=CYRUS_MAILER_PATH, F=_MODMF_(CONCAT(`lsDFMnq', CYRUS_MAILER_FLAGS), `CYRUS'), E=\r\n, S=EnvFromL, R=EnvToL/HdrToL, + ifdef(`CYRUS_MAILER_MAX', `M=CYRUS_MAILER_MAX, ')U=CYRUS_MAILER_USER, T=DNS/RFC822/X-Unix,_CYRUS_QGRP + A=CYRUS_MAILER_ARGS + +Mcyrusbb, P=CYRUS_BB_MAILER_PATH, F=_MODMF_(CONCAT(`lsDFMnq1', CYRUS_BB_MAILER_FLAGS), `CYRUS'), S=EnvFromL, R=EnvToL/HdrToL, + ifdef(`CYRUS_MAILER_MAX', `M=CYRUS_MAILER_MAX, ')U=CYRUS_MAILER_USER, T=DNS/RFC822/X-Unix,_CYRUS_QGRP + A=CYRUS_BB_MAILER_ARGS diff --git a/debian/cf/ostype/debian.m4 b/debian/cf/ostype/debian.m4 deleted file mode 100644 index ddc04bc..0000000 --- a/debian/cf/ostype/debian.m4 +++ /dev/null @@ -1,105 +0,0 @@ -divert(-1) -# -# Copyright (c) 1983 Eric P. Allman -# Copyright (c) 1988, 1993 -# The Regents of the University of California. All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# 3. All advertising materials mentioning features or use of this software -# must display the following acknowledgement: -# This product includes software developed by the University of -# California, Berkeley and its contributors. -# 4. Neither the name of the University nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. -# -divert(0)dnl -VERSIONID(`@(#)debian.m4 8.9.3-21 (Debian) 20000309') -define(`confCF_VERSION', `Debian 8.9.3-21')dnl -dnl # -dnl # changes made herein *must* be reflected in parsemc,updatedb,debian.m4 -dnl # -dnl # paths -define(`_USE_ETC_MAIL_', `True')dnl # a little late for some items ;-{ -define(`DATABASE_MAP_TYPE', `hash')dnl # Default -define(`STATUS_FILE', `/var/lib/sendmail/sendmail.st')dnl -define(`confHOST_STATUS_DIRECTORY', `/var/lib/sendmail/host_status')dnl -define(`HELP_FILE', `/usr/share/sendmail/sendmail.hf')dnl -define(`confCR_FILE', `-o /etc/mail/relay-domains %[^\#]')dnl -define(`confCT_FILE', `-o /etc/mail/trusted-users %[^\#]')dnl -define(`confCW_FILE', `-o /etc/mail/local-host-names %[^\#]')dnl -define(`confUSERDB_SPEC', `/etc/mail/users')dnl -define(`ALIAS_FILE', `/etc/mail/aliases')dnl -define(`confSERVICE_SWITCH_FILE', `/etc/mail/service.switch')dnl -define(`confEBINDIR', `/usr/lib/sm.bin')dnl -dnl # -dnl # flags -define(`confCON_EXPENSIVE', `True')dnl -define(`confDIAL_DELAY', `45')dnl -define(`confMAX_DAEMON_CHILDREN', `30')dnl -define(`confNO_RCPT_ACTION', `add-to-undisclosed')dnl -define(`confQUEUE_SORT_ORDER', `Host')dnl -define(`confSAFE_FILE_ENV')dnl -define(`confSAFE_QUEUE', `True')dnl -define(`confTEMP_FILE_MODE', `600')dnl -define(`confTO_ICONNECT', `30s')dnl -dnl # -dnl # features -dnl # -dnl # mailers -define(`LOCAL_MAILER_PATH', `/usr/lib/sm.bin/sensible-mda')dnl -dnl define(`LOCAL_MAILER_FLAGS', `mnru9')dnl -define(`LOCAL_MAILER_FLAGS', `hnPu90')dnl -define(`LOCAL_MAILER_ARGS', `sensible-mda $g $u $h ${client_addr}')dnl -define(`LOCAL_SHELL_FLAGS', `u90')dnl -define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl -define(`USENET_MAILER_PATH', `/usr/bin/inews')dnl -# -# These undocumented features are available in Debian sendmail. -# O PidFile=/var/run/sendmail.pid -# O DontProbeInterfaces=False -# O MaxRecipientsPerMessage= -# O DeadLetterDrop=False -# O RrtImpliesDsn=False -# -# Sendmail 8.9.1a patch for mime headers to protect the various MUAs: -# This option causes MIME headers to be truncated to a total of 256 -# characters; no individual field is permitted to exceed 128 -# characters. These values should be safe for the common mail clients -# that are vulnerable. -# -# Note: there is a speed trade here, as the entire message must be scanned -#O MaxMimeHeaderLength=256/128 -#`define'(`confMAX_MIME_HEADER_LENGTH', `256/128') -define(`confMAX_MIME_HEADER_LENGTH', `256/128')dnl -# -# Sendmail 8.9.3 fix for header based DOS -# Number of bytes allowed for mail headers, default=32k. -#O MaxHeadersLength=32768 -#`define'(`confMAX_HEADERS_LENGTH', `32768') -define(`confMAX_HEADERS_LENGTH', `32768')dnl -dnl # -dnl # Debian users have group writable directories/files by default... -define(`confDONT_BLAME_SENDMAIL', `ClassFileInUnsafeDirPath,ForwardFileInGroupWritableDirPath,GroupWritableAliasFile,GroupWritableForwardFileSafe,GroupWritableIncludeFileSafe,IncludeFileInGroupWritableDirPath,MapInUnsafeDirPath')dnl -# -DOMAIN(generic)dnl -LOCAL_CONFIG diff --git a/debian/cf/ostype/debian.m4.in b/debian/cf/ostype/debian.m4.in new file mode 100644 index 0000000..bf48888 --- /dev/null +++ b/debian/cf/ostype/debian.m4.in @@ -0,0 +1,110 @@ +divert(-1)dnl +#----------------------------------------------------------------------------- +# $Sendmail: debian.m4,v @sm_version@ @sm_date@ @sm_time@ cowboy Exp $ +# +# Copyright (c) 1998-@SM_CPYRT@ Richard Nelson. All Rights Reserved. +# +# @configure_input@ +# +# ostype(debian) config file for building Sendmail @sm_version@@sm_revision@ +# +# Note: the .in file supports @SM_MINVERS@ - @SM_MAXVERS@, but the generated +# file is customized to the version noted above. +# +#----------------------------------------------------------------------------- +# +divert(0)dnl +dnl # +dnl #--------------------------------------------------------------------- +dnl # Bring in Autoconf results +dnl #--------------------------------------------------------------------- +ifdef(`sm_version', `dnl', +`include(`@datadir@/sendmail/cf/debian/autoconf.m4')dnl') +dnl # +VERSIONID(`$Id: debian.m4, v @sm_version@@sm_revision@ @sm_date@ @sm_time@ cowboy Exp $') +define(`confCF_VERSION', `Debian@sm_revision@')dnl +dnl # +dnl # changes made herein *must* be reflected in parse_mc,update_db,debian.m4 +dnl # +ifdef(`MAIL_SETTINGS_DIR', `dnl', + `define(`MAIL_SETTINGS_DIR', `@sysconfdir@/mail/')dnl') +dnl # support 8.9.3 migration to 8.10.0 naming convention +dnl # Note: this is too late... needs to be in sendmail.mc - at top +ifdef(`_USE_ETC_MAIL_', `dnl', `define(`_USE_ETC_MAIL_')dnl') +dnl # +dnl # Define default greeting +define(`confSMTP_LOGIN_MSG', `$j Sendmail $v/$Z; $b; (No UCE/UBE) $?{client_addr}logging access from: ${client_name}(${client_resolve})-$_$.')dnl +dnl # +dnl # Keep dead letter drop, it is the last resort home for abused mail +define(`confDEAD_LETTER_DROP', `@localstatedir@/lib/sendmail/dead.letter')dnl +dnl # +dnl # Put status file in other than /etc/mail (sendmail default) +dnl # Many people run with R/O /etc +define(`STATUS_FILE', `@localstatedir@/lib/sendmail/sendmail.st')dnl +define(`confHOST_STATUS_DIRECTORY', + `@localstatedir@/lib/sendmail/host_status')dnl +dnl # +dnl # Allow scanf extensions for common text files +define(`confCR_FILE', `-o '`MAIL_SETTINGS_DIR`'relay-domains %[^\#]')dnl +define(`confCT_FILE', `MAIL_SETTINGS_DIR`'trusted-users %[^\#]')dnl +define(`confCW_FILE', `MAIL_SETTINGS_DIR`'local-host-names %[^\#]')dnl +dnl # +dnl # This *really* needs a better home +define(`confEBINDIR', `@libexecdir@')dnl +dnl # +dnl # add .' to mustquote chars (and match the binary default) +changequote([, ])dnl +define([confMUST_QUOTE_CHARS], [.'])dnl +changequote(`, ')dnl +dnl # +dnl # Default in 8.10+, used to be false (iirc), deprecated +define(`confME_TOO', `True')dnl +dnl # +dnl # Set the default user/group for mailers (mail:mail) +dnl # this should help NIS startup time +dnl # +define(`confDEF_USER_ID', `mail:mail')dnl +dnl # +dnl #--------------------------------------------------------------------- +dnl # mailer paths and options +dnl #--------------------------------------------------------------------- +define(`LOCAL_MAILER_PATH', `@libexecdir@/sensible-mda')dnl +define(`LOCAL_MAILER_ARGS', `sensible-mda $g $u $h ${client_addr}')dnl +define(`LOCAL_MAILER_FLAGS', `SPhnu9')dnl +define(`LOCAL_SHELL_FLAGS', `u9')dnl +define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl +define(`PROCMAIL_MAILER_ARGS', `procmail -m $h $f $u')dnl +define(`USENET_MAILER_PATH', `/usr/bin/inews')dnl +dnl # +dnl # Optional items (should be a subset site.config.m4 used for build) +dnl # to prevent sendmail error messages +dnl # +dnl #--------------------------------------------------------------------- +dnl # IPv6 support (new option for 8.12+) +dnl # IPv6 causes problems for some DNS servers, work around them +dnl #--------------------------------------------------------------------- +ifelse(sm_enable_ipv6, `yes',dnl +`ifelse(eval(sm_version_math >= 527360), `1',dnl +`define(`confBIND_OPTS', `+WorkAroundBrokenAAAA')dnl')') +dnl # +dnl #--------------------------------------------------------------------- +dnl # Milter (8.10.0-8.11.0) built-in with 8.12.0+ +dnl #--------------------------------------------------------------------- +ifelse(sm_enable_milter, `yes',dnl +`define(`_FFR_MILTER')dnl') +# +#------------------------------------------------------------------------- +# +# Undocumented features are available in Debian Sendmail @sm_version@@sm_revision@. +# * none +# +# _FFR_ features are available in Debian Sendmail @sm_version@@sm_revision@. +ifelse(sm_enable_milter, `yes',dnl +`# * milter') +# * sm_ffr +#------------------------------------------------------------------------- +# +# These _FFR_ features are for sendmail.mc processing +# +@sm_m4_ffr@ +#------------------------------------------------------------------------- |