Merge sendmail 8.16.1 to HEAD: See contrib/sendmail/RELEASE_NOTES for details
Includes build infrastructure & config updates required for changes in 8.16.1 MFC after: 5 days
This commit is contained in:
commit
5b0945b570
@ -1,4 +1,3 @@
|
|||||||
# $Id: CACerts,v 8.6 2013-01-18 15:14:17 ca Exp $
|
|
||||||
# This file contains some CA certificates that are used to sign the
|
# This file contains some CA certificates that are used to sign the
|
||||||
# certificates of mail servers of members of the sendmail consortium
|
# certificates of mail servers of members of the sendmail consortium
|
||||||
# who may reply to questions etc sent to sendmail.org.
|
# who may reply to questions etc sent to sendmail.org.
|
||||||
@ -10,189 +9,92 @@ Certificate:
|
|||||||
Data:
|
Data:
|
||||||
Version: 3 (0x2)
|
Version: 3 (0x2)
|
||||||
Serial Number:
|
Serial Number:
|
||||||
92:91:67:de:e0:ef:2c:e4
|
81:9d:41:0f:40:55:ac:4a
|
||||||
Signature Algorithm: sha1WithRSAEncryption
|
Signature Algorithm: sha1WithRSAEncryption
|
||||||
Issuer: C=US, ST=California, L=Berkeley, O=Endmail Org, OU=MTA, CN=Claus Assmann CA RSA 2015/emailAddress=ca+ca-rsa2015@esmtp.org
|
Issuer: C=US, ST=California, L=Berkeley, O=Endmail Org, OU=MTA, CN=CA/emailAddress=ca+ca-rsa2018@esmtp.org
|
||||||
Validity
|
Validity
|
||||||
Not Before: Mar 2 19:15:29 2015 GMT
|
Not Before: Feb 27 02:30:55 2018 GMT
|
||||||
Not After : Mar 1 19:15:29 2018 GMT
|
Not After : Feb 26 02:30:55 2021 GMT
|
||||||
Subject: C=US, ST=California, L=Berkeley, O=Endmail Org, OU=MTA, CN=Claus Assmann CA RSA 2015/emailAddress=ca+ca-rsa2015@esmtp.org
|
Subject: C=US, ST=California, L=Berkeley, O=Endmail Org, OU=MTA, CN=CA/emailAddress=ca+ca-rsa2018@esmtp.org
|
||||||
Subject Public Key Info:
|
Subject Public Key Info:
|
||||||
Public Key Algorithm: rsaEncryption
|
Public Key Algorithm: rsaEncryption
|
||||||
Public-Key: (2048 bit)
|
Public-Key: (2048 bit)
|
||||||
Modulus:
|
Modulus:
|
||||||
00:b9:1a:a1:56:ce:cb:16:af:4f:96:ba:2a:70:31:
|
00:b8:a3:8d:79:28:c1:1f:9c:11:74:43:26:e1:3b:
|
||||||
70:d3:86:6c:7a:46:26:47:42:3f:de:49:57:3e:08:
|
cc:14:87:5b:6b:64:4c:ed:79:1b:7f:2a:03:d0:7b:
|
||||||
1e:10:25:bf:06:8f:ca:fd:f4:5e:6a:01:7d:31:4d:
|
ef:9e:88:b0:64:36:ee:58:ef:fd:d9:c7:20:b3:71:
|
||||||
50:88:18:43:71:66:65:42:9c:90:97:0d:95:f2:14:
|
e9:6d:1e:a7:bc:c1:7c:3b:fe:2a:e4:16:2f:bc:d6:
|
||||||
ef:d7:5e:77:ef:7d:b5:49:3f:02:bb:83:20:f7:e6:
|
2c:f5:98:f9:c4:21:1c:ca:c3:7e:57:89:c8:a9:2f:
|
||||||
fc:9a:cd:13:df:60:41:28:8e:39:07:a6:a4:40:98:
|
da:6b:9b:52:d6:c9:9d:98:97:6d:08:7c:a6:37:4e:
|
||||||
15:1e:46:b6:04:2e:f9:ab:32:d1:8b:fe:52:81:f1:
|
d4:26:bb:db:73:b0:38:ef:7d:1e:dd:8e:dd:8e:17:
|
||||||
d2:e1:c3:cf:bf:ab:40:a7:f0:e4:e5:a2:82:37:30:
|
2f:a0:3d:a9:0e:4d:f0:2b:b8:14:23:33:ad:c8:a0:
|
||||||
8c:10:7d:aa:a8:7c:7e:76:cc:5f:1a:24:d0:8c:94:
|
e5:9d:0f:27:ad:83:a2:78:90:05:ec:29:06:91:07:
|
||||||
f6:f2:7f:4a:be:2f:38:67:c0:06:e6:9e:51:ad:55:
|
45:6c:5f:ba:8e:1d:f1:d7:1b:2d:f9:99:ba:2e:27:
|
||||||
d0:cb:26:71:cf:f4:af:7d:5a:41:81:16:fb:26:ec:
|
e1:03:7d:e9:d2:54:35:cc:39:79:07:83:d8:93:9b:
|
||||||
f0:35:01:6e:db:f9:e9:00:d7:d0:89:7b:cf:88:16:
|
d6:ef:72:ab:d4:63:8e:6b:f7:00:66:5f:77:e8:b6:
|
||||||
8b:1c:8f:77:1f:5d:ef:70:04:28:76:c5:1b:c6:23:
|
bc:de:5f:8c:d0:ce:1a:c4:db:03:9d:e4:ee:0a:ec:
|
||||||
8d:49:6b:f0:b8:21:56:d6:7d:68:6c:be:21:e3:e6:
|
77:c5:f2:30:69:7e:70:12:e5:c2:4a:28:3f:e7:19:
|
||||||
e3:1d:6f:a5:ea:dc:83:e4:27:b3:6f:5f:1b:3d:33:
|
eb:af:41:fb:e6:a6:1d:b5:fd:2b:99:03:f5:20:90:
|
||||||
a1:d5:d3:f0:73:1a:12:eb:d9:95:00:71:59:16:b4:
|
38:73:bd:43:70:da:cf:1f:34:5d:ab:17:4b:73:cf:
|
||||||
e4:60:38:b2:2e:7f:b7:d4:c5:e9:3f:74:e4:48:38:
|
f9:3d:e1:a2:79:14:de:d8:40:85:82:c4:5a:84:82:
|
||||||
29:89
|
32:f1
|
||||||
Exponent: 65537 (0x10001)
|
Exponent: 65537 (0x10001)
|
||||||
X509v3 extensions:
|
X509v3 extensions:
|
||||||
X509v3 Subject Key Identifier:
|
X509v3 Subject Key Identifier:
|
||||||
B1:69:DB:5E:9B:CE:1A:B4:1D:B2:6A:FC:5A:22:97:B6:24:14:6F:32
|
42:37:75:E7:8F:12:CF:D9:EB:21:22:7D:8A:E8:49:21:FD:E2:3A:3A
|
||||||
X509v3 Authority Key Identifier:
|
X509v3 Authority Key Identifier:
|
||||||
keyid:B1:69:DB:5E:9B:CE:1A:B4:1D:B2:6A:FC:5A:22:97:B6:24:14:6F:32
|
keyid:42:37:75:E7:8F:12:CF:D9:EB:21:22:7D:8A:E8:49:21:FD:E2:3A:3A
|
||||||
DirName:/C=US/ST=California/L=Berkeley/O=Endmail Org/OU=MTA/CN=Claus Assmann CA RSA 2015/emailAddress=ca+ca-rsa2015@esmtp.org
|
DirName:/C=US/ST=California/L=Berkeley/O=Endmail Org/OU=MTA/CN=CA/emailAddress=ca+ca-rsa2018@esmtp.org
|
||||||
serial:92:91:67:DE:E0:EF:2C:E4
|
serial:81:9D:41:0F:40:55:AC:4A
|
||||||
|
|
||||||
X509v3 Basic Constraints:
|
X509v3 Basic Constraints:
|
||||||
CA:TRUE
|
CA:TRUE
|
||||||
X509v3 Subject Alternative Name:
|
X509v3 Subject Alternative Name:
|
||||||
email:ca+ca-rsa2015@esmtp.org
|
email:ca+ca-rsa2018@esmtp.org
|
||||||
X509v3 Issuer Alternative Name:
|
X509v3 Issuer Alternative Name:
|
||||||
email:ca+ca-rsa2015@esmtp.org
|
email:ca+ca-rsa2018@esmtp.org
|
||||||
Signature Algorithm: sha1WithRSAEncryption
|
Signature Algorithm: sha1WithRSAEncryption
|
||||||
0a:ce:07:39:77:08:c5:3a:00:04:e8:a0:3b:f7:d2:4c:79:02:
|
0b:4c:e5:c2:ed:0a:e5:7b:95:29:22:d4:8f:5f:cb:1b:b1:e3:
|
||||||
23:0b:da:c0:55:39:82:71:0a:0c:83:e2:de:f2:3b:fe:23:bc:
|
4c:fc:90:e7:2e:97:87:87:a2:63:0d:6d:4d:f0:1f:0d:84:11:
|
||||||
9b:13:34:d1:29:0a:16:3f:01:7d:9f:fb:4b:aa:12:dc:3b:7e:
|
dc:df:b7:fa:c3:c6:2e:07:e9:a0:e9:a6:9f:54:17:ad:1a:d0:
|
||||||
b9:27:7b:ec:0c:3f:c0:d9:f5:d8:a8:a1:9c:1c:3a:2f:40:df:
|
36:be:31:cc:a5:85:a0:45:4a:87:45:80:7e:de:ea:97:68:e0:
|
||||||
27:1a:1a:a0:74:00:19:b7:82:0e:f9:45:86:bf:32:da:0e:72:
|
2b:09:5d:9a:31:6f:f5:78:22:c5:66:2a:99:70:9e:6d:c4:ab:
|
||||||
0a:4c:2c:39:21:63:c3:1f:61:6e:e2:4d:ba:7a:26:1a:15:ce:
|
f6:90:01:70:53:07:66:6c:a6:b5:ce:4b:36:05:83:87:0c:a7:
|
||||||
b1:f6:1a:59:04:70:ed:e8:72:05:4c:fc:84:c6:a5:f4:e2:4a:
|
e0:1e:34:d0:5e:76:a4:20:71:cd:9d:c1:ae:82:27:e0:6f:16:
|
||||||
40:e4:42:70:87:9a:a7:02:26:3a:47:34:09:e0:7b:88:ca:fb:
|
57:74:e7:63:9f:d0:3d:72:91:6d:97:a4:82:23:84:dd:6e:0d:
|
||||||
99:d9:9b:bb:0c:52:8a:93:d5:59:30:0b:55:42:b4:bb:d2:b1:
|
da:43:00:a7:ce:2f:f8:79:04:67:6a:e5:b0:ab:30:d8:f1:90:
|
||||||
49:55:81:a4:70:a0:49:19:f2:4f:61:94:af:e9:d7:62:68:65:
|
10:43:3b:09:77:27:34:a4:d4:c0:25:4e:21:32:a3:ab:60:1c:
|
||||||
97:67:00:26:b8:9b:b2:2c:d0:2c:83:7d:3e:b3:31:73:b9:55:
|
9d:6e:e2:65:39:51:7f:cd:9f:88:3a:7e:f4:38:af:7b:5b:a7:
|
||||||
49:53:fa:a3:ad:1b:02:67:08:9e:ce:9e:eb:9f:47:0d:6c:95:
|
bb:7b:70:97:21:59:fc:5c:55:a1:db:74:0a:37:1e:33:97:5f:
|
||||||
e9:6c:30:92:c1:94:67:ad:d9:e3:b9:61:ea:a9:72:98:81:3a:
|
70:32:98:b3:d9:99:4e:08:3c:de:01:82:17:9b:49:d7:fa:c9:
|
||||||
62:80:70:20:9a:3e:c4:1f:6f:bd:b4:00:ec:b1:fe:71:da:91:
|
45:8d:93:cc:42:d6:36:f2:39:3a:47:28:3f:6f:6a:e5:23:f3:
|
||||||
15:89:f7:8f
|
5c:d4:a3:1b
|
||||||
|
|
||||||
-----BEGIN CERTIFICATE-----
|
-----BEGIN CERTIFICATE-----
|
||||||
MIIFJzCCBA+gAwIBAgIJAJKRZ97g7yzkMA0GCSqGSIb3DQEBBQUAMIGlMQswCQYD
|
MIIE4jCCA8qgAwIBAgIJAIGdQQ9AVaxKMA0GCSqGSIb3DQEBBQUAMIGOMQswCQYD
|
||||||
VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTERMA8GA1UEBwwIQmVya2VsZXkx
|
VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTERMA8GA1UEBwwIQmVya2VsZXkx
|
||||||
FDASBgNVBAoMC0VuZG1haWwgT3JnMQwwCgYDVQQLDANNVEExIjAgBgNVBAMMGUNs
|
FDASBgNVBAoMC0VuZG1haWwgT3JnMQwwCgYDVQQLDANNVEExCzAJBgNVBAMMAkNB
|
||||||
YXVzIEFzc21hbm4gQ0EgUlNBIDIwMTUxJjAkBgkqhkiG9w0BCQEWF2NhK2NhLXJz
|
MSYwJAYJKoZIhvcNAQkBFhdjYStjYS1yc2EyMDE4QGVzbXRwLm9yZzAeFw0xODAy
|
||||||
YTIwMTVAZXNtdHAub3JnMB4XDTE1MDMwMjE5MTUyOVoXDTE4MDMwMTE5MTUyOVow
|
MjcwMjMwNTVaFw0yMTAyMjYwMjMwNTVaMIGOMQswCQYDVQQGEwJVUzETMBEGA1UE
|
||||||
gaUxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQHDAhC
|
CAwKQ2FsaWZvcm5pYTERMA8GA1UEBwwIQmVya2VsZXkxFDASBgNVBAoMC0VuZG1h
|
||||||
ZXJrZWxleTEUMBIGA1UECgwLRW5kbWFpbCBPcmcxDDAKBgNVBAsMA01UQTEiMCAG
|
aWwgT3JnMQwwCgYDVQQLDANNVEExCzAJBgNVBAMMAkNBMSYwJAYJKoZIhvcNAQkB
|
||||||
A1UEAwwZQ2xhdXMgQXNzbWFubiBDQSBSU0EgMjAxNTEmMCQGCSqGSIb3DQEJARYX
|
FhdjYStjYS1yc2EyMDE4QGVzbXRwLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEP
|
||||||
Y2ErY2EtcnNhMjAxNUBlc210cC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
|
ADCCAQoCggEBALijjXkowR+cEXRDJuE7zBSHW2tkTO15G38qA9B7756IsGQ27ljv
|
||||||
ggEKAoIBAQC5GqFWzssWr0+WuipwMXDThmx6RiZHQj/eSVc+CB4QJb8Gj8r99F5q
|
/dnHILNx6W0ep7zBfDv+KuQWL7zWLPWY+cQhHMrDfleJyKkv2mubUtbJnZiXbQh8
|
||||||
AX0xTVCIGENxZmVCnJCXDZXyFO/XXnfvfbVJPwK7gyD35vyazRPfYEEojjkHpqRA
|
pjdO1Ca723OwOO99Ht2O3Y4XL6A9qQ5N8Cu4FCMzrcig5Z0PJ62DoniQBewpBpEH
|
||||||
mBUeRrYELvmrMtGL/lKB8dLhw8+/q0Cn8OTlooI3MIwQfaqofH52zF8aJNCMlPby
|
RWxfuo4d8dcbLfmZui4n4QN96dJUNcw5eQeD2JOb1u9yq9Rjjmv3AGZfd+i2vN5f
|
||||||
f0q+LzhnwAbmnlGtVdDLJnHP9K99WkGBFvsm7PA1AW7b+ekA19CJe8+IFoscj3cf
|
jNDOGsTbA53k7grsd8XyMGl+cBLlwkooP+cZ669B++amHbX9K5kD9SCQOHO9Q3Da
|
||||||
Xe9wBCh2xRvGI41Ja/C4IVbWfWhsviHj5uMdb6Xq3IPkJ7NvXxs9M6HV0/BzGhLr
|
zx80XasXS3PP+T3honkU3thAhYLEWoSCMvECAwEAAaOCAT8wggE7MB0GA1UdDgQW
|
||||||
2ZUAcVkWtORgOLIuf7fUxek/dORIOCmJAgMBAAGjggFWMIIBUjAdBgNVHQ4EFgQU
|
BBRCN3XnjxLP2eshIn2K6Ekh/eI6OjCBwwYDVR0jBIG7MIG4gBRCN3XnjxLP2esh
|
||||||
sWnbXpvOGrQdsmr8WiKXtiQUbzIwgdoGA1UdIwSB0jCBz4AUsWnbXpvOGrQdsmr8
|
In2K6Ekh/eI6OqGBlKSBkTCBjjELMAkGA1UEBhMCVVMxEzARBgNVBAgMCkNhbGlm
|
||||||
WiKXtiQUbzKhgaukgagwgaUxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9y
|
b3JuaWExETAPBgNVBAcMCEJlcmtlbGV5MRQwEgYDVQQKDAtFbmRtYWlsIE9yZzEM
|
||||||
bmlhMREwDwYDVQQHDAhCZXJrZWxleTEUMBIGA1UECgwLRW5kbWFpbCBPcmcxDDAK
|
MAoGA1UECwwDTVRBMQswCQYDVQQDDAJDQTEmMCQGCSqGSIb3DQEJARYXY2ErY2Et
|
||||||
BgNVBAsMA01UQTEiMCAGA1UEAwwZQ2xhdXMgQXNzbWFubiBDQSBSU0EgMjAxNTEm
|
cnNhMjAxOEBlc210cC5vcmeCCQCBnUEPQFWsSjAMBgNVHRMEBTADAQH/MCIGA1Ud
|
||||||
MCQGCSqGSIb3DQEJARYXY2ErY2EtcnNhMjAxNUBlc210cC5vcmeCCQCSkWfe4O8s
|
EQQbMBmBF2NhK2NhLXJzYTIwMThAZXNtdHAub3JnMCIGA1UdEgQbMBmBF2NhK2Nh
|
||||||
5DAMBgNVHRMEBTADAQH/MCIGA1UdEQQbMBmBF2NhK2NhLXJzYTIwMTVAZXNtdHAu
|
LXJzYTIwMThAZXNtdHAub3JnMA0GCSqGSIb3DQEBBQUAA4IBAQALTOXC7Qrle5Up
|
||||||
b3JnMCIGA1UdEgQbMBmBF2NhK2NhLXJzYTIwMTVAZXNtdHAub3JnMA0GCSqGSIb3
|
ItSPX8sbseNM/JDnLpeHh6JjDW1N8B8NhBHc37f6w8YuB+mg6aafVBetGtA2vjHM
|
||||||
DQEBBQUAA4IBAQAKzgc5dwjFOgAE6KA799JMeQIjC9rAVTmCcQoMg+Le8jv+I7yb
|
pYWgRUqHRYB+3uqXaOArCV2aMW/1eCLFZiqZcJ5txKv2kAFwUwdmbKa1zks2BYOH
|
||||||
EzTRKQoWPwF9n/tLqhLcO365J3vsDD/A2fXYqKGcHDovQN8nGhqgdAAZt4IO+UWG
|
DKfgHjTQXnakIHHNncGugifgbxZXdOdjn9A9cpFtl6SCI4Tdbg3aQwCnzi/4eQRn
|
||||||
vzLaDnIKTCw5IWPDH2Fu4k26eiYaFc6x9hpZBHDt6HIFTPyExqX04kpA5EJwh5qn
|
auWwqzDY8ZAQQzsJdyc0pNTAJU4hMqOrYBydbuJlOVF/zZ+IOn70OK97W6e7e3CX
|
||||||
AiY6RzQJ4HuIyvuZ2Zu7DFKKk9VZMAtVQrS70rFJVYGkcKBJGfJPYZSv6ddiaGWX
|
IVn8XFWh23QKNx4zl19wMpiz2ZlOCDzeAYIXm0nX+slFjZPMQtY28jk6Ryg/b2rl
|
||||||
ZwAmuJuyLNAsg30+szFzuVVJU/qjrRsCZwiezp7rn0cNbJXpbDCSwZRnrdnjuWHq
|
I/Nc1KMb
|
||||||
qXKYgTpigHAgmj7EH2+9tADssf5x2pEVifeP
|
|
||||||
-----END CERTIFICATE-----
|
|
||||||
|
|
||||||
|
|
||||||
Certificate:
|
|
||||||
Data:
|
|
||||||
Version: 3 (0x2)
|
|
||||||
Serial Number:
|
|
||||||
f1:41:b3:3d:ba:bd:33:49
|
|
||||||
Signature Algorithm: sha1WithRSAEncryption
|
|
||||||
Issuer: C=US, ST=California, L=Berkeley, O=Endmail Org, OU=MTA, CN=Claus Assmann CA RSA 2012/emailAddress=ca+ca-rsa2012@esmtp.org
|
|
||||||
Validity
|
|
||||||
Not Before: Mar 10 02:47:46 2012 GMT
|
|
||||||
Not After : Mar 10 02:47:46 2015 GMT
|
|
||||||
Subject: C=US, ST=California, L=Berkeley, O=Endmail Org, OU=MTA, CN=Claus Assmann CA RSA 2012/emailAddress=ca+ca-rsa2012@esmtp.org
|
|
||||||
Subject Public Key Info:
|
|
||||||
Public Key Algorithm: rsaEncryption
|
|
||||||
Public-Key: (2048 bit)
|
|
||||||
Modulus:
|
|
||||||
00:a2:80:fc:c6:ce:7f:60:38:65:f4:38:f9:7a:d9:
|
|
||||||
87:fd:47:eb:3f:2c:4a:c9:38:77:6a:77:94:92:7f:
|
|
||||||
83:3d:99:57:2c:5f:37:bb:ba:12:10:17:56:fa:eb:
|
|
||||||
43:a6:4b:4c:1e:30:32:07:94:2f:5a:d8:65:49:29:
|
|
||||||
fa:24:d1:f0:0b:45:2d:e5:d5:cb:7d:60:dc:a6:ce:
|
|
||||||
a4:47:35:30:ee:5e:8d:c2:30:e7:a7:63:32:b0:59:
|
|
||||||
80:cc:8c:99:64:77:8f:50:8e:88:51:47:36:ea:9a:
|
|
||||||
f3:b4:c0:8c:a6:ab:c6:42:57:88:b9:5f:9f:61:15:
|
|
||||||
bb:79:65:93:ca:a9:fd:17:eb:87:26:8b:eb:b7:2b:
|
|
||||||
7e:33:05:2b:ba:c0:46:f7:08:fd:da:c1:50:9b:3d:
|
|
||||||
26:83:5c:53:97:89:2c:cc:5f:f2:7b:a8:b7:3d:fb:
|
|
||||||
f2:b4:89:0d:43:ef:18:5c:21:75:71:cc:f0:c2:a3:
|
|
||||||
84:69:c0:a7:f3:9b:de:c1:c7:5a:5c:7e:68:da:49:
|
|
||||||
71:af:58:a8:51:9f:bd:f9:3d:bb:a5:92:fa:7b:1d:
|
|
||||||
52:f5:fe:90:59:95:27:65:a4:af:97:9a:4f:01:39:
|
|
||||||
59:7d:08:6f:a1:8f:42:47:49:bf:12:52:53:39:74:
|
|
||||||
8d:62:3b:bd:4c:4f:05:0f:c4:b9:3e:da:a8:0e:96:
|
|
||||||
05:2d
|
|
||||||
Exponent: 65537 (0x10001)
|
|
||||||
X509v3 extensions:
|
|
||||||
X509v3 Subject Key Identifier:
|
|
||||||
08:38:E3:88:92:53:6E:F1:56:69:27:44:B5:4C:A0:18:CA:06:97:EB
|
|
||||||
X509v3 Authority Key Identifier:
|
|
||||||
keyid:08:38:E3:88:92:53:6E:F1:56:69:27:44:B5:4C:A0:18:CA:06:97:EB
|
|
||||||
DirName:/C=US/ST=California/L=Berkeley/O=Endmail Org/OU=MTA/CN=Claus Assmann CA RSA 2012/emailAddress=ca+ca-rsa2012@esmtp.org
|
|
||||||
serial:F1:41:B3:3D:BA:BD:33:49
|
|
||||||
|
|
||||||
X509v3 Basic Constraints:
|
|
||||||
CA:TRUE
|
|
||||||
X509v3 Subject Alternative Name:
|
|
||||||
email:ca+ca-rsa2012@esmtp.org
|
|
||||||
X509v3 Issuer Alternative Name:
|
|
||||||
email:ca+ca-rsa2012@esmtp.org
|
|
||||||
Signature Algorithm: sha1WithRSAEncryption
|
|
||||||
9a:8f:4d:23:5b:30:80:e1:94:e4:66:9c:3a:17:8b:79:49:5b:
|
|
||||||
ec:5d:e5:a1:22:2d:71:37:a1:51:e7:1d:b1:0d:a9:9b:aa:a9:
|
|
||||||
0d:c7:cd:d6:24:f9:e0:f0:57:be:4f:74:0c:4b:7a:42:4c:70:
|
|
||||||
19:2e:8e:eb:cb:1b:00:26:27:eb:1c:42:33:d5:ec:32:b4:6c:
|
|
||||||
7d:a3:04:a1:5c:00:49:c9:0d:4c:4d:28:37:06:22:77:ec:40:
|
|
||||||
15:25:3a:23:84:ae:1f:da:90:dd:c9:dc:27:ee:7c:ec:e5:df:
|
|
||||||
b8:ba:1e:3f:ee:c2:91:a2:3f:22:92:1e:f3:06:7e:aa:e9:c3:
|
|
||||||
11:2d:3d:2f:85:f7:fc:d7:e2:f8:6d:70:a6:40:62:69:e7:52:
|
|
||||||
ed:1b:19:38:72:86:08:a1:3d:47:c8:68:82:41:db:db:2a:52:
|
|
||||||
25:d7:49:aa:9e:c5:83:22:7d:2f:0b:df:8c:90:2d:b5:aa:33:
|
|
||||||
c7:9b:e8:39:8f:bb:79:5b:13:2d:4e:a9:69:59:c7:09:26:e2:
|
|
||||||
b5:53:80:86:72:bb:7c:be:e9:46:5b:d8:b2:78:42:d6:5d:c3:
|
|
||||||
bb:3a:3b:5f:0f:e8:c3:60:fb:88:9f:3a:2b:9f:d3:7d:9f:c7:
|
|
||||||
32:aa:4d:34:a7:66:a1:25:16:95:a6:69:e7:86:a3:5c:b9:b9:
|
|
||||||
df:58:05:e3
|
|
||||||
-----BEGIN CERTIFICATE-----
|
|
||||||
MIIFJzCCBA+gAwIBAgIJAPFBsz26vTNJMA0GCSqGSIb3DQEBBQUAMIGlMQswCQYD
|
|
||||||
VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIQmVya2VsZXkx
|
|
||||||
FDASBgNVBAoTC0VuZG1haWwgT3JnMQwwCgYDVQQLEwNNVEExIjAgBgNVBAMTGUNs
|
|
||||||
YXVzIEFzc21hbm4gQ0EgUlNBIDIwMTIxJjAkBgkqhkiG9w0BCQEWF2NhK2NhLXJz
|
|
||||||
YTIwMTJAZXNtdHAub3JnMB4XDTEyMDMxMDAyNDc0NloXDTE1MDMxMDAyNDc0Nlow
|
|
||||||
gaUxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhC
|
|
||||||
ZXJrZWxleTEUMBIGA1UEChMLRW5kbWFpbCBPcmcxDDAKBgNVBAsTA01UQTEiMCAG
|
|
||||||
A1UEAxMZQ2xhdXMgQXNzbWFubiBDQSBSU0EgMjAxMjEmMCQGCSqGSIb3DQEJARYX
|
|
||||||
Y2ErY2EtcnNhMjAxMkBlc210cC5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
|
|
||||||
ggEKAoIBAQCigPzGzn9gOGX0OPl62Yf9R+s/LErJOHdqd5SSf4M9mVcsXze7uhIQ
|
|
||||||
F1b660OmS0weMDIHlC9a2GVJKfok0fALRS3l1ct9YNymzqRHNTDuXo3CMOenYzKw
|
|
||||||
WYDMjJlkd49QjohRRzbqmvO0wIymq8ZCV4i5X59hFbt5ZZPKqf0X64cmi+u3K34z
|
|
||||||
BSu6wEb3CP3awVCbPSaDXFOXiSzMX/J7qLc9+/K0iQ1D7xhcIXVxzPDCo4RpwKfz
|
|
||||||
m97Bx1pcfmjaSXGvWKhRn735Pbulkvp7HVL1/pBZlSdlpK+Xmk8BOVl9CG+hj0JH
|
|
||||||
Sb8SUlM5dI1iO71MTwUPxLk+2qgOlgUtAgMBAAGjggFWMIIBUjAdBgNVHQ4EFgQU
|
|
||||||
CDjjiJJTbvFWaSdEtUygGMoGl+swgdoGA1UdIwSB0jCBz4AUCDjjiJJTbvFWaSdE
|
|
||||||
tUygGMoGl+uhgaukgagwgaUxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9y
|
|
||||||
bmlhMREwDwYDVQQHEwhCZXJrZWxleTEUMBIGA1UEChMLRW5kbWFpbCBPcmcxDDAK
|
|
||||||
BgNVBAsTA01UQTEiMCAGA1UEAxMZQ2xhdXMgQXNzbWFubiBDQSBSU0EgMjAxMjEm
|
|
||||||
MCQGCSqGSIb3DQEJARYXY2ErY2EtcnNhMjAxMkBlc210cC5vcmeCCQDxQbM9ur0z
|
|
||||||
STAMBgNVHRMEBTADAQH/MCIGA1UdEQQbMBmBF2NhK2NhLXJzYTIwMTJAZXNtdHAu
|
|
||||||
b3JnMCIGA1UdEgQbMBmBF2NhK2NhLXJzYTIwMTJAZXNtdHAub3JnMA0GCSqGSIb3
|
|
||||||
DQEBBQUAA4IBAQCaj00jWzCA4ZTkZpw6F4t5SVvsXeWhIi1xN6FR5x2xDambqqkN
|
|
||||||
x83WJPng8Fe+T3QMS3pCTHAZLo7ryxsAJifrHEIz1ewytGx9owShXABJyQ1MTSg3
|
|
||||||
BiJ37EAVJTojhK4f2pDdydwn7nzs5d+4uh4/7sKRoj8ikh7zBn6q6cMRLT0vhff8
|
|
||||||
1+L4bXCmQGJp51LtGxk4coYIoT1HyGiCQdvbKlIl10mqnsWDIn0vC9+MkC21qjPH
|
|
||||||
m+g5j7t5WxMtTqlpWccJJuK1U4CGcrt8vulGW9iyeELWXcO7OjtfD+jDYPuInzor
|
|
||||||
n9N9n8cyqk00p2ahJRaVpmnnhqNcubnfWAXj
|
|
||||||
-----END CERTIFICATE-----
|
-----END CERTIFICATE-----
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
$FreeBSD$
|
$FreeBSD$
|
||||||
|
|
||||||
sendmail 8.15.2
|
sendmail 8.16.1
|
||||||
originals can be found at: ftp://ftp.sendmail.org/pub/sendmail/
|
originals can be found at: ftp://ftp.sendmail.org/pub/sendmail/
|
||||||
|
|
||||||
For the import of sendmail, the following directories were renamed:
|
For the import of sendmail, the following directories were renamed:
|
||||||
@ -13,12 +13,16 @@ http://www.freebsd.org/doc/en_US.ISO8859-1/articles/committers-guide/subversion-
|
|||||||
|
|
||||||
Then merged using:
|
Then merged using:
|
||||||
|
|
||||||
% set FSVN=svn+ssh://svn.freebsd.org/base
|
% set FSVN=svn+ssh://repo.freebsd.org/base
|
||||||
% svn checkout $FSVN/head/contrib/sendmail head
|
% svn checkout $FSVN/head/contrib/sendmail head
|
||||||
% cd head
|
% cd head
|
||||||
% svn merge --accept=postpone $FSVN/vendor/sendmail/dist .
|
### Replace XXXXXX with import revision number in next command:
|
||||||
% svn rm --force */Build [e-v]*/*.0 cf/cf/generic-*.cf cf/cf/Build
|
% svn merge -c rXXXXXX --accept=postpone '^/vendor/sendmail/dist' .
|
||||||
% svn rm --force Build devtools doc/op/op.ps src/makesendmail src/sysexits.h
|
% svn resolve --accept working cf/cf/Build \
|
||||||
|
cf/cf/generic-{bsd4.4,hpux{9,10},linux,mpeix,nextstep3.3,osf1,solaris,sunos4.1,ultrix4}.cf \
|
||||||
|
devtools doc/op/op.ps editmap/editmap.0 mail.local/mail.local.0 mailstats/mailstats.0 \
|
||||||
|
makemap/makemap.0 praliases/praliases.0 rmail/rmail.0 smrsh/smrsh.0 \
|
||||||
|
src/{aliases,mailq,newaliases,sendmail}.0 vacation/vacation.0
|
||||||
% svn propset -R svn:keywords FreeBSD=%H .
|
% svn propset -R svn:keywords FreeBSD=%H .
|
||||||
% svn propdel svn:keywords libmilter/docs/*.jpg
|
% svn propdel svn:keywords libmilter/docs/*.jpg
|
||||||
% svn diff --no-diff-deleted --old=$FSVN/vendor/sendmail/dist --new=.
|
% svn diff --no-diff-deleted --old=$FSVN/vendor/sendmail/dist --new=.
|
||||||
@ -98,4 +102,4 @@ infrastructure in FreeBSD:
|
|||||||
usr.sbin/mailwrapper/Makefile
|
usr.sbin/mailwrapper/Makefile
|
||||||
|
|
||||||
gshapiro@FreeBSD.org
|
gshapiro@FreeBSD.org
|
||||||
06-July-2015
|
15-July-2020
|
||||||
|
@ -271,4 +271,3 @@ Kresolve sequence dnsmx canon
|
|||||||
be used if set instead of LOCAL_RELAY ($R). This will be fixed in a
|
be used if set instead of LOCAL_RELAY ($R). This will be fixed in a
|
||||||
future version.
|
future version.
|
||||||
|
|
||||||
$Revision: 8.61 $, Last updated $Date: 2011-04-07 17:48:23 $
|
|
||||||
|
@ -37,7 +37,7 @@ each of the following conditions is met:
|
|||||||
the "Copyright Notice" refers to the following language:
|
the "Copyright Notice" refers to the following language:
|
||||||
"Copyright (c) 1998-2014 Proofpoint, Inc. All rights reserved."
|
"Copyright (c) 1998-2014 Proofpoint, Inc. All rights reserved."
|
||||||
|
|
||||||
3. Neither the name of Proofpoint, Inc. nor the University of California nor
|
4. Neither the name of Proofpoint, Inc. nor the University of California nor
|
||||||
names of their contributors may be used to endorse or promote
|
names of their contributors may be used to endorse or promote
|
||||||
products derived from this software without specific prior written
|
products derived from this software without specific prior written
|
||||||
permission. The name "sendmail" is a trademark of Proofpoint, Inc.
|
permission. The name "sendmail" is a trademark of Proofpoint, Inc.
|
||||||
|
File diff suppressed because it is too large
Load Diff
@ -431,8 +431,7 @@ makemap A program that creates the keyed maps used by the $( ... $)
|
|||||||
expect to preprocess must human-convenient formats
|
expect to preprocess must human-convenient formats
|
||||||
using sed scripts before this program will like them.
|
using sed scripts before this program will like them.
|
||||||
But it should be functionally complete.
|
But it should be functionally complete.
|
||||||
praliases A program to print the DBM or NEWDB version of the
|
praliases A program to print the map version of the aliases file.
|
||||||
aliases file.
|
|
||||||
rmail Source for rmail(8). This is used as a delivery
|
rmail Source for rmail(8). This is used as a delivery
|
||||||
agent for for UUCP, and could presumably be used by
|
agent for for UUCP, and could presumably be used by
|
||||||
other non-socket oriented mailers. Older versions of
|
other non-socket oriented mailers. Older versions of
|
||||||
@ -447,4 +446,3 @@ sendmail Source for the sendmail program itself.
|
|||||||
test Some test scripts (currently only for compilation aids).
|
test Some test scripts (currently only for compilation aids).
|
||||||
vacation Source for the vacation program. NOT PART OF SENDMAIL!
|
vacation Source for the vacation program. NOT PART OF SENDMAIL!
|
||||||
|
|
||||||
$Revision: 8.96 $, Last updated $Date: 2013-11-22 20:51:01 $
|
|
||||||
|
@ -5,6 +5,124 @@ This listing shows the version of the sendmail binary, the version
|
|||||||
of the sendmail configuration files, the date of release, and a
|
of the sendmail configuration files, the date of release, and a
|
||||||
summary of the changes in that release.
|
summary of the changes in that release.
|
||||||
|
|
||||||
|
8.16.1/8.16.1 2020/07/05
|
||||||
|
SECURITY: If sendmail tried to reuse an SMTP session which had
|
||||||
|
already been closed by the server, then the connection
|
||||||
|
cache could have invalid information about the session.
|
||||||
|
One possible consequence was that STARTTLS was not
|
||||||
|
used even if offered. This problem has been fixed
|
||||||
|
by clearing out all relevant status information
|
||||||
|
when a closed session is encountered.
|
||||||
|
OpenSSL versions before 0.9.8 are no longer supported.
|
||||||
|
OpenSSL version 1.1.0 and 1.1.1 are supported.
|
||||||
|
Initial support for DANE (see RFC 7672 et.al.) is available if
|
||||||
|
the compile time option DANE is set. Only TLSA RR 3-1-x
|
||||||
|
is currently implemented.
|
||||||
|
New options SSLEngine and SSLEnginePath to support OpenSSL engines.
|
||||||
|
Note: this feature has so far only been tested with the
|
||||||
|
"chil" engine; please report problems with other engines
|
||||||
|
if you encounter any.
|
||||||
|
New option CRLPath to specify a directory which contains
|
||||||
|
hashes pointing to certificate revocations files.
|
||||||
|
Based on patch from Al Smith.
|
||||||
|
New rulesets tls_srv_features and tls_clt_features which
|
||||||
|
can return a (semicolon separated) list of TLS related
|
||||||
|
options, e.g., CipherList, CertFile, KeyFile,
|
||||||
|
see doc/op/op.me for details.
|
||||||
|
To automatically handle TLS interoperability problems for outgoing
|
||||||
|
mail, sendmail can now immediately try a connection again
|
||||||
|
without STARTTLS after a TLS handshake failure.
|
||||||
|
This can be configured globally via the option
|
||||||
|
TLSFallbacktoClear or per session via the 'C' flag
|
||||||
|
of tls_clt_features.
|
||||||
|
This also adds the new value "CLEAR" for the macro
|
||||||
|
{verify}: STARTTLS has been disabled internally for
|
||||||
|
a clear text delivery attempt.
|
||||||
|
Apply Timeout.starttls also to the server waiting for the TLS
|
||||||
|
handshake to begin. Based on patch from Simon Hradecky.
|
||||||
|
New compile time option TLS_EC to enable the use of elliptic
|
||||||
|
curve cryptography in STARTTLS (previously available as
|
||||||
|
_FFR_TLS_EC).
|
||||||
|
Handle MIME boundaries specified in headers which contain CRLF.
|
||||||
|
Fix detection of loopback net (it was broken when compiled
|
||||||
|
with NETINET6) and only set the macros {if_addr_out}
|
||||||
|
and {if_family_out} if the interface of the outgoing
|
||||||
|
connection does not belong to the loopback net.
|
||||||
|
Fix logic to enable a milter to delete a recipient in
|
||||||
|
DeliveryMode=interactive even if it might be subject
|
||||||
|
to alias expansion.
|
||||||
|
Log name of a milter making changes (this was missing for
|
||||||
|
some functions).
|
||||||
|
Log the actual reply of a server when an SMTP delivery problem
|
||||||
|
occurs in a "reply=" field if possible.
|
||||||
|
Log user= for failed AUTH attempts if possible. Based on
|
||||||
|
patch from Packet Hack, Jim Hranicky, Kevin A. McGrail,
|
||||||
|
and Joe Quinn.
|
||||||
|
Add CDB as map type. Note: CDB is a "Constant DataBase", i.e.,
|
||||||
|
no changes can be made after it is created, hence it
|
||||||
|
does not work with vacation(1) nor editmap(8) (except
|
||||||
|
for query mode).
|
||||||
|
Fix some memory leaks (mostly in error cases) and properly handle
|
||||||
|
copied varargs in sm_io_vfprintf(). The issues were found
|
||||||
|
using Coverity Scan and reported (including patches) by
|
||||||
|
Ondřej Lysoněk of Red Hat.
|
||||||
|
Do not override ServerSSLOptions and ClientSSLOptions when they
|
||||||
|
are specified on the command line. Based on patch from
|
||||||
|
Hiroki Sato.
|
||||||
|
Add RFC7505 Null MX support for domains that declare they do not
|
||||||
|
accept mail.
|
||||||
|
New compile time option LDAP_NETWORK_TIMEOUT which is set
|
||||||
|
automatically when LDAPMAP is used and
|
||||||
|
LDAP_OPT_NETWORK_TIMEOUT is available to enable the
|
||||||
|
new -c option for LDAP maps to specify the network timeout.
|
||||||
|
CONFIG: New FEATURE(`tls_session_features') to enable standard
|
||||||
|
rules for tls_srv_features and tls_clt_features; for
|
||||||
|
details see cf/README.
|
||||||
|
CONFIG: New options confSSL_ENGINE and confSSL_ENGINE_PATH
|
||||||
|
for SSLEngine and SSLEnginePath, respectively.
|
||||||
|
CONFIG: New options confDANE to enable DANE support.
|
||||||
|
CONFIG: New option confTLS_FALLBACK_TO_CLEAR for TLSFallbacktoClear.
|
||||||
|
CONFIG: New extension CITag: for TLS restrictions, see cf/README
|
||||||
|
for details.
|
||||||
|
CONFIG: FEATURE(`blacklist_recipients') renamed to
|
||||||
|
FEATURE(`blocklist_recipients').
|
||||||
|
CONTRIB: cidrexpand updated to support IPv6 CIDR ranges and to
|
||||||
|
canonicalize IPv6 addresses; if cidrexpand is used with IPv6
|
||||||
|
addresses then UseCompressedIPv6Addresses must be disabled.
|
||||||
|
DOC: The dns map can return multiple values in a single result
|
||||||
|
if the -z option is used.
|
||||||
|
DOC: Note to set MustQuoteChars=. due to DKIM signatures.
|
||||||
|
LIBMILTER: Fix typo in a macro. Patch from Ignacio Goyret
|
||||||
|
of Alcatel-Lucent.
|
||||||
|
LIBMILTER: Fix reference in xxfi_negotiate documentation.
|
||||||
|
Patch from Sven Neuhaus.
|
||||||
|
LIBMILTER: Fix function name in smfi_addrcpt_par documentation.
|
||||||
|
Patch from G.W. Haywood.
|
||||||
|
LIBMILTER: Fix a potential memory leak in smfi_setsymlist().
|
||||||
|
Patch from Martin Svec.
|
||||||
|
MAKEMAP: New map type "implicit" refers to the first available type,
|
||||||
|
i.e., it depends on the compile time options NEWDB, DBM,
|
||||||
|
and CDB. This can be used in conjunction with the
|
||||||
|
"implicit" map type in sendmail.cf.
|
||||||
|
Note: makemap, libsmdb, and sendmail must be compiled
|
||||||
|
with the same options (and library versions of course).
|
||||||
|
Portability:
|
||||||
|
Add support for Darwin 14-18 (Mac OS X 10.x).
|
||||||
|
New option HAS_GETHOSTBYNAME2: set if your system
|
||||||
|
supports gethostbyname2(2).
|
||||||
|
Set SM_CONF_SEM=2 for FreeBSD 12 and later due to
|
||||||
|
changes in sys/sem.h
|
||||||
|
On Linux set MAXHOSTNAMELEN (the maximum length
|
||||||
|
of a FQHN) to 256 if it is less than that value.
|
||||||
|
Added Files:
|
||||||
|
cf/feature/blocklist_recipients.m4
|
||||||
|
cf/feature/tls_failures.m4
|
||||||
|
devtools/OS/Darwin.14.x
|
||||||
|
devtools/OS/Darwin.15.x
|
||||||
|
devtools/OS/Darwin.16.x
|
||||||
|
libsmdb/smcdb.c
|
||||||
|
sendmail/ratectrl.h
|
||||||
|
|
||||||
8.15.2/8.15.2 2015/07/03
|
8.15.2/8.15.2 2015/07/03
|
||||||
If FEATURE(`nopercenthack') is used then some bogus input triggered
|
If FEATURE(`nopercenthack') is used then some bogus input triggered
|
||||||
a recursion which was caught and logged as
|
a recursion which was caught and logged as
|
||||||
@ -104,7 +222,7 @@ summary of the changes in that release.
|
|||||||
The option CipherList sets the list of ciphers for STARTTLS.
|
The option CipherList sets the list of ciphers for STARTTLS.
|
||||||
See ciphers(1) for possible values.
|
See ciphers(1) for possible values.
|
||||||
Do not log "STARTTLS: internal error: tls_verify_cb: ssl == NULL"
|
Do not log "STARTTLS: internal error: tls_verify_cb: ssl == NULL"
|
||||||
if a CRLFfile is in use (and LogLevel is 14 or higher.)
|
if a CRLFile is in use (and LogLevel is 14 or higher.)
|
||||||
Store a more specific TLS protocol version in ${tls_version}
|
Store a more specific TLS protocol version in ${tls_version}
|
||||||
instead of a generic one, e.g., TLSv1 instead of
|
instead of a generic one, e.g., TLSv1 instead of
|
||||||
TLSv1/SSLv3.
|
TLSv1/SSLv3.
|
||||||
@ -127,7 +245,7 @@ summary of the changes in that release.
|
|||||||
A new map type "arpa" is available to reverse an IP (IPv4 or IPv6)
|
A new map type "arpa" is available to reverse an IP (IPv4 or IPv6)
|
||||||
address. It returns the string for the PTR lookup, but
|
address. It returns the string for the PTR lookup, but
|
||||||
without trailing {ip6,in-addr}.arpa.
|
without trailing {ip6,in-addr}.arpa.
|
||||||
New operation mode 'C' just checks the configuration file, e.g.,
|
New operation mode 'C' just checks the configuration file, e.g.,
|
||||||
sendmail -C new.cf -bC
|
sendmail -C new.cf -bC
|
||||||
will perform a basic syntax/consistency check of new.cf.
|
will perform a basic syntax/consistency check of new.cf.
|
||||||
The mailer flag 'I' is deprecated and will be removed in a
|
The mailer flag 'I' is deprecated and will be removed in a
|
||||||
@ -740,7 +858,7 @@ summary of the changes in that release.
|
|||||||
Patches from Nelson Fung.
|
Patches from Nelson Fung.
|
||||||
CONTRIB: cidrexpand uses a hash symbol as comment character and
|
CONTRIB: cidrexpand uses a hash symbol as comment character and
|
||||||
ignores everything after it unless it is in quotes or
|
ignores everything after it unless it is in quotes or
|
||||||
preceeded by a backslash.
|
preceded by a backslash.
|
||||||
DEVTOOLS: New macro confMKDIR: if set to a program that creates
|
DEVTOOLS: New macro confMKDIR: if set to a program that creates
|
||||||
directories, then it used for "make install" to create
|
directories, then it used for "make install" to create
|
||||||
the required installation directories.
|
the required installation directories.
|
||||||
@ -2465,7 +2583,7 @@ summary of the changes in that release.
|
|||||||
noted by Greg Robinson of the Defence Science and
|
noted by Greg Robinson of the Defence Science and
|
||||||
Technology Organisation of Australia.
|
Technology Organisation of Australia.
|
||||||
CONFIG: dnsbl: If an argument specifies an error message in case
|
CONFIG: dnsbl: If an argument specifies an error message in case
|
||||||
of temporary lookup failures for DNS based blacklists
|
of temporary lookup failures for DNS based blocklists
|
||||||
then use it.
|
then use it.
|
||||||
LIBMILTER: Install mfdef.h, required by mfapi.h. Problem noted by
|
LIBMILTER: Install mfdef.h, required by mfapi.h. Problem noted by
|
||||||
Richard A. Nelson of Debian.
|
Richard A. Nelson of Debian.
|
||||||
@ -2539,7 +2657,7 @@ summary of the changes in that release.
|
|||||||
is "pw", which means to use getpwnam(). New mailbox database
|
is "pw", which means to use getpwnam(). New mailbox database
|
||||||
types can be added by adding custom code to libsm/mbdb.c.
|
types can be added by adding custom code to libsm/mbdb.c.
|
||||||
Queue file names are now 15 characters long, rather than 14 characters
|
Queue file names are now 15 characters long, rather than 14 characters
|
||||||
long, to accomodate envelope splitting. File systems with
|
long, to accommodate envelope splitting. File systems with
|
||||||
a 14 character file name length limit are no longer
|
a 14 character file name length limit are no longer
|
||||||
supported.
|
supported.
|
||||||
Recipient list used for delivery now gets internally ordered by
|
Recipient list used for delivery now gets internally ordered by
|
||||||
@ -2580,7 +2698,7 @@ summary of the changes in that release.
|
|||||||
New ruleset srv_features to enable/disable certain features in the
|
New ruleset srv_features to enable/disable certain features in the
|
||||||
server per connection. See doc/op/op.me for details.
|
server per connection. See doc/op/op.me for details.
|
||||||
New ruleset tls_rcpt to decide whether to send e-mail to a particular
|
New ruleset tls_rcpt to decide whether to send e-mail to a particular
|
||||||
recipient; useful to decide whether a conection is secure
|
recipient; useful to decide whether a connection is secure
|
||||||
enough on a per recipient basis.
|
enough on a per recipient basis.
|
||||||
New option TLSSrvOptions to modify some aspects of the server
|
New option TLSSrvOptions to modify some aspects of the server
|
||||||
for STARTTLS.
|
for STARTTLS.
|
||||||
@ -2591,7 +2709,7 @@ summary of the changes in that release.
|
|||||||
Macro expand filenames/directories for certs and keys in the .cf file.
|
Macro expand filenames/directories for certs and keys in the .cf file.
|
||||||
Proposed by Neil Rickert of Northern Illinois University.
|
Proposed by Neil Rickert of Northern Illinois University.
|
||||||
Generate an ephemeral RSA key for a STARTTLS connection only if
|
Generate an ephemeral RSA key for a STARTTLS connection only if
|
||||||
really required. This change results in a noticable
|
really required. This change results in a noticeable
|
||||||
performance gains on most machines. Moreover, if shared
|
performance gains on most machines. Moreover, if shared
|
||||||
memory is in use, reuse the key several times.
|
memory is in use, reuse the key several times.
|
||||||
Add queue groups which can be used to group queue directories with
|
Add queue groups which can be used to group queue directories with
|
||||||
@ -3500,7 +3618,7 @@ summary of the changes in that release.
|
|||||||
CONFIG: Reject addresses of the form a!b if FEATURE(`nouucp', `r')
|
CONFIG: Reject addresses of the form a!b if FEATURE(`nouucp', `r')
|
||||||
is used. Problem noted by Phil Homewood of Asia Online,
|
is used. Problem noted by Phil Homewood of Asia Online,
|
||||||
patch from Neil Rickert of Northern Illinois University.
|
patch from Neil Rickert of Northern Illinois University.
|
||||||
CONFIG: Change the default DNS based blacklist server for
|
CONFIG: Change the default DNS based blocklist server for
|
||||||
FEATURE(`dnsbl') to blackholes.mail-abuse.org.
|
FEATURE(`dnsbl') to blackholes.mail-abuse.org.
|
||||||
CONFIG: Deal correctly with the 'C' flag in {daemon_flags}, i.e.,
|
CONFIG: Deal correctly with the 'C' flag in {daemon_flags}, i.e.,
|
||||||
implicitly assume canonical host names.
|
implicitly assume canonical host names.
|
||||||
@ -4736,7 +4854,7 @@ summary of the changes in that release.
|
|||||||
from Per Hedeland of Ericsson.
|
from Per Hedeland of Ericsson.
|
||||||
If a resolver ANY query is larger than the UDP packet size, the
|
If a resolver ANY query is larger than the UDP packet size, the
|
||||||
resolver will fall back to TCP. However, some
|
resolver will fall back to TCP. However, some
|
||||||
misconfigured firewalls black 53/TCP so the ANY lookup
|
misconfigured firewalls block 53/TCP so the ANY lookup
|
||||||
fails whereas an MX or A record might succeed. Therefore,
|
fails whereas an MX or A record might succeed. Therefore,
|
||||||
don't fail on ANY queries.
|
don't fail on ANY queries.
|
||||||
If an SMTP recipient is rejected due to syntax errors in the
|
If an SMTP recipient is rejected due to syntax errors in the
|
||||||
@ -5152,7 +5270,7 @@ summary of the changes in that release.
|
|||||||
line up into 2046-character output lines (excluding the
|
line up into 2046-character output lines (excluding the
|
||||||
newline). If an input line was 2047 characters long
|
newline). If an input line was 2047 characters long
|
||||||
(excluding CR-LF) and the last character was a '.',
|
(excluding CR-LF) and the last character was a '.',
|
||||||
mail.local saw it as the end of input, transfered it to the
|
mail.local saw it as the end of input, transferred it to the
|
||||||
user mailbox and tried to write an `ok' back to sendmail.
|
user mailbox and tried to write an `ok' back to sendmail.
|
||||||
If the message was much longer, both sendmail and
|
If the message was much longer, both sendmail and
|
||||||
mail.local would deadlock waiting for each other to read
|
mail.local would deadlock waiting for each other to read
|
||||||
@ -6039,7 +6157,7 @@ summary of the changes in that release.
|
|||||||
CONFIG: FEATURE(nodns) now warns the user that the feature is a
|
CONFIG: FEATURE(nodns) now warns the user that the feature is a
|
||||||
no-op. Patch from Kari Hurtta of the Finnish
|
no-op. Patch from Kari Hurtta of the Finnish
|
||||||
Meteorological Institute.
|
Meteorological Institute.
|
||||||
CONFIG: OSTYPE(osf1) now sets DefaultUserID (confDEF_USER_ID) to
|
CONFIG: OSTYPE(osf1) now sets DefaultUser (confDEF_USER_ID) to
|
||||||
daemon since DEC's /bin/mail will drop the envelope
|
daemon since DEC's /bin/mail will drop the envelope
|
||||||
sender if run as mailnull. See the Digital UNIX section
|
sender if run as mailnull. See the Digital UNIX section
|
||||||
of src/README for more information. Problem noted by
|
of src/README for more information. Problem noted by
|
||||||
@ -7632,7 +7750,7 @@ summary of the changes in that release.
|
|||||||
instead of 0644. Suggested by Ann-Kian Yeo of the
|
instead of 0644. Suggested by Ann-Kian Yeo of the
|
||||||
National University of Singapore.
|
National University of Singapore.
|
||||||
Print errors if setgid/setuid/etc. fail during delivery. This helps
|
Print errors if setgid/setuid/etc. fail during delivery. This helps
|
||||||
detect cases where DefaultUid is set to something that the
|
detect cases where DefaultUser is set to something that the
|
||||||
system can't cope with.
|
system can't cope with.
|
||||||
PORTABILITY FIXES:
|
PORTABILITY FIXES:
|
||||||
Support for AIX/RS 2.2.1 from Mark Whetzel of Western
|
Support for AIX/RS 2.2.1 from Mark Whetzel of Western
|
||||||
@ -9840,7 +9958,7 @@ summary of the changes in that release.
|
|||||||
gethostname() (instead of myhostname(), which tries
|
gethostname() (instead of myhostname(), which tries
|
||||||
to fully qualify the name) to be consistent with
|
to fully qualify the name) to be consistent with
|
||||||
SunOS. If your hostname is unqualified, this fixes
|
SunOS. If your hostname is unqualified, this fixes
|
||||||
transfers to slave servers. Bug noted by Keith
|
transfers to secondary servers. Bug noted by Keith
|
||||||
McMillan of Ameritech Services, Inc.
|
McMillan of Ameritech Services, Inc.
|
||||||
Fix Ultrix problem: gethostbyname() can return a very large
|
Fix Ultrix problem: gethostbyname() can return a very large
|
||||||
(> 500) h_length field, which causes the sockaddr
|
(> 500) h_length field, which causes the sockaddr
|
||||||
|
@ -396,7 +396,7 @@ SMTP_MAILER_MAXMSGS [undefined] If defined, the maximum number of
|
|||||||
messages to deliver in a single connection for the
|
messages to deliver in a single connection for the
|
||||||
smtp, smtp8, esmtp, or dsmtp mailers.
|
smtp, smtp8, esmtp, or dsmtp mailers.
|
||||||
SMTP_MAILER_MAXRCPTS [undefined] If defined, the maximum number of
|
SMTP_MAILER_MAXRCPTS [undefined] If defined, the maximum number of
|
||||||
recipients to deliver in a single connection for the
|
recipients to deliver in a single envelope for the
|
||||||
smtp, smtp8, esmtp, or dsmtp mailers.
|
smtp, smtp8, esmtp, or dsmtp mailers.
|
||||||
SMTP_MAILER_ARGS [TCP $h] The arguments passed to the smtp mailer.
|
SMTP_MAILER_ARGS [TCP $h] The arguments passed to the smtp mailer.
|
||||||
About the only reason you would want to change this
|
About the only reason you would want to change this
|
||||||
@ -1250,7 +1250,7 @@ access_db Turns on the access database feature. The access db gives
|
|||||||
important information about this feature. Notice:
|
important information about this feature. Notice:
|
||||||
"-T<TMPF>" is meant literal, do not replace it by anything.
|
"-T<TMPF>" is meant literal, do not replace it by anything.
|
||||||
|
|
||||||
blacklist_recipients
|
blocklist_recipients
|
||||||
Turns on the ability to block incoming mail for certain
|
Turns on the ability to block incoming mail for certain
|
||||||
recipient usernames, hostnames, or addresses. For
|
recipient usernames, hostnames, or addresses. For
|
||||||
example, you can block incoming mail to user nobody,
|
example, you can block incoming mail to user nobody,
|
||||||
@ -1579,7 +1579,7 @@ require_rdns Reject mail from connecting SMTP clients without proper
|
|||||||
Entries such as
|
Entries such as
|
||||||
Connect:1.2.3.4 OK
|
Connect:1.2.3.4 OK
|
||||||
Connect:1.2 RELAY
|
Connect:1.2 RELAY
|
||||||
will whitelist IP address 1.2.3.4, so that the rDNS
|
will allowlist IP address 1.2.3.4, so that the rDNS
|
||||||
blocking does apply to that IP address
|
blocking does apply to that IP address
|
||||||
|
|
||||||
Entries such as
|
Entries such as
|
||||||
@ -2602,7 +2602,7 @@ requires a tag. For example,
|
|||||||
From:another.dom REJECT
|
From:another.dom REJECT
|
||||||
|
|
||||||
This would deny mails from spammer@some.dom but you could still
|
This would deny mails from spammer@some.dom but you could still
|
||||||
send mail to that address even if FEATURE(`blacklist_recipients')
|
send mail to that address even if FEATURE(`blocklist_recipients')
|
||||||
is enabled. Your system will allow relaying to friend.domain, but
|
is enabled. Your system will allow relaying to friend.domain, but
|
||||||
not from it (unless enabled by other means). Connections from that
|
not from it (unless enabled by other means). Connections from that
|
||||||
domain will be allowed even if it ends up in one of the DNS based
|
domain will be allowed even if it ends up in one of the DNS based
|
||||||
@ -2723,7 +2723,7 @@ sender address.
|
|||||||
|
|
||||||
If you use:
|
If you use:
|
||||||
|
|
||||||
FEATURE(`blacklist_recipients')
|
FEATURE(`blocklist_recipients')
|
||||||
|
|
||||||
then you can add entries to the map for local users, hosts in your
|
then you can add entries to the map for local users, hosts in your
|
||||||
domains, or addresses in your domain which should not receive mail:
|
domains, or addresses in your domain which should not receive mail:
|
||||||
@ -2747,14 +2747,14 @@ as value part in the access map. Taking the example from above:
|
|||||||
Mail can't be sent to spammer@aol.com or anyone at cyberspammer.com.
|
Mail can't be sent to spammer@aol.com or anyone at cyberspammer.com.
|
||||||
That's why tagged entries should be used.
|
That's why tagged entries should be used.
|
||||||
|
|
||||||
There are several DNS based blacklists which can be found by
|
There are several DNS based blocklists which can be found by
|
||||||
querying a search engine. These are databases of spammers
|
querying a search engine. These are databases of spammers
|
||||||
maintained in DNS. To use such a database, specify
|
maintained in DNS. To use such a database, specify
|
||||||
|
|
||||||
FEATURE(`dnsbl', `dnsbl.example.com')
|
FEATURE(`dnsbl', `dnsbl.example.com')
|
||||||
|
|
||||||
This will cause sendmail to reject mail from any site listed in the
|
This will cause sendmail to reject mail from any site listed in the
|
||||||
DNS based blacklist. You must select a DNS based blacklist domain
|
DNS based blocklist. You must select a DNS based blocklist domain
|
||||||
to check by specifying an argument to the FEATURE. The default
|
to check by specifying an argument to the FEATURE. The default
|
||||||
error message is
|
error message is
|
||||||
|
|
||||||
@ -2789,14 +2789,14 @@ This FEATURE can be included several times to query different
|
|||||||
DNS based rejection lists.
|
DNS based rejection lists.
|
||||||
|
|
||||||
Notice: to avoid checking your own local domains against those
|
Notice: to avoid checking your own local domains against those
|
||||||
blacklists, use the access_db feature and add:
|
blocklists, use the access_db feature and add:
|
||||||
|
|
||||||
Connect:10.1 OK
|
Connect:10.1 OK
|
||||||
Connect:127.0.0.1 RELAY
|
Connect:127.0.0.1 RELAY
|
||||||
|
|
||||||
to the access map, where 10.1 is your local network. You may
|
to the access map, where 10.1 is your local network. You may
|
||||||
want to use "RELAY" instead of "OK" to allow also relaying
|
want to use "RELAY" instead of "OK" to allow also relaying
|
||||||
instead of just disabling the DNS lookups in the blacklists.
|
instead of just disabling the DNS lookups in the blocklists.
|
||||||
|
|
||||||
|
|
||||||
The features described above make use of the check_relay, check_mail,
|
The features described above make use of the check_relay, check_mail,
|
||||||
@ -2849,7 +2849,7 @@ my.domain and you have
|
|||||||
in the access map, then any e-mail with a sender address of
|
in the access map, then any e-mail with a sender address of
|
||||||
<user@my.domain> will not be rejected by check_relay even though
|
<user@my.domain> will not be rejected by check_relay even though
|
||||||
it would match the hostname or IP address. This allows spammers
|
it would match the hostname or IP address. This allows spammers
|
||||||
to get around DNS based blacklist by faking the sender address. To
|
to get around DNS based blocklist by faking the sender address. To
|
||||||
avoid this problem you have to use tagged entries:
|
avoid this problem you have to use tagged entries:
|
||||||
|
|
||||||
To:my.domain RELAY
|
To:my.domain RELAY
|
||||||
@ -2978,7 +2978,7 @@ limits per client IP address or net. These features can limit the
|
|||||||
rate of connections (connections per time unit) or the number of
|
rate of connections (connections per time unit) or the number of
|
||||||
incoming SMTP connections, respectively. If enabled, appropriate
|
incoming SMTP connections, respectively. If enabled, appropriate
|
||||||
rulesets are called at the end of check_relay, i.e., after DNS
|
rulesets are called at the end of check_relay, i.e., after DNS
|
||||||
blacklists and generic access_db operations. The features require
|
blocklists and generic access_db operations. The features require
|
||||||
FEATURE(`access_db') to be listed earlier in the mc file.
|
FEATURE(`access_db') to be listed earlier in the mc file.
|
||||||
|
|
||||||
Note: FEATURE(`delay_checks') delays those connection control checks
|
Note: FEATURE(`delay_checks') delays those connection control checks
|
||||||
@ -3071,13 +3071,13 @@ rulesets and map lookups, they are modified as follows: each non-printable
|
|||||||
character and the characters '<', '>', '(', ')', '"', '+', ' ' are replaced
|
character and the characters '<', '>', '(', ')', '"', '+', ' ' are replaced
|
||||||
by their HEX value with a leading '+'. For example:
|
by their HEX value with a leading '+'. For example:
|
||||||
|
|
||||||
/C=US/ST=California/O=endmail.org/OU=private/CN=Darth Mail (Cert)/Email=
|
/C=US/ST=California/O=endmail.org/OU=private/CN=Darth Mail (Cert)/emailAddress=
|
||||||
darth+cert@endmail.org
|
darth+cert@endmail.org
|
||||||
|
|
||||||
is encoded as:
|
is encoded as:
|
||||||
|
|
||||||
/C=US/ST=California/O=endmail.org/OU=private/CN=
|
/C=US/ST=California/O=endmail.org/OU=private/CN=
|
||||||
Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org
|
Darth+20Mail+20+28Cert+29/emailAddress=darth+2Bcert@endmail.org
|
||||||
|
|
||||||
(line breaks have been inserted for readability).
|
(line breaks have been inserted for readability).
|
||||||
|
|
||||||
@ -3089,30 +3089,27 @@ Examples:
|
|||||||
To allow relaying for everyone who can present a cert signed by
|
To allow relaying for everyone who can present a cert signed by
|
||||||
|
|
||||||
/C=US/ST=California/O=endmail.org/OU=private/CN=
|
/C=US/ST=California/O=endmail.org/OU=private/CN=
|
||||||
Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org
|
Darth+20Mail+20+28Cert+29/emailAddress=darth+2Bcert@endmail.org
|
||||||
|
|
||||||
simply use:
|
simply use:
|
||||||
|
|
||||||
CertIssuer:/C=US/ST=California/O=endmail.org/OU=private/CN=
|
CertIssuer:/C=US/ST=California/O=endmail.org/OU=private/CN=
|
||||||
Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org RELAY
|
Darth+20Mail+20+28Cert+29/emailAddress=darth+2Bcert@endmail.org RELAY
|
||||||
|
|
||||||
To allow relaying only for a subset of machines that have a cert signed by
|
To allow relaying only for a subset of machines that have a cert signed by
|
||||||
|
|
||||||
/C=US/ST=California/O=endmail.org/OU=private/CN=
|
/C=US/ST=California/O=endmail.org/OU=private/CN=
|
||||||
Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org
|
Darth+20Mail+20+28Cert+29/emailAddress=darth+2Bcert@endmail.org
|
||||||
|
|
||||||
use:
|
use:
|
||||||
|
|
||||||
CertIssuer:/C=US/ST=California/O=endmail.org/OU=private/CN=
|
CertIssuer:/C=US/ST=California/O=endmail.org/OU=private/CN=
|
||||||
Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org SUBJECT
|
Darth+20Mail+20+28Cert+29/emailAddress=darth+2Bcert@endmail.org SUBJECT
|
||||||
CertSubject:/C=US/ST=California/O=endmail.org/OU=private/CN=
|
CertSubject:/C=US/ST=California/O=endmail.org/OU=private/CN=
|
||||||
DeathStar/Email=deathstar@endmail.org RELAY
|
DeathStar/emailAddress=deathstar@endmail.org RELAY
|
||||||
|
|
||||||
Notes:
|
Note: line breaks have been inserted after "CN=" for readability,
|
||||||
- line breaks have been inserted after "CN=" for readability,
|
each tagged entry must be one (long) line in the access map.
|
||||||
each tagged entry must be one (long) line in the access map.
|
|
||||||
- if OpenSSL 0.9.7 or newer is used then the "Email=" part of a DN
|
|
||||||
is replaced by "emailAddress=".
|
|
||||||
|
|
||||||
Of course it is also possible to write a simple ruleset that allows
|
Of course it is also possible to write a simple ruleset that allows
|
||||||
relaying for everyone who can present a cert that can be verified, e.g.,
|
relaying for everyone who can present a cert that can be verified, e.g.,
|
||||||
@ -3188,16 +3185,23 @@ CN:name name must match ${cn_subject}
|
|||||||
CN ${client_name}/${server_name} must match ${cn_subject}
|
CN ${client_name}/${server_name} must match ${cn_subject}
|
||||||
CS:name name must match ${cert_subject}
|
CS:name name must match ${cert_subject}
|
||||||
CI:name name must match ${cert_issuer}
|
CI:name name must match ${cert_issuer}
|
||||||
|
CITag:MYTag look up MYTag:${cert_issuer} in access map; the check
|
||||||
|
only succeeds if it is found with a RHS of OK.
|
||||||
|
|
||||||
Example: e-mail sent to secure.example.com should only use an encrypted
|
Example: e-mail sent to secure.example.com should only use an encrypted
|
||||||
connection. E-mail received from hosts within the laptop.example.com domain
|
connection. E-mail received from hosts within the laptop.example.com domain
|
||||||
should only be accepted if they have been authenticated. The host which
|
should only be accepted if they have been authenticated. The host which
|
||||||
receives e-mail for darth@endmail.org must present a cert that uses the
|
receives e-mail for darth@endmail.org must present a cert that uses the
|
||||||
CN smtp.endmail.org.
|
CN smtp.endmail.org. E-mail sent to safe.example.com must be verified,
|
||||||
|
have a matching CN, and must present a cert signed by a CA with one of
|
||||||
|
the listed DNs.
|
||||||
|
|
||||||
TLS_Srv:secure.example.com ENCR:112
|
TLS_Srv:secure.example.com ENCR:112
|
||||||
TLS_Clt:laptop.example.com PERM+VERIFY:112
|
TLS_Clt:laptop.example.com PERM+VERIFY:112
|
||||||
TLS_Rcpt:darth@endmail.org ENCR:112+CN:smtp.endmail.org
|
TLS_Rcpt:darth@endmail.org ENCR:112+CN:smtp.endmail.org
|
||||||
|
TLS_Srv:safe.example.net VERIFY+CN++CITag:MyCA
|
||||||
|
MyCA:/C=US/ST=CA/O=safe/CN=example.net/ OK
|
||||||
|
MyCA:/C=US/ST=CA/O=secure/CN=example.net/ OK
|
||||||
|
|
||||||
|
|
||||||
TLS Options per Session
|
TLS Options per Session
|
||||||
@ -3217,6 +3221,7 @@ options:
|
|||||||
- Options: compare {Server,Client}SSLOptions.
|
- Options: compare {Server,Client}SSLOptions.
|
||||||
- CipherList: same as the global option.
|
- CipherList: same as the global option.
|
||||||
- CertFile, KeyFile: {Server,Client}{Cert,Key}File
|
- CertFile, KeyFile: {Server,Client}{Cert,Key}File
|
||||||
|
- Flags: see doc/op/op.me for details.
|
||||||
|
|
||||||
If FEATURE(`tls_session_features') is used, then default rulesets
|
If FEATURE(`tls_session_features') is used, then default rulesets
|
||||||
are activated which look up entries in the access map with the tags
|
are activated which look up entries in the access map with the tags
|
||||||
@ -3234,15 +3239,12 @@ If FEATURE(`tls_session_features') is not used the user can provide
|
|||||||
their own rulesets which must return the appropriate data.
|
their own rulesets which must return the appropriate data.
|
||||||
If the rulesets are not defined or do not return a value, the
|
If the rulesets are not defined or do not return a value, the
|
||||||
default TLS options are not modified.
|
default TLS options are not modified.
|
||||||
(These rulesets require the sendmail binary to be built with
|
|
||||||
_FFR_TLS_SE_OPTS enabled.)
|
|
||||||
|
|
||||||
About 2): the ruleset try_tls (srv_features) can be used that work
|
About 2): the ruleset try_tls (srv_features) can be used together
|
||||||
together with the access map. Entries for the access map must be
|
with the access map. Entries for the access map must be tagged
|
||||||
tagged with Try_TLS (Srv_Features) and refer to the hostname or IP
|
with Try_TLS (Srv_Features) and refer to the hostname or IP address
|
||||||
address of the connecting system. A default case can be specified
|
of the connecting system. A default case can be specified by using
|
||||||
by using just the tag. For example, the following entries in the
|
just the tag. For example, the following entries in the access map:
|
||||||
access map:
|
|
||||||
|
|
||||||
Try_TLS:broken.server NO
|
Try_TLS:broken.server NO
|
||||||
Srv_Features:my.domain v
|
Srv_Features:my.domain v
|
||||||
@ -3654,7 +3656,7 @@ for. In particular:
|
|||||||
if your system allows "file giveaways" (that is, if a non-root
|
if your system allows "file giveaways" (that is, if a non-root
|
||||||
user can chown any file they own to any other user).
|
user can chown any file they own to any other user).
|
||||||
|
|
||||||
* If your system allows file giveaways, DO NOT create a publically
|
* If your system allows file giveaways, DO NOT create a publicly
|
||||||
writable directory for forward files. This will allow anyone
|
writable directory for forward files. This will allow anyone
|
||||||
to steal anyone else's e-mail. Instead, create a script that
|
to steal anyone else's e-mail. Instead, create a script that
|
||||||
copies the .forward file from users' home directories once a
|
copies the .forward file from users' home directories once a
|
||||||
@ -4011,6 +4013,10 @@ confUSERDB_SPEC UserDatabaseSpec
|
|||||||
confFALLBACK_MX FallbackMXhost [undefined] Fallback MX host.
|
confFALLBACK_MX FallbackMXhost [undefined] Fallback MX host.
|
||||||
confFALLBACK_SMARTHOST FallbackSmartHost
|
confFALLBACK_SMARTHOST FallbackSmartHost
|
||||||
[undefined] Fallback smart host.
|
[undefined] Fallback smart host.
|
||||||
|
confTLS_FALLBACK_TO_CLEAR TLSFallbacktoClear
|
||||||
|
[undefined] If set, immediately try
|
||||||
|
a connection again without STARTTLS
|
||||||
|
after a TLS handshake failure.
|
||||||
confTRY_NULL_MX_LIST TryNullMXList [False] If this host is the best MX
|
confTRY_NULL_MX_LIST TryNullMXList [False] If this host is the best MX
|
||||||
for a host and other arrangements
|
for a host and other arrangements
|
||||||
haven't been made, try connecting
|
haven't been made, try connecting
|
||||||
@ -4364,10 +4370,13 @@ confCLIENT_KEY ClientKeyFile [undefined] File containing the
|
|||||||
cert.
|
cert.
|
||||||
confCRL CRLFile [undefined] File containing certificate
|
confCRL CRLFile [undefined] File containing certificate
|
||||||
revocation status, useful for X.509v3
|
revocation status, useful for X.509v3
|
||||||
authentication. Note that CRL requires
|
authentication.
|
||||||
at least OpenSSL version 0.9.7.
|
confCRL_PATH CRLPath [undefined] Directory containing
|
||||||
|
hashes pointing to certificate
|
||||||
|
revocation status files.
|
||||||
confDH_PARAMETERS DHParameters [undefined] File containing the
|
confDH_PARAMETERS DHParameters [undefined] File containing the
|
||||||
DH parameters.
|
DH parameters.
|
||||||
|
confDANE DANE [false] Enable DANE support.
|
||||||
confRAND_FILE RandFile [undefined] File containing random
|
confRAND_FILE RandFile [undefined] File containing random
|
||||||
data (use prefix file:) or the
|
data (use prefix file:) or the
|
||||||
name of the UNIX socket if EGD is
|
name of the UNIX socket if EGD is
|
||||||
@ -4379,6 +4388,9 @@ confCERT_FINGERPRINT_ALGORITHM CertFingerprintAlgorithm
|
|||||||
[undefined] The fingerprint algorithm
|
[undefined] The fingerprint algorithm
|
||||||
(digest) to use for the presented
|
(digest) to use for the presented
|
||||||
cert.
|
cert.
|
||||||
|
confSSL_ENGINE SSLEngine [undefined] Name of SSLEngine.
|
||||||
|
confSSL_ENGINE_PATH SSLEnginePath [undefined] Path to dynamic library
|
||||||
|
for SSLEngine.
|
||||||
confNICE_QUEUE_RUN NiceQueueRun [undefined] If set, the priority of
|
confNICE_QUEUE_RUN NiceQueueRun [undefined] If set, the priority of
|
||||||
queue runners is set the given value
|
queue runners is set the given value
|
||||||
(nice(3)).
|
(nice(3)).
|
||||||
@ -4799,7 +4811,6 @@ M4 DIVERSIONS
|
|||||||
5 locally interpreted names (overrides $R)
|
5 locally interpreted names (overrides $R)
|
||||||
6 local configuration (at top of file)
|
6 local configuration (at top of file)
|
||||||
7 mailer definitions
|
7 mailer definitions
|
||||||
8 DNS based blacklists
|
8 DNS based blocklists
|
||||||
9 special local rulesets (1 and 2)
|
9 special local rulesets (1 and 2)
|
||||||
|
|
||||||
$Revision: 8.730 $, Last updated $Date: 2014-01-16 15:55:51 $
|
|
||||||
|
@ -103,7 +103,7 @@ M4FILES=\
|
|||||||
${CFDIR}/feature/bcc.m4 \
|
${CFDIR}/feature/bcc.m4 \
|
||||||
${CFDIR}/feature/bestmx_is_local.m4 \
|
${CFDIR}/feature/bestmx_is_local.m4 \
|
||||||
${CFDIR}/feature/bitdomain.m4 \
|
${CFDIR}/feature/bitdomain.m4 \
|
||||||
${CFDIR}/feature/blacklist_recipients.m4 \
|
${CFDIR}/feature/blocklist_recipients.m4 \
|
||||||
${CFDIR}/feature/conncontrol.m4 \
|
${CFDIR}/feature/conncontrol.m4 \
|
||||||
${CFDIR}/feature/dnsbl.m4 \
|
${CFDIR}/feature/dnsbl.m4 \
|
||||||
${CFDIR}/feature/domaintable.m4 \
|
${CFDIR}/feature/domaintable.m4 \
|
||||||
|
@ -46,7 +46,7 @@ define(`CYRUS_MAILER_PATH', `/usr/local/cyrus/bin/deliver')
|
|||||||
define(`CYRUS_MAILER_FLAGS', `fAh5@/:|')
|
define(`CYRUS_MAILER_FLAGS', `fAh5@/:|')
|
||||||
|
|
||||||
FEATURE(`access_db')
|
FEATURE(`access_db')
|
||||||
FEATURE(`blacklist_recipients')
|
FEATURE(`blocklist_recipients')
|
||||||
FEATURE(`local_lmtp')
|
FEATURE(`local_lmtp')
|
||||||
FEATURE(`virtusertable')
|
FEATURE(`virtusertable')
|
||||||
FEATURE(`mailertable')
|
FEATURE(`mailertable')
|
||||||
@ -234,7 +234,7 @@ Kstorage macro
|
|||||||
|
|
||||||
LOCAL_RULESETS
|
LOCAL_RULESETS
|
||||||
######################################################################
|
######################################################################
|
||||||
### check for the existance of the X-MailScanner Header
|
### check for the existence of the X-MailScanner Header
|
||||||
HX-MailScanner: $>+CheckXMSc
|
HX-MailScanner: $>+CheckXMSc
|
||||||
D{SobigFPat}Found to be clean
|
D{SobigFPat}Found to be clean
|
||||||
D{SobigFMsg}This message may contain the Sobig.F virus.
|
D{SobigFMsg}This message may contain the Sobig.F virus.
|
||||||
|
@ -16,8 +16,8 @@
|
|||||||
#####
|
#####
|
||||||
##### SENDMAIL CONFIGURATION FILE
|
##### SENDMAIL CONFIGURATION FILE
|
||||||
#####
|
#####
|
||||||
##### built by ca@sandman.dev-lab.sendmail.com on Thu Jul 2 05:24:31 PDT 2015
|
##### built by ca@lab.smi.sendmail.com on Thu Jul 2 22:41:57 PDT 2020
|
||||||
##### in /x/ca/smi.git/sendmail/OpenSource/sendmail-8.15.2/cf/cf
|
##### in /var/tmp/ca/sm8.git/sendmail/OpenSource/sendmail-8.16.1/cf/cf
|
||||||
##### using ../ as configuration include directory
|
##### using ../ as configuration include directory
|
||||||
#####
|
#####
|
||||||
######################################################################
|
######################################################################
|
||||||
@ -114,7 +114,7 @@ D{MTAHost}[127.0.0.1]
|
|||||||
|
|
||||||
|
|
||||||
# Configuration version number
|
# Configuration version number
|
||||||
DZ8.15.2/Submit
|
DZ8.16.1/Submit
|
||||||
|
|
||||||
|
|
||||||
###############
|
###############
|
||||||
@ -513,6 +513,12 @@ O PidFile=/var/spool/clientmqueue/sm-client.pid
|
|||||||
#O ServerSSLOptions
|
#O ServerSSLOptions
|
||||||
# client side SSL options
|
# client side SSL options
|
||||||
#O ClientSSLOptions
|
#O ClientSSLOptions
|
||||||
|
# SSL Engine
|
||||||
|
#O SSLEngine
|
||||||
|
# Path to dynamic library for SSLEngine
|
||||||
|
#O SSLEnginePath
|
||||||
|
# TLS: fall back to clear text after handshake failure?
|
||||||
|
#O TLSFallbacktoClear
|
||||||
|
|
||||||
# Input mail filters
|
# Input mail filters
|
||||||
#O InputMailFilters
|
#O InputMailFilters
|
||||||
@ -532,12 +538,16 @@ O PidFile=/var/spool/clientmqueue/sm-client.pid
|
|||||||
#O ClientKeyFile
|
#O ClientKeyFile
|
||||||
# File containing certificate revocation lists
|
# File containing certificate revocation lists
|
||||||
#O CRLFile
|
#O CRLFile
|
||||||
|
# Directory containing hashes pointing to certificate revocation status files
|
||||||
|
#O CRLPath
|
||||||
# DHParameters (only required if DSA/DH is used)
|
# DHParameters (only required if DSA/DH is used)
|
||||||
#O DHParameters
|
#O DHParameters
|
||||||
# Random data source (required for systems without /dev/urandom under OpenSSL)
|
# Random data source (required for systems without /dev/urandom under OpenSSL)
|
||||||
#O RandFile
|
#O RandFile
|
||||||
# fingerprint algorithm (digest) to use for the presented cert
|
# fingerprint algorithm (digest) to use for the presented cert
|
||||||
#O CertFingerprintAlgorithm
|
#O CertFingerprintAlgorithm
|
||||||
|
# enable DANE?
|
||||||
|
#O DANE=false
|
||||||
|
|
||||||
# Maximum number of "useless" commands before slowing down
|
# Maximum number of "useless" commands before slowing down
|
||||||
#O MaxNOOPCommands=20
|
#O MaxNOOPCommands=20
|
||||||
@ -1257,6 +1267,7 @@ R$* $| $* $@ $>"TLS_connection" $1
|
|||||||
### ${verify}
|
### ${verify}
|
||||||
######################################################################
|
######################################################################
|
||||||
Stls_server
|
Stls_server
|
||||||
|
|
||||||
R$* $@ $>"TLS_connection" $1
|
R$* $@ $>"TLS_connection" $1
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
@ -1268,6 +1279,7 @@ R$* $@ $>"TLS_connection" $1
|
|||||||
######################################################################
|
######################################################################
|
||||||
STLS_connection
|
STLS_connection
|
||||||
RSOFTWARE $#error $@ 4.7.0 $: "403 TLS handshake."
|
RSOFTWARE $#error $@ 4.7.0 $: "403 TLS handshake."
|
||||||
|
RDANE_FAIL $#error $@ 4.7.0 $: "403 DANE check failed."
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -76,7 +76,7 @@ R$* $| $* $: ifelse(len(X`'_ARG3_),`1', `$1', `_ARG3_')
|
|||||||
ifdef(`_CANONIFY_BCC_', `dnl
|
ifdef(`_CANONIFY_BCC_', `dnl
|
||||||
R$+ @ $+ $: $1@$2 $| <$(canonicalRcpt $1 @ $2 $: $)>
|
R$+ @ $+ $: $1@$2 $| <$(canonicalRcpt $1 @ $2 $: $)>
|
||||||
R$* $| <> $@
|
R$* $| <> $@
|
||||||
R$* $| <$* <TMPF>> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
|
R$* $| <$* <TMPF>> $#error $@ 4.3.0 $: _TMPFMSG_(`BCC')
|
||||||
R$* $| <$+> $@ $2 map matched?
|
R$* $| <$+> $@ $2 map matched?
|
||||||
')
|
')
|
||||||
|
|
||||||
|
@ -13,7 +13,6 @@ divert(0)
|
|||||||
VERSIONID(`$Id: blacklist_recipients.m4,v 8.14 2013-11-22 20:51:11 ca Exp $')
|
VERSIONID(`$Id: blacklist_recipients.m4,v 8.14 2013-11-22 20:51:11 ca Exp $')
|
||||||
divert(-1)
|
divert(-1)
|
||||||
|
|
||||||
ifdef(`_ACCESS_TABLE_',
|
errprint(`WARNING: FEATURE(blacklist_recipients) is deprecated; use FEATURE(blocklist_recipients.m4).
|
||||||
`define(`_BLACKLIST_RCPT_', 1)',
|
')
|
||||||
`errprint(`*** ERROR: FEATURE(blacklist_recipients) requires FEATURE(access_db)
|
FEATURE(`blocklist_recipients')
|
||||||
')')
|
|
||||||
|
19
contrib/sendmail/cf/feature/blocklist_recipients.m4
Normal file
19
contrib/sendmail/cf/feature/blocklist_recipients.m4
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
divert(-1)
|
||||||
|
#
|
||||||
|
# Copyright (c) 1998, 1999 Proofpoint, Inc. and its suppliers.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# By using this file, you agree to the terms and conditions set
|
||||||
|
# forth in the LICENSE file which can be found at the top level of
|
||||||
|
# the sendmail distribution.
|
||||||
|
#
|
||||||
|
#
|
||||||
|
|
||||||
|
divert(0)
|
||||||
|
VERSIONID(`$Id: blocklist_recipients.m4,v 8.14 2013-11-22 20:51:11 ca Exp $')
|
||||||
|
divert(-1)
|
||||||
|
|
||||||
|
ifdef(`_ACCESS_TABLE_',
|
||||||
|
`define(`_BLOCKLIST_RCPT_', 1)',
|
||||||
|
`errprint(`*** ERROR: FEATURE(blocklist_recipients) requires FEATURE(access_db)
|
||||||
|
')')
|
17
contrib/sendmail/cf/feature/check_cert_altnames.m4
Normal file
17
contrib/sendmail/cf/feature/check_cert_altnames.m4
Normal file
@ -0,0 +1,17 @@
|
|||||||
|
divert(-1)
|
||||||
|
#
|
||||||
|
# Copyright (c) 2019 Proofpoint, Inc. and its suppliers.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# By using this file, you agree to the terms and conditions set
|
||||||
|
# forth in the LICENSE file which can be found at the top level of
|
||||||
|
# the sendmail distribution.
|
||||||
|
#
|
||||||
|
#
|
||||||
|
|
||||||
|
divert(0)dnl
|
||||||
|
VERSIONID(`$Id: block_bad_helo.m4,v 1.2 2013-11-22 20:51:11 ca Exp $')
|
||||||
|
divert(-1)
|
||||||
|
define(`_FFR_TLS_ALTNAMES', `1')
|
||||||
|
divert(6)dnl
|
||||||
|
O SetCertAltnames=true
|
@ -17,7 +17,7 @@ define(`_DNSBL_R_',`')
|
|||||||
ifelse(defn(`_ARG_'), `',
|
ifelse(defn(`_ARG_'), `',
|
||||||
`errprint(`*** ERROR: missing argument for FEATURE(`dnsbl')')')
|
`errprint(`*** ERROR: missing argument for FEATURE(`dnsbl')')')
|
||||||
LOCAL_CONFIG
|
LOCAL_CONFIG
|
||||||
# map for DNS based blacklist lookups
|
# map for DNS based blocklist lookups
|
||||||
Kdnsbl DNSBL_MAP -T<TMP>ifdef(`DNSBL_MAP_OPT',` DNSBL_MAP_OPT')')
|
Kdnsbl DNSBL_MAP -T<TMP>ifdef(`DNSBL_MAP_OPT',` DNSBL_MAP_OPT')')
|
||||||
divert(-1)
|
divert(-1)
|
||||||
define(`_DNSBL_SRV_', `_ARG_')dnl
|
define(`_DNSBL_SRV_', `_ARG_')dnl
|
||||||
|
@ -16,7 +16,7 @@ ifdef(`_EDNSBL_R_',`dnl',`dnl
|
|||||||
VERSIONID(`$Id: enhdnsbl.m4,v 1.13 2013-11-22 20:51:11 ca Exp $')
|
VERSIONID(`$Id: enhdnsbl.m4,v 1.13 2013-11-22 20:51:11 ca Exp $')
|
||||||
LOCAL_CONFIG
|
LOCAL_CONFIG
|
||||||
define(`_EDNSBL_R_',`')dnl
|
define(`_EDNSBL_R_',`')dnl
|
||||||
# map for enhanced DNS based blacklist lookups
|
# map for enhanced DNS based blocklist lookups
|
||||||
Kednsbl dns -R A -a. -T<TMP> -r`'ifdef(`EDNSBL_TO',`EDNSBL_TO',`5')
|
Kednsbl dns -R A -a. -T<TMP> -r`'ifdef(`EDNSBL_TO',`EDNSBL_TO',`5')
|
||||||
')
|
')
|
||||||
divert(-1)
|
divert(-1)
|
||||||
|
13
contrib/sendmail/cf/feature/tls_failures.m4
Normal file
13
contrib/sendmail/cf/feature/tls_failures.m4
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
divert(-1)
|
||||||
|
#
|
||||||
|
# Copyright (c) 2020 Proofpoint, Inc. and its suppliers.
|
||||||
|
# All rights reserved.
|
||||||
|
#
|
||||||
|
# By using this file, you agree to the terms and conditions set
|
||||||
|
# forth in the LICENSE file which can be found at the top level of
|
||||||
|
# the sendmail distribution.
|
||||||
|
#
|
||||||
|
|
||||||
|
errprint(`*** ERROR: FEATURE(tls_failures) has been replaced by confTLS_FALLBACK_TO_CLEAR
|
||||||
|
')
|
||||||
|
define(`confTLS_FALLBACK_TO_CLEAR', `true')
|
@ -73,6 +73,15 @@ define(`_ARG9_',`_ACC_ARG_9_(_ARGS_)')
|
|||||||
dnl define if not yet defined: if `$1' is not defined it will be `$2'
|
dnl define if not yet defined: if `$1' is not defined it will be `$2'
|
||||||
define(`_DEFIFNOT',`ifdef(`$1',`',`define(`$1',`$2')')')
|
define(`_DEFIFNOT',`ifdef(`$1',`',`define(`$1',`$2')')')
|
||||||
dnl ----------------------------------------
|
dnl ----------------------------------------
|
||||||
|
dnl Use a "token" for this error message to make them unique?
|
||||||
|
dnl Note: this is not a documented option. To enable it, use:
|
||||||
|
dnl define(`_USETMPFTOKEN_', `1')dnl
|
||||||
|
ifdef(`_USETMPFTOKEN_', `
|
||||||
|
define(_TMPFMSG_, `"451 Temporary system failure $1. Please try again later."')
|
||||||
|
', `dnl
|
||||||
|
define(_TMPFMSG_, `"451 Temporary system failure. Please try again later."')
|
||||||
|
')
|
||||||
|
dnl ----------------------------------------
|
||||||
dnl add a char $2 to a string $1 if it is not there
|
dnl add a char $2 to a string $1 if it is not there
|
||||||
define(`_ADDCHAR_',`define(`_I_',`eval(index(`$1',`$2') >= 0)')`'ifelse(_I_,`1',`$1',`$1$2')')
|
define(`_ADDCHAR_',`define(`_I_',`eval(index(`$1',`$2') >= 0)')`'ifelse(_I_,`1',`$1',`$1$2')')
|
||||||
dnl ----
|
dnl ----
|
||||||
|
@ -161,7 +161,7 @@ ifdef(`_ACCESS_TABLE_', `dnl
|
|||||||
# access_db acceptance class
|
# access_db acceptance class
|
||||||
C{Accept}OK RELAY
|
C{Accept}OK RELAY
|
||||||
ifdef(`_DELAY_COMPAT_8_10_',`dnl
|
ifdef(`_DELAY_COMPAT_8_10_',`dnl
|
||||||
ifdef(`_BLACKLIST_RCPT_',`dnl
|
ifdef(`_BLOCKLIST_RCPT_',`dnl
|
||||||
# possible access_db RHS for spam friends/haters
|
# possible access_db RHS for spam friends/haters
|
||||||
C{SpamTag}SPAMFRIEND SPAMHATER')')',
|
C{SpamTag}SPAMFRIEND SPAMHATER')')',
|
||||||
`dnl')
|
`dnl')
|
||||||
@ -197,7 +197,9 @@ ifdef(`_MACRO_MAP_', `', `# macro storage map
|
|||||||
define(`_MACRO_MAP_', `1')dnl
|
define(`_MACRO_MAP_', `1')dnl
|
||||||
Kmacro macro')
|
Kmacro macro')
|
||||||
# possible values for TLS_connection in access map
|
# possible values for TLS_connection in access map
|
||||||
C{Tls}VERIFY ENCR', `dnl')
|
C{Tls}VERIFY ENCR
|
||||||
|
C{TlsVerified}OK TRUSTED
|
||||||
|
dnl', `dnl')
|
||||||
ifdef(`_CERT_REGEX_ISSUER_', `dnl
|
ifdef(`_CERT_REGEX_ISSUER_', `dnl
|
||||||
# extract relevant part from cert issuer
|
# extract relevant part from cert issuer
|
||||||
KCERTIssuer regex _CERT_REGEX_ISSUER_', `dnl')
|
KCERTIssuer regex _CERT_REGEX_ISSUER_', `dnl')
|
||||||
@ -653,6 +655,12 @@ _OPTION(CipherList, `confCIPHER_LIST', `')
|
|||||||
_OPTION(ServerSSLOptions, `confSERVER_SSL_OPTIONS', `')
|
_OPTION(ServerSSLOptions, `confSERVER_SSL_OPTIONS', `')
|
||||||
# client side SSL options
|
# client side SSL options
|
||||||
_OPTION(ClientSSLOptions, `confCLIENT_SSL_OPTIONS', `')
|
_OPTION(ClientSSLOptions, `confCLIENT_SSL_OPTIONS', `')
|
||||||
|
# SSL Engine
|
||||||
|
_OPTION(SSLEngine, `confSSL_ENGINE', `')
|
||||||
|
# Path to dynamic library for SSLEngine
|
||||||
|
_OPTION(SSLEnginePath, `confSSL_ENGINE_PATH', `')
|
||||||
|
# TLS: fall back to clear text after handshake failure?
|
||||||
|
_OPTION(TLSFallbacktoClear, `confTLS_FALLBACK_TO_CLEAR', `')
|
||||||
|
|
||||||
# Input mail filters
|
# Input mail filters
|
||||||
_OPTION(InputMailFilters, `confINPUT_MAIL_FILTERS', `')
|
_OPTION(InputMailFilters, `confINPUT_MAIL_FILTERS', `')
|
||||||
@ -682,12 +690,16 @@ _OPTION(ClientCertFile, `confCLIENT_CERT', `')
|
|||||||
_OPTION(ClientKeyFile, `confCLIENT_KEY', `')
|
_OPTION(ClientKeyFile, `confCLIENT_KEY', `')
|
||||||
# File containing certificate revocation lists
|
# File containing certificate revocation lists
|
||||||
_OPTION(CRLFile, `confCRL', `')
|
_OPTION(CRLFile, `confCRL', `')
|
||||||
|
# Directory containing hashes pointing to certificate revocation status files
|
||||||
|
_OPTION(CRLPath, `confCRL_PATH', `')
|
||||||
# DHParameters (only required if DSA/DH is used)
|
# DHParameters (only required if DSA/DH is used)
|
||||||
_OPTION(DHParameters, `confDH_PARAMETERS', `')
|
_OPTION(DHParameters, `confDH_PARAMETERS', `')
|
||||||
# Random data source (required for systems without /dev/urandom under OpenSSL)
|
# Random data source (required for systems without /dev/urandom under OpenSSL)
|
||||||
_OPTION(RandFile, `confRAND_FILE', `')
|
_OPTION(RandFile, `confRAND_FILE', `')
|
||||||
# fingerprint algorithm (digest) to use for the presented cert
|
# fingerprint algorithm (digest) to use for the presented cert
|
||||||
_OPTION(CertFingerprintAlgorithm, `confCERT_FINGERPRINT_ALGORITHM', `')
|
_OPTION(CertFingerprintAlgorithm, `confCERT_FINGERPRINT_ALGORITHM', `')
|
||||||
|
# enable DANE?
|
||||||
|
_OPTION(DANE, `confDANE', `false')
|
||||||
|
|
||||||
# Maximum number of "useless" commands before slowing down
|
# Maximum number of "useless" commands before slowing down
|
||||||
_OPTION(MaxNOOPCommands, `confMAX_NOOP_COMMANDS', `20')
|
_OPTION(MaxNOOPCommands, `confMAX_NOOP_COMMANDS', `20')
|
||||||
@ -1500,7 +1512,7 @@ R<$* <TMPF>> <$*> <$+> <$+> <$*> $: $&{opMode} $| TMPF <$&{addr_type}> $| $3
|
|||||||
R<$*> <$* <TMPF>> <$+> <$+> <$*> $: $&{opMode} $| TMPF <$&{addr_type}> $| $3
|
R<$*> <$* <TMPF>> <$+> <$+> <$*> $: $&{opMode} $| TMPF <$&{addr_type}> $| $3
|
||||||
ifelse(_LDAP_ROUTE_MAPTEMP_, `_TEMPFAIL_', `dnl
|
ifelse(_LDAP_ROUTE_MAPTEMP_, `_TEMPFAIL_', `dnl
|
||||||
# ... temp fail RCPT SMTP commands
|
# ... temp fail RCPT SMTP commands
|
||||||
R$={SMTPOpModes} $| TMPF <e r> $| $+ $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."')
|
R$={SMTPOpModes} $| TMPF <e r> $| $+ $#error $@ 4.3.0 $: _TMPFMSG_(`OPM')')
|
||||||
# ... return original address for MTA to queue up
|
# ... return original address for MTA to queue up
|
||||||
R$* $| TMPF <$*> $| $+ $@ $3
|
R$* $| TMPF <$*> $| $+ $@ $3
|
||||||
|
|
||||||
@ -1733,7 +1745,7 @@ dnl if mark is <NO> then change it to <RELAY> if domain is "authorized"
|
|||||||
|
|
||||||
dnl what if access map returns something else than RELAY?
|
dnl what if access map returns something else than RELAY?
|
||||||
dnl we are only interested in RELAY entries...
|
dnl we are only interested in RELAY entries...
|
||||||
dnl other To: entries: blacklist recipient; generic entries?
|
dnl other To: entries: blocklist recipient; generic entries?
|
||||||
dnl if it is an error we probably do not want to relay anyway
|
dnl if it is an error we probably do not want to relay anyway
|
||||||
ifdef(`_RELAY_HOSTS_ONLY_',
|
ifdef(`_RELAY_HOSTS_ONLY_',
|
||||||
`R<NO> $* < @ $=R > $: <RELAY> $1 < @ $2 >
|
`R<NO> $* < @ $=R > $: <RELAY> $1 < @ $2 >
|
||||||
@ -1807,7 +1819,7 @@ R<QUARANTINE:$+> <$*> $#error $@ quarantine $: $1
|
|||||||
dnl error tag
|
dnl error tag
|
||||||
R<ERROR:$-.$-.$-:$+> <$*> $#error $@ $1.$2.$3 $: $4
|
R<ERROR:$-.$-.$-:$+> <$*> $#error $@ $1.$2.$3 $: $4
|
||||||
R<ERROR:$+> <$*> $#error $: $1
|
R<ERROR:$+> <$*> $#error $: $1
|
||||||
ifdef(`_ATMPF_', `R<$* _ATMPF_> <$*> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
|
ifdef(`_ATMPF_', `R<$* _ATMPF_> <$*> $#error $@ 4.3.0 $: _TMPFMSG_(`CR')', `dnl')
|
||||||
dnl generic error from access map
|
dnl generic error from access map
|
||||||
R<$+> <$*> $#error $: $1', `dnl')
|
R<$+> <$*> $#error $: $1', `dnl')
|
||||||
|
|
||||||
@ -1976,7 +1988,7 @@ R<REJECT> $* $#error ifdef(`confREJECT_MSG', `$: confREJECT_MSG', `$@ 5.7.1 $:
|
|||||||
dnl error tag
|
dnl error tag
|
||||||
R<ERROR:$-.$-.$-:$+> $* $#error $@ $1.$2.$3 $: $4
|
R<ERROR:$-.$-.$-:$+> $* $#error $@ $1.$2.$3 $: $4
|
||||||
R<ERROR:$+> $* $#error $: $1
|
R<ERROR:$+> $* $#error $: $1
|
||||||
ifdef(`_ATMPF_', `R<_ATMPF_> $* $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
|
ifdef(`_ATMPF_', `R<_ATMPF_> $* $#error $@ 4.3.0 $: _TMPFMSG_(`CM')', `dnl')
|
||||||
dnl generic error from access map
|
dnl generic error from access map
|
||||||
R<$+> $* $#error $: $1 error from access db',
|
R<$+> $* $#error $: $1 error from access db',
|
||||||
`dnl')
|
`dnl')
|
||||||
@ -2108,9 +2120,9 @@ R$* $=O $* < @ $* @@ $=w . > $* $@ $>"Rcpt_ok" $1 $2 $3
|
|||||||
R$* < @ $* @@ $=w . > $* $: $1 < @ $3 > $4
|
R$* < @ $* @@ $=w . > $* $: $1 < @ $3 > $4
|
||||||
R$* < @ $* @@ $* > $* $: $1 < @ $2 > $4')
|
R$* < @ $* @@ $* > $* $: $1 < @ $2 > $4')
|
||||||
|
|
||||||
ifdef(`_BLACKLIST_RCPT_',`dnl
|
ifdef(`_BLOCKLIST_RCPT_',`dnl
|
||||||
ifdef(`_ACCESS_TABLE_', `dnl
|
ifdef(`_ACCESS_TABLE_', `dnl
|
||||||
# blacklist local users or any host from receiving mail
|
# blocklist local users or any host from receiving mail
|
||||||
R$* $: <?> $1
|
R$* $: <?> $1
|
||||||
dnl user is now tagged with @ to be consistent with check_mail
|
dnl user is now tagged with @ to be consistent with check_mail
|
||||||
dnl and to distinguish users from hosts (com would be host, com@ would be user)
|
dnl and to distinguish users from hosts (com would be host, com@ would be user)
|
||||||
@ -2143,7 +2155,7 @@ R<QUARANTINE:$+> $* $#error $@ quarantine $: $1
|
|||||||
dnl error tag
|
dnl error tag
|
||||||
R<ERROR:$-.$-.$-:$+> $* $#error $@ $1.$2.$3 $: $4
|
R<ERROR:$-.$-.$-:$+> $* $#error $@ $1.$2.$3 $: $4
|
||||||
R<ERROR:$+> $* $#error $: $1
|
R<ERROR:$+> $* $#error $: $1
|
||||||
ifdef(`_ATMPF_', `R<_ATMPF_> $* $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
|
ifdef(`_ATMPF_', `R<_ATMPF_> $* $#error $@ 4.3.0 $: _TMPFMSG_(`ROK1')', `dnl')
|
||||||
dnl generic error from access map
|
dnl generic error from access map
|
||||||
R<$+> $* $#error $: $1 error from access db
|
R<$+> $* $#error $: $1 error from access db
|
||||||
R@ $* $1 remove mark', `dnl')', `dnl')
|
R@ $* $1 remove mark', `dnl')', `dnl')
|
||||||
@ -2198,7 +2210,7 @@ R$+ < @ $+ > $| $* $: <$3> <$1 <@ $2>>',
|
|||||||
ifdef(`_ACCESS_TABLE_', `dnl
|
ifdef(`_ACCESS_TABLE_', `dnl
|
||||||
dnl workspace: <Result-of-lookup | ?> <localpart<@domain>>
|
dnl workspace: <Result-of-lookup | ?> <localpart<@domain>>
|
||||||
R<RELAY> $* $@ RELAY
|
R<RELAY> $* $@ RELAY
|
||||||
ifdef(`_ATMPF_', `R<$* _ATMPF_> $* $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
|
ifdef(`_ATMPF_', `R<$* _ATMPF_> $* $#TEMP $@ 4.3.0 $: _TMPFMSG_(`ROK2')', `dnl')
|
||||||
R<$*> <$*> $: $2',`dnl')
|
R<$*> <$*> $: $2',`dnl')
|
||||||
|
|
||||||
|
|
||||||
@ -2268,7 +2280,7 @@ dnl Connect:My.Host.Domain RELAY
|
|||||||
dnl Connect:My.Net REJECT
|
dnl Connect:My.Net REJECT
|
||||||
dnl since in check_relay client_name is checked before client_addr
|
dnl since in check_relay client_name is checked before client_addr
|
||||||
R<REJECT> $* $@ REJECT rejected IP address')
|
R<REJECT> $* $@ REJECT rejected IP address')
|
||||||
ifdef(`_ATMPF_', `R<_ATMPF_> $* $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
|
ifdef(`_ATMPF_', `R<_ATMPF_> $* $#TEMP $@ 4.3.0 $: _TMPFMSG_(`YOK1')', `dnl')
|
||||||
R<$*> <$*> $: $2', `dnl')
|
R<$*> <$*> $: $2', `dnl')
|
||||||
R$* $: [ $1 ] put brackets around it...
|
R$* $: [ $1 ] put brackets around it...
|
||||||
R$=w $@ RELAY ... and see if it is local
|
R$=w $@ RELAY ... and see if it is local
|
||||||
@ -2287,7 +2299,7 @@ R<?> $+ < @ $=w > $@ RELAY FROM local', `dnl')
|
|||||||
ifdef(`_RELAY_DB_FROM_', `dnl
|
ifdef(`_RELAY_DB_FROM_', `dnl
|
||||||
R<?> $+ < @ $+ > $: <@> $>SearchList <! From> $| <F:$1@$2> ifdef(`_RELAY_DB_FROM_DOMAIN_', ifdef(`_RELAY_HOSTS_ONLY_', `<E:$2>', `<D:$2>')) <>
|
R<?> $+ < @ $+ > $: <@> $>SearchList <! From> $| <F:$1@$2> ifdef(`_RELAY_DB_FROM_DOMAIN_', ifdef(`_RELAY_HOSTS_ONLY_', `<E:$2>', `<D:$2>')) <>
|
||||||
R<@> <RELAY> $@ RELAY RELAY FROM sender ok
|
R<@> <RELAY> $@ RELAY RELAY FROM sender ok
|
||||||
ifdef(`_ATMPF_', `R<@> <_ATMPF_> $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
|
ifdef(`_ATMPF_', `R<@> <_ATMPF_> $#TEMP $@ 4.3.0 $: _TMPFMSG_(`YOK2')', `dnl')
|
||||||
', `dnl
|
', `dnl
|
||||||
ifdef(`_RELAY_DB_FROM_DOMAIN_',
|
ifdef(`_RELAY_DB_FROM_DOMAIN_',
|
||||||
`errprint(`*** ERROR: _RELAY_DB_FROM_DOMAIN_ requires _RELAY_DB_FROM_
|
`errprint(`*** ERROR: _RELAY_DB_FROM_DOMAIN_ requires _RELAY_DB_FROM_
|
||||||
@ -2331,7 +2343,7 @@ ifdef(`_ACCESS_TABLE_', `dnl
|
|||||||
R<?> $* $: $>D <$1> <?> <+ Connect> <$1>',`dnl')')
|
R<?> $* $: $>D <$1> <?> <+ Connect> <$1>',`dnl')')
|
||||||
ifdef(`_ACCESS_TABLE_', `dnl
|
ifdef(`_ACCESS_TABLE_', `dnl
|
||||||
R<RELAY> $* $@ RELAY
|
R<RELAY> $* $@ RELAY
|
||||||
ifdef(`_ATMPF_', `R<$* _ATMPF_> $* $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
|
ifdef(`_ATMPF_', `R<$* _ATMPF_> $* $#TEMP $@ 4.3.0 $: _TMPFMSG_(`YOK3')', `dnl')
|
||||||
R<$*> <$*> $: $2',`dnl')
|
R<$*> <$*> $: $2',`dnl')
|
||||||
dnl end of _PROMISCUOUS_RELAY_
|
dnl end of _PROMISCUOUS_RELAY_
|
||||||
divert(0)
|
divert(0)
|
||||||
@ -2384,7 +2396,7 @@ ifdef(`_ACCESS_TABLE_', `',
|
|||||||
`errprint(`*** ERROR: FEATURE(`delay_checks', `argument') requires FEATURE(`access_db')
|
`errprint(`*** ERROR: FEATURE(`delay_checks', `argument') requires FEATURE(`access_db')
|
||||||
')')dnl
|
')')dnl
|
||||||
dnl one of the next two rules is supposed to match
|
dnl one of the next two rules is supposed to match
|
||||||
dnl this code has been copied from BLACKLIST... etc
|
dnl this code has been copied from BLOCKLIST... etc
|
||||||
dnl and simplified by omitting some < >.
|
dnl and simplified by omitting some < >.
|
||||||
R<?> $+ < @ $=w > $: <> $1 < @ $2 > $| <F: $1@$2 > <D: $2 > <U: $1@>
|
R<?> $+ < @ $=w > $: <> $1 < @ $2 > $| <F: $1@$2 > <D: $2 > <U: $1@>
|
||||||
R<?> $+ < @ $* > $: <> $1 < @ $2 > $| <F: $1@$2 > <D: $2 >
|
R<?> $+ < @ $* > $: <> $1 < @ $2 > $| <F: $1@$2 > <D: $2 >
|
||||||
@ -2688,7 +2700,7 @@ R<?>$* $: $>A <$&{server_addr}> <?> <! TLS_TRY_TAG> <>
|
|||||||
R<?>$* $: <$(access TLS_TRY_TAG`'_TAG_DELIM_ $: ? $)>
|
R<?>$* $: <$(access TLS_TRY_TAG`'_TAG_DELIM_ $: ? $)>
|
||||||
R<?>$* $@ OK
|
R<?>$* $@ OK
|
||||||
ifdef(`_ATMPF_', `dnl tempfail?
|
ifdef(`_ATMPF_', `dnl tempfail?
|
||||||
R<$* _ATMPF_>$* $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
|
R<$* _ATMPF_>$* $#error $@ 4.3.0 $: _TMPFMSG_(`TT')', `dnl')
|
||||||
R<NO>$* $#error $@ 5.7.1 $: "550 do not try TLS with " $&{server_name} " ["$&{server_addr}"]"')
|
R<NO>$* $#error $@ 5.7.1 $: "550 do not try TLS with " $&{server_name} " ["$&{server_addr}"]"')
|
||||||
|
|
||||||
######################################################################
|
######################################################################
|
||||||
@ -2721,7 +2733,7 @@ R$* $| $+ $: $1 $| $>SearchList <! TLS_RCPT_TAG> $| $2 <>
|
|||||||
dnl found nothing: stop here
|
dnl found nothing: stop here
|
||||||
R$* $| <?> $@ OK
|
R$* $| <?> $@ OK
|
||||||
ifdef(`_ATMPF_', `dnl tempfail?
|
ifdef(`_ATMPF_', `dnl tempfail?
|
||||||
R$* $| <$* _ATMPF_> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
|
R$* $| <$* _ATMPF_> $#error $@ 4.3.0 $: _TMPFMSG_(`TR')', `dnl')
|
||||||
dnl use the generic routine (for now)
|
dnl use the generic routine (for now)
|
||||||
R$* $| <$+> $@ $>"TLS_connection" $&{verify} $| <$2>')
|
R$* $| <$+> $@ $>"TLS_connection" $&{verify} $| <$2>')
|
||||||
|
|
||||||
@ -2751,7 +2763,7 @@ R$* $| <?>$* $: $1 $| $>A <$&{client_addr}> <?> <! TLS_CLT_TAG> <>
|
|||||||
dnl do a default lookup: just TLS_CLT_TAG
|
dnl do a default lookup: just TLS_CLT_TAG
|
||||||
R$* $| <?>$* $: $1 $| <$(access TLS_CLT_TAG`'_TAG_DELIM_ $: ? $)>
|
R$* $| <?>$* $: $1 $| <$(access TLS_CLT_TAG`'_TAG_DELIM_ $: ? $)>
|
||||||
ifdef(`_ATMPF_', `dnl tempfail?
|
ifdef(`_ATMPF_', `dnl tempfail?
|
||||||
R$* $| <$* _ATMPF_> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
|
R$* $| <$* _ATMPF_> $#error $@ 4.3.0 $: _TMPFMSG_(`TC')', `dnl')
|
||||||
R$* $@ $>"TLS_connection" $1', `dnl
|
R$* $@ $>"TLS_connection" $1', `dnl
|
||||||
R$* $| $* $@ $>"TLS_connection" $1')
|
R$* $| $* $@ $>"TLS_connection" $1')
|
||||||
|
|
||||||
@ -2769,6 +2781,8 @@ ifdef(`_LOCAL_TLS_SERVER_', `dnl
|
|||||||
R$* $: $1 $| $>"Local_tls_server" $1
|
R$* $: $1 $| $>"Local_tls_server" $1
|
||||||
R$* $| $#$* $#$2
|
R$* $| $#$* $#$2
|
||||||
R$* $| $* $: $1', `dnl')
|
R$* $| $* $: $1', `dnl')
|
||||||
|
ifdef(`_TLS_FAILURES_',`dnl
|
||||||
|
R$* $: $(macro {saved_verify} $@ $1 $) $1')
|
||||||
ifdef(`_ACCESS_TABLE_', `dnl
|
ifdef(`_ACCESS_TABLE_', `dnl
|
||||||
dnl store name of other side
|
dnl store name of other side
|
||||||
R$* $: $(macro {TLS_Name} $@ $&{server_name} $) $1
|
R$* $: $(macro {TLS_Name} $@ $&{server_name} $) $1
|
||||||
@ -2777,7 +2791,7 @@ R$* $| <?>$* $: $1 $| $>A <$&{server_addr}> <?> <! TLS_SRV_TAG> <>
|
|||||||
dnl do a default lookup: just TLS_SRV_TAG
|
dnl do a default lookup: just TLS_SRV_TAG
|
||||||
R$* $| <?>$* $: $1 $| <$(access TLS_SRV_TAG`'_TAG_DELIM_ $: ? $)>
|
R$* $| <?>$* $: $1 $| <$(access TLS_SRV_TAG`'_TAG_DELIM_ $: ? $)>
|
||||||
ifdef(`_ATMPF_', `dnl tempfail?
|
ifdef(`_ATMPF_', `dnl tempfail?
|
||||||
R$* $| <$* _ATMPF_> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
|
R$* $| <$* _ATMPF_> $#error $@ 4.3.0 $: _TMPFMSG_(`TS')', `dnl')
|
||||||
R$* $@ $>"TLS_connection" $1', `dnl
|
R$* $@ $>"TLS_connection" $1', `dnl
|
||||||
R$* $@ $>"TLS_connection" $1')
|
R$* $@ $>"TLS_connection" $1')
|
||||||
|
|
||||||
@ -2798,6 +2812,7 @@ STLS_connection
|
|||||||
ifdef(`_ACCESS_TABLE_', `dnl', `dnl use default error
|
ifdef(`_ACCESS_TABLE_', `dnl', `dnl use default error
|
||||||
dnl deal with TLS handshake failures: abort
|
dnl deal with TLS handshake failures: abort
|
||||||
RSOFTWARE $#error $@ ifdef(`TLS_PERM_ERR', `5.7.0', `4.7.0') $: "ifdef(`TLS_PERM_ERR', `503', `403') TLS handshake."
|
RSOFTWARE $#error $@ ifdef(`TLS_PERM_ERR', `5.7.0', `4.7.0') $: "ifdef(`TLS_PERM_ERR', `503', `403') TLS handshake."
|
||||||
|
RDANE_FAIL $#error $@ ifdef(`TLS_PERM_ERR', `5.7.0', `4.7.0') $: "ifdef(`TLS_PERM_ERR', `503', `403') DANE check failed."
|
||||||
divert(-1)')
|
divert(-1)')
|
||||||
dnl common ruleset for tls_{client|server}
|
dnl common ruleset for tls_{client|server}
|
||||||
dnl input: ${verify} $| <ResultOfLookup> [<>]
|
dnl input: ${verify} $| <ResultOfLookup> [<>]
|
||||||
@ -2813,14 +2828,19 @@ R$* $| <$={Tls} $*> $: $1 $| <ifdef(`TLS_PERM_ERR', `503:5.7.0', `403:4.7.0')>
|
|||||||
dnl workspace: ${verify} $| [<SMTP:ESC>] <ResultOfLookup>
|
dnl workspace: ${verify} $| [<SMTP:ESC>] <ResultOfLookup>
|
||||||
# deal with TLS handshake failures: abort
|
# deal with TLS handshake failures: abort
|
||||||
RSOFTWARE $| <$-:$+> $* $#error $@ $2 $: $1 " TLS handshake failed."
|
RSOFTWARE $| <$-:$+> $* $#error $@ $2 $: $1 " TLS handshake failed."
|
||||||
dnl no <reply:dns> i.e. not requirements in the access map
|
dnl no <reply:dns> i.e. no requirements in the access map
|
||||||
dnl use default error
|
dnl use default error
|
||||||
RSOFTWARE $| $* $#error $@ ifdef(`TLS_PERM_ERR', `5.7.0', `4.7.0') $: "ifdef(`TLS_PERM_ERR', `503', `403') TLS handshake failed."
|
RSOFTWARE $| $* $#error $@ ifdef(`TLS_PERM_ERR', `5.7.0', `4.7.0') $: "ifdef(`TLS_PERM_ERR', `503', `403') TLS handshake failed."
|
||||||
# deal with TLS protocol errors: abort
|
# deal with TLS protocol errors: abort
|
||||||
RPROTOCOL $| <$-:$+> $* $#error $@ $2 $: $1 " STARTTLS failed."
|
RPROTOCOL $| <$-:$+> $* $#error $@ $2 $: $1 " STARTTLS failed."
|
||||||
dnl no <reply:dns> i.e. not requirements in the access map
|
dnl no <reply:dns> i.e. no requirements in the access map
|
||||||
dnl use default error
|
dnl use default error
|
||||||
RPROTOCOL $| $* $#error $@ ifdef(`TLS_PERM_ERR', `5.7.0', `4.7.0') $: "ifdef(`TLS_PERM_ERR', `503', `403') STARTTLS failed."
|
RPROTOCOL $| $* $#error $@ ifdef(`TLS_PERM_ERR', `5.7.0', `4.7.0') $: "ifdef(`TLS_PERM_ERR', `503', `403') STARTTLS failed."
|
||||||
|
# deal with DANE errors: abort
|
||||||
|
RDANE_FAIL $| <$-:$+> $* $#error $@ $2 $: $1 " DANE check failed."
|
||||||
|
dnl no <reply:dns> i.e. no requirements in the access map
|
||||||
|
dnl use default error
|
||||||
|
RDANE_FAIL $| $* $#error $@ ifdef(`TLS_PERM_ERR', `5.7.0', `4.7.0') $: "ifdef(`TLS_PERM_ERR', `503', `403') DANE check failed."
|
||||||
R$* $| <$*> <VERIFY> $: <$2> <VERIFY> <> $1
|
R$* $| <$*> <VERIFY> $: <$2> <VERIFY> <> $1
|
||||||
dnl separate optional requirements
|
dnl separate optional requirements
|
||||||
R$* $| <$*> <VERIFY + $+> $: <$2> <VERIFY> <$3> $1
|
R$* $| <$*> <VERIFY + $+> $: <$2> <VERIFY> <$3> $1
|
||||||
@ -2834,16 +2854,16 @@ R$* $| $* $@ OK
|
|||||||
# other side did authenticate (via STARTTLS)
|
# other side did authenticate (via STARTTLS)
|
||||||
dnl workspace: <SMTP:ESC> <{VERIFY,ENCR}[:BITS]> <[extensions]> ${verify}
|
dnl workspace: <SMTP:ESC> <{VERIFY,ENCR}[:BITS]> <[extensions]> ${verify}
|
||||||
dnl only verification required and it succeeded
|
dnl only verification required and it succeeded
|
||||||
R<$*><VERIFY> <> OK $@ OK
|
R<$*><VERIFY> <> $={TlsVerified} $@ OK
|
||||||
dnl verification required and it succeeded but extensions are given
|
dnl verification required and it succeeded but extensions are given
|
||||||
dnl change it to <SMTP:ESC> <REQ:0> <extensions>
|
dnl change it to <SMTP:ESC> <REQ:0> <extensions>
|
||||||
R<$*><VERIFY> <$+> OK $: <$1> <REQ:0> <$2>
|
R<$*><VERIFY> <$+> $={TlsVerified} $: <$1> <REQ:0> <$2>
|
||||||
dnl verification required + some level of encryption
|
dnl verification required + some level of encryption
|
||||||
R<$*><VERIFY:$-> <$*> OK $: <$1> <REQ:$2> <$3>
|
R<$*><VERIFY:$-> <$*> $={TlsVerified} $: <$1> <REQ:$2> <$3>
|
||||||
dnl just some level of encryption required
|
dnl just some level of encryption required
|
||||||
R<$*><ENCR:$-> <$*> $* $: <$1> <REQ:$2> <$3>
|
R<$*><ENCR:$-> <$*> $* $: <$1> <REQ:$2> <$3>
|
||||||
dnl workspace:
|
dnl workspace:
|
||||||
dnl 1. <SMTP:ESC> <VERIFY [:bits]> <[extensions]> {verify} (!= OK)
|
dnl 1. <SMTP:ESC> <VERIFY [:bits]> <[extensions]> {verify} (!~ $={TlsVerified})
|
||||||
dnl 2. <SMTP:ESC> <REQ:bits> <[extensions]>
|
dnl 2. <SMTP:ESC> <REQ:bits> <[extensions]>
|
||||||
dnl verification required but ${verify} is not set (case 1.)
|
dnl verification required but ${verify} is not set (case 1.)
|
||||||
R<$-:$+><VERIFY $*> <$*> $#error $@ $2 $: $1 " authentication required"
|
R<$-:$+><VERIFY $*> <$*> $#error $@ $2 $: $1 " authentication required"
|
||||||
@ -2851,6 +2871,7 @@ R<$-:$+><VERIFY $*> <$*> FAIL $#error $@ $2 $: $1 " authentication failed"
|
|||||||
R<$-:$+><VERIFY $*> <$*> NO $#error $@ $2 $: $1 " not authenticated"
|
R<$-:$+><VERIFY $*> <$*> NO $#error $@ $2 $: $1 " not authenticated"
|
||||||
R<$-:$+><VERIFY $*> <$*> NOT $#error $@ $2 $: $1 " no authentication requested"
|
R<$-:$+><VERIFY $*> <$*> NOT $#error $@ $2 $: $1 " no authentication requested"
|
||||||
R<$-:$+><VERIFY $*> <$*> NONE $#error $@ $2 $: $1 " other side does not support STARTTLS"
|
R<$-:$+><VERIFY $*> <$*> NONE $#error $@ $2 $: $1 " other side does not support STARTTLS"
|
||||||
|
R<$-:$+><VERIFY $*> <$*> CLEAR $#error $@ $2 $: $1 " STARTTLS disabled locally"
|
||||||
dnl some other value for ${verify}
|
dnl some other value for ${verify}
|
||||||
R<$-:$+><VERIFY $*> <$*> $+ $#error $@ $2 $: $1 " authentication failure " $4
|
R<$-:$+><VERIFY $*> <$*> $+ $#error $@ $2 $: $1 " authentication failure " $4
|
||||||
dnl some level of encryption required: get the maximum level (case 2.)
|
dnl some level of encryption required: get the maximum level (case 2.)
|
||||||
@ -2884,7 +2905,6 @@ R<$-:$+> $+ $@ $>"TLS_req" $3 $| <$1:$2>
|
|||||||
dnl further requirements for this ruleset:
|
dnl further requirements for this ruleset:
|
||||||
dnl name of "other side" is stored is {TLS_name} (client/server_name)
|
dnl name of "other side" is stored is {TLS_name} (client/server_name)
|
||||||
dnl
|
dnl
|
||||||
dnl currently only CN[:common_name] is implemented
|
|
||||||
dnl right now this is only a logical AND
|
dnl right now this is only a logical AND
|
||||||
dnl i.e. all requirements must be true
|
dnl i.e. all requirements must be true
|
||||||
dnl how about an OR? CN must be X or CN must be Y or ..
|
dnl how about an OR? CN must be X or CN must be Y or ..
|
||||||
@ -2896,6 +2916,11 @@ dnl no additional requirements: ok
|
|||||||
R $| $+ $@ OK
|
R $| $+ $@ OK
|
||||||
dnl require CN: but no CN specified: use name of other side
|
dnl require CN: but no CN specified: use name of other side
|
||||||
R<CN> $* $| <$+> $: <CN:$&{TLS_Name}> $1 $| <$2>
|
R<CN> $* $| <$+> $: <CN:$&{TLS_Name}> $1 $| <$2>
|
||||||
|
ifdef(`_FFR_TLS_ALTNAMES', `dnl
|
||||||
|
R<CN:$={cert_altnames}> $* $| <$+> $@ $>"TLS_req" $2 $| <$3>
|
||||||
|
R<CN:$-.$+> $* $| <$+> $: <CN:*.$2> $3 $| <$4>
|
||||||
|
R<CN:$={cert_altnames}> $* $| <$+> $@ $>"TLS_req" $3 $| <$3>
|
||||||
|
R<CN:$*> $* $| <$+> $: <CN:$&{TLS_Name}> $2 $| <$3>', `dnl')
|
||||||
dnl match, check rest
|
dnl match, check rest
|
||||||
R<CN:$&{cn_subject}> $* $| <$+> $@ $>"TLS_req" $1 $| <$2>
|
R<CN:$&{cn_subject}> $* $| <$+> $@ $>"TLS_req" $1 $| <$2>
|
||||||
dnl CN does not match
|
dnl CN does not match
|
||||||
@ -2911,6 +2936,10 @@ R<CI:$&{cert_issuer}> $* $| <$+> $@ $>"TLS_req" $1 $| <$2>
|
|||||||
dnl CI does not match
|
dnl CI does not match
|
||||||
dnl 1 2 3 4
|
dnl 1 2 3 4
|
||||||
R<CI:$+> $* $| <$-:$+> $#error $@ $4 $: $3 " Cert Issuer " $&{cert_issuer} " does not match " $1
|
R<CI:$+> $* $| <$-:$+> $#error $@ $4 $: $3 " Cert Issuer " $&{cert_issuer} " does not match " $1
|
||||||
|
dnl
|
||||||
|
R<CITag:$-> $* $| <$+> $: <$(access $1:$&{cert_issuer} $: ? $)> $2 $| <$3>
|
||||||
|
R<?> $* $| <$-:$+> $#error $@ $3 $: $2 " Cert Issuer " $&{cert_issuer} " not acceptable"
|
||||||
|
R<OK> $* $| <$+> $@ $>"TLS_req" $1 $| <$2>
|
||||||
dnl return from recursive call
|
dnl return from recursive call
|
||||||
ROK $@ OK
|
ROK $@ OK
|
||||||
|
|
||||||
@ -2970,7 +2999,7 @@ dnl if it returns SUBJECT we perform a similar check on the
|
|||||||
dnl cert subject.
|
dnl cert subject.
|
||||||
ifdef(`_ACCESS_TABLE_', `dnl
|
ifdef(`_ACCESS_TABLE_', `dnl
|
||||||
R$* $: <?> $&{verify}
|
R$* $: <?> $&{verify}
|
||||||
R<?> OK $: OK authenticated: continue
|
R<?> $={TlsVerified} $: OK authenticated: continue
|
||||||
R<?> $* $@ NO not authenticated
|
R<?> $* $@ NO not authenticated
|
||||||
ifdef(`_CERT_REGEX_ISSUER_', `dnl
|
ifdef(`_CERT_REGEX_ISSUER_', `dnl
|
||||||
R$* $: $(CERTIssuer $&{cert_issuer} $)',
|
R$* $: $(CERTIssuer $&{cert_issuer} $)',
|
||||||
@ -3029,7 +3058,7 @@ R$+ $: $>SearchList <! ClientRate> $| $1 <>
|
|||||||
dnl found nothing: stop here
|
dnl found nothing: stop here
|
||||||
R<?> $@ OK
|
R<?> $@ OK
|
||||||
ifdef(`_ATMPF_', `dnl tempfail?
|
ifdef(`_ATMPF_', `dnl tempfail?
|
||||||
R<$* _ATMPF_> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
|
R<$* _ATMPF_> $#error $@ 4.3.0 $: _TMPFMSG_(`RC')', `dnl')
|
||||||
dnl use the generic routine (for now)
|
dnl use the generic routine (for now)
|
||||||
R<0> $@ OK no limit
|
R<0> $@ OK no limit
|
||||||
R<$+> $: <$1> $| $(arith l $@ $1 $@ $&{client_rate} $)
|
R<$+> $: <$1> $| $(arith l $@ $1 $@ $&{client_rate} $)
|
||||||
@ -3051,7 +3080,7 @@ R$+ $: $>SearchList <! ClientConn> $| $1 <>
|
|||||||
dnl found nothing: stop here
|
dnl found nothing: stop here
|
||||||
R<?> $@ OK
|
R<?> $@ OK
|
||||||
ifdef(`_ATMPF_', `dnl tempfail?
|
ifdef(`_ATMPF_', `dnl tempfail?
|
||||||
R<$* _ATMPF_> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."', `dnl')
|
R<$* _ATMPF_> $#error $@ 4.3.0 $: _TMPFMSG_(`CC')', `dnl')
|
||||||
dnl use the generic routine (for now)
|
dnl use the generic routine (for now)
|
||||||
R<0> $@ OK no limit
|
R<0> $@ OK no limit
|
||||||
R<$+> $: <$1> $| $(arith l $@ $1 $@ $&{client_connections} $)
|
R<$+> $: <$1> $| $(arith l $@ $1 $@ $&{client_connections} $)
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
divert(-1)
|
divert(-1)
|
||||||
#
|
#
|
||||||
# Copyright (c) 1998-2015 Proofpoint, Inc. and its suppliers.
|
# Copyright (c) 1998-2016 Proofpoint, Inc. and its suppliers.
|
||||||
# All rights reserved.
|
# All rights reserved.
|
||||||
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
|
# Copyright (c) 1983 Eric P. Allman. All rights reserved.
|
||||||
# Copyright (c) 1988, 1993
|
# Copyright (c) 1988, 1993
|
||||||
@ -15,4 +15,4 @@ VERSIONID(`$Id: version.m4,v 8.237 2014-01-27 12:55:17 ca Exp $')
|
|||||||
#
|
#
|
||||||
divert(0)
|
divert(0)
|
||||||
# Configuration version number
|
# Configuration version number
|
||||||
DZ8.15.2`'ifdef(`confCF_VERSION', `/confCF_VERSION')
|
DZ8.16.1`'ifdef(`confCF_VERSION', `/confCF_VERSION')
|
||||||
|
@ -23,5 +23,5 @@ ifdef(`LOCAL_SHELL_PATH',, `define(`LOCAL_SHELL_PATH', /usr/bin/sh)')dnl
|
|||||||
ifdef(`UUCP_MAILER_ARGS',, `define(`UUCP_MAILER_ARGS', `uux - -r -a$g -gC $h!rmail ($u)')')dnl
|
ifdef(`UUCP_MAILER_ARGS',, `define(`UUCP_MAILER_ARGS', `uux - -r -a$g -gC $h!rmail ($u)')')dnl
|
||||||
define(`confTIME_ZONE', `USE_TZ')dnl
|
define(`confTIME_ZONE', `USE_TZ')dnl
|
||||||
dnl
|
dnl
|
||||||
dnl For maximum compability with HP-UX, use:
|
dnl For maximum compatibility with HP-UX, use:
|
||||||
dnl define(`confME_TOO', True)dnl
|
dnl define(`confME_TOO', True)dnl
|
||||||
|
@ -23,5 +23,5 @@ ifdef(`UUCP_MAILER_ARGS',, `define(`UUCP_MAILER_ARGS', `uux - -r -a$g -gC $h!rma
|
|||||||
define(`confTIME_ZONE', `USE_TZ')dnl
|
define(`confTIME_ZONE', `USE_TZ')dnl
|
||||||
define(`confEBINDIR', `/usr/lib')dnl
|
define(`confEBINDIR', `/usr/lib')dnl
|
||||||
dnl
|
dnl
|
||||||
dnl For maximum compability with HP-UX, use:
|
dnl For maximum compatibility with HP-UX, use:
|
||||||
dnl define(`confME_TOO', True)dnl
|
dnl define(`confME_TOO', True)dnl
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
#!/usr/bin/perl -w
|
#!/usr/bin/perl -w
|
||||||
|
#
|
||||||
# $Id: cidrexpand,v 8.8 2006-08-07 17:18:37 ca Exp $
|
# usage:
|
||||||
|
# cidrexpand < /etc/mail/access | makemap -r hash /etc/mail/access
|
||||||
#
|
#
|
||||||
# v 0.4
|
# v 0.4
|
||||||
#
|
#
|
||||||
@ -28,7 +29,7 @@
|
|||||||
# Added clarification in the notes for what to do if you have
|
# Added clarification in the notes for what to do if you have
|
||||||
# exceptions to a larger CIDR block.
|
# exceptions to a larger CIDR block.
|
||||||
#
|
#
|
||||||
# 26 Jul 2006 Richard Rognlie (richard@sendmail.com>
|
# 26 Jul 2006 Richard Rognlie (richard@sendmail.com)
|
||||||
# Added code to strip "comments" (anything after a non-escaped #)
|
# Added code to strip "comments" (anything after a non-escaped #)
|
||||||
# # characters after a \ or within quotes (single and double) are
|
# # characters after a \ or within quotes (single and double) are
|
||||||
# left intact.
|
# left intact.
|
||||||
@ -39,37 +40,66 @@
|
|||||||
# From:1.2.3.4 550 Die spammer
|
# From:1.2.3.4 550 Die spammer
|
||||||
#
|
#
|
||||||
# 3 August 2006
|
# 3 August 2006
|
||||||
#
|
|
||||||
# Corrected a bug to have it handle the special case of "0.0.0.0/0"
|
# Corrected a bug to have it handle the special case of "0.0.0.0/0"
|
||||||
# since Net::CIDR doesn't handle it properly.
|
# since Net::CIDR doesn't handle it properly.
|
||||||
#
|
#
|
||||||
# usage:
|
# 27 April 2016
|
||||||
# cidrexpand < /etc/mail/access | makemap -r hash /etc/mail/access
|
# Corrected IPv6 handling. Note that UseCompressedIPv6Addresses must
|
||||||
|
# be turned off for this to work; there are three reasons for this:
|
||||||
|
# 1) if the MTA uses compressed IPv6 addresses then CIDR 'cuts'
|
||||||
|
# in the compressed range *cannot* be matched, as the MTA simply
|
||||||
|
# won't look for them. E.g., there's no way to accurately
|
||||||
|
# match "IPv6:fe80::/64" when for the address "IPv6:fe80::54ad"
|
||||||
|
# the MTA doesn't lookup up "IPv6:fe80:0:0:0"
|
||||||
|
# 2) cidrexpand only generates uncompressed addresses, so CIDR
|
||||||
|
# 'cuts' to the right of the compressed range won't be matched
|
||||||
|
# either. Why doesn't it generate compressed address output?
|
||||||
|
# Oh, because:
|
||||||
|
# 3) compressed addresses are ambiguous when colon-groups are
|
||||||
|
# chopped off! You want an access map entry for
|
||||||
|
# IPv6:fe80::0:5420
|
||||||
|
# but not for
|
||||||
|
# IPv6:fe80::5420:1234
|
||||||
|
# ? Sorry, the former is really
|
||||||
|
# IPv6:fe80::5420
|
||||||
|
# which will also match the latter!
|
||||||
#
|
#
|
||||||
|
# 25 July 2016
|
||||||
|
# Since cidrexpand already requires UseCompressedIPv6Addresses to be
|
||||||
|
# turned off, it can also canonicalize non-CIDR IPv6 addresses to the
|
||||||
|
# format that sendmail looks up, expanding compressed addresses and
|
||||||
|
# trimming superfluous leading zeros.
|
||||||
#
|
#
|
||||||
# Report bugs to: <dredd@megacity.org>
|
# Report bugs to: <dredd@megacity.org>
|
||||||
#
|
#
|
||||||
|
|
||||||
|
|
||||||
use strict;
|
use strict;
|
||||||
use Net::CIDR;
|
use Net::CIDR qw(cidr2octets cidrvalidate);
|
||||||
use Getopt::Std;
|
use Getopt::Std;
|
||||||
|
|
||||||
our ($opt_c,$opt_t);
|
sub print_expanded_v4network;
|
||||||
getopts('ct:');
|
sub print_expanded_v6network;
|
||||||
|
|
||||||
my $spaceregex = '\s+';
|
our %opts;
|
||||||
if ($opt_t)
|
getopts('ct:', \%opts);
|
||||||
{
|
|
||||||
$spaceregex = $opt_t;
|
# Delimiter between the key and value
|
||||||
}
|
my $space_re = exists $opts{t} ? $opts{t} : '\s+';
|
||||||
|
|
||||||
|
# Regexp that matches IPv4 address literals
|
||||||
|
my $ipv4_re = qr"(?:\d+\.){3}\d+";
|
||||||
|
|
||||||
|
# Regexp that matches IPv6 address literals, plus a lot more.
|
||||||
|
# Further checks are required for verifying that it's really one
|
||||||
|
my $ipv6_re = qr"[0-9A-Fa-f:]{2,39}(?:\.\d+\.\d+\.\d+)?";
|
||||||
|
|
||||||
while (<>)
|
while (<>)
|
||||||
{
|
{
|
||||||
chomp;
|
chomp;
|
||||||
my ($prefix,$left,$right,$space);
|
my ($prefix, $network, $len, $right);
|
||||||
|
|
||||||
if ( (/\#/) && $opt_c )
|
if ( (/\#/) && $opts{c} )
|
||||||
{
|
{
|
||||||
# print "checking...\n";
|
# print "checking...\n";
|
||||||
my $i;
|
my $i;
|
||||||
@ -98,41 +128,54 @@ while (<>)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (! /^(|\S\S*:)(\d+\.){3}\d+\/\d\d?$spaceregex.*/ )
|
if (($prefix, $network, $len, $right) =
|
||||||
|
m!^(|\S+:)(${ipv4_re})/(\d+)(${space_re}.*)$!)
|
||||||
{
|
{
|
||||||
print "$_\n";
|
print_expanded_v4network($network, $len, $prefix, $right);
|
||||||
|
}
|
||||||
|
elsif ((($prefix, $network, $len, $right) =
|
||||||
|
m!^((?:\S+:)?[Ii][Pp][Vv]6:)(${ipv6_re})(?:/(\d+))?(${space_re}.*)$!) &&
|
||||||
|
(!defined($len) || $len <= 128) &&
|
||||||
|
defined(cidrvalidate($network)))
|
||||||
|
{
|
||||||
|
print_expanded_v6network($network, $len // 128, $prefix, $right);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
($prefix,$left,$space,$right) =
|
print "$_\n";
|
||||||
/^(|\S\S*:)((?:\d+\.){3}\d+\/\d\d?)($spaceregex)(.*)$/;
|
|
||||||
|
|
||||||
my @new_lefts = expand_network($left);
|
|
||||||
foreach my $nl (@new_lefts)
|
|
||||||
{
|
|
||||||
print "$prefix$nl$space$right\n";
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
sub expand_network
|
sub print_expanded_v4network
|
||||||
{
|
{
|
||||||
my $left_input = shift;
|
my ($network, $len, $prefix, $suffix) = @_;
|
||||||
my @rc = ($left_input);
|
|
||||||
my ($network,$mask) = split /\//, $left_input;
|
|
||||||
if (defined $mask)
|
|
||||||
{
|
|
||||||
return (0..255) if $mask == 0;
|
|
||||||
|
|
||||||
my @parts = split /\./, $network;
|
# cidr2octets() doesn't handle a prefix-length of zero, so do
|
||||||
while ($#parts < 3)
|
# that ourselves
|
||||||
{
|
foreach my $nl ($len == 0 ? (0..255) : cidr2octets("$network/$len"))
|
||||||
push @parts, "0";
|
{
|
||||||
}
|
print "$prefix$nl$suffix\n";
|
||||||
my $clean_input = join '.', @parts;
|
}
|
||||||
$clean_input .= "/$mask";
|
}
|
||||||
my @octets = Net::CIDR::cidr2octets($clean_input);
|
|
||||||
@rc = @octets;
|
sub print_expanded_v6network
|
||||||
|
{
|
||||||
|
my ($network, $len, $prefix, $suffix) = @_;
|
||||||
|
|
||||||
|
# cidr2octets() doesn't handle a prefix-length of zero, so do
|
||||||
|
# that ourselves. Easiest is to just recurse on bottom and top
|
||||||
|
# halves with a length of 1
|
||||||
|
if ($len == 0) {
|
||||||
|
print_expanded_v6network("::", 1, $prefix, $suffix);
|
||||||
|
print_expanded_v6network("8000::", 1, $prefix, $suffix);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
foreach my $nl (cidr2octets("$network/$len"))
|
||||||
|
{
|
||||||
|
# trim leading zeros from each group
|
||||||
|
$nl =~ s/(^|:)0+(?=[^:])/$1/g;
|
||||||
|
print "$prefix$nl$suffix\n";
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return @rc;
|
|
||||||
}
|
}
|
||||||
|
@ -24,7 +24,7 @@ dnl ## email. A tempfail-message value of `t' temporarily rejects
|
|||||||
dnl ## with a default message. Otherwise the value should be your
|
dnl ## with a default message. Otherwise the value should be your
|
||||||
dnl ## own message. The keytag is used to lookup the access map to
|
dnl ## own message. The keytag is used to lookup the access map to
|
||||||
dnl ## further refine the result. I recommend a qualified keytag
|
dnl ## further refine the result. I recommend a qualified keytag
|
||||||
dnl ## (containing a ".") as less likely to accidently conflict with
|
dnl ## (containing a ".") as less likely to accidentally conflict with
|
||||||
dnl ## other access tags.
|
dnl ## other access tags.
|
||||||
dnl ##
|
dnl ##
|
||||||
dnl ## This is best illustrated with an example. Please do not use
|
dnl ## This is best illustrated with an example. Please do not use
|
||||||
@ -66,7 +66,7 @@ ifdef(`_ACCESS_TABLE_', `dnl',
|
|||||||
ifdef(`_EDNSBL_R_',`dnl',`dnl
|
ifdef(`_EDNSBL_R_',`dnl',`dnl
|
||||||
define(`_EDNSBL_R_', `1')dnl ## prevent multiple redefines of the map.
|
define(`_EDNSBL_R_', `1')dnl ## prevent multiple redefines of the map.
|
||||||
LOCAL_CONFIG
|
LOCAL_CONFIG
|
||||||
# map for enhanced DNS based blacklist lookups
|
# map for enhanced DNS based blocklist lookups
|
||||||
Kednsbl dns -R A -a. -T<TMP> -r`'ifdef(`EDNSBL_TO',`EDNSBL_TO',`5')
|
Kednsbl dns -R A -a. -T<TMP> -r`'ifdef(`EDNSBL_TO',`EDNSBL_TO',`5')
|
||||||
')
|
')
|
||||||
divert(-1)
|
divert(-1)
|
||||||
|
@ -945,7 +945,7 @@ sub mxredirect
|
|||||||
return undef;
|
return undef;
|
||||||
}
|
}
|
||||||
# follow mx records, return a hostname
|
# follow mx records, return a hostname
|
||||||
# also follow temporary redirections comming from &domainify and
|
# also follow temporary redirections coming from &domainify and
|
||||||
# &mxlookup
|
# &mxlookup
|
||||||
sub mx
|
sub mx
|
||||||
{
|
{
|
||||||
|
@ -268,7 +268,7 @@ sed 's/^X//' << 'SHAR_EOF' > 'libs/date.pl' &&
|
|||||||
;# Fixed a couple of problems with &ls as pointed out by
|
;# Fixed a couple of problems with &ls as pointed out by
|
||||||
;# Thomas Richter (richter@ki1.chemie.fu-berlin.de), thanks Thomas!
|
;# Thomas Richter (richter@ki1.chemie.fu-berlin.de), thanks Thomas!
|
||||||
;# Also added a couple of SunOS 4.1.1 strftime-ish formats, %i and %k
|
;# Also added a couple of SunOS 4.1.1 strftime-ish formats, %i and %k
|
||||||
;# for space padded hours (` 1' to `12' and ` 0' to `23' respectivly),
|
;# for space padded hours (` 1' to `12' and ` 0' to `23' respectively),
|
||||||
;# and %C for locale long date/time format. Changed &mH to take a
|
;# and %C for locale long date/time format. Changed &mH to take a
|
||||||
;# pad char parameter to make to evaled code for %i and %k simpler.
|
;# pad char parameter to make to evaled code for %i and %k simpler.
|
||||||
;# Added %E for suffixed day-of-month (ie 1st, 3rd, 4th etc).
|
;# Added %E for suffixed day-of-month (ie 1st, 3rd, 4th etc).
|
||||||
@ -398,7 +398,7 @@ X
|
|||||||
X # watch out in 2070...
|
X # watch out in 2070...
|
||||||
X $year += ($year < 70) ? 2000 : 1900;
|
X $year += ($year < 70) ? 2000 : 1900;
|
||||||
X
|
X
|
||||||
X # now loop throught the supplied format looking for tags...
|
X # now loop through the supplied format looking for tags...
|
||||||
X while (($pos = index ($format, '%')) != -1) {
|
X while (($pos = index ($format, '%')) != -1) {
|
||||||
X
|
X
|
||||||
X # grab the format tag
|
X # grab the format tag
|
||||||
@ -471,7 +471,7 @@ sub ls {
|
|||||||
X return ((&gettime ($TZ, time))[5] == @_[0]) ? "%R" : " %Y";
|
X return ((&gettime ($TZ, time))[5] == @_[0]) ? "%R" : " %Y";
|
||||||
}
|
}
|
||||||
X
|
X
|
||||||
# pad - pad $in with leading $pad until lenght $len
|
# pad - pad $in with leading $pad until length $len
|
||||||
sub pad {
|
sub pad {
|
||||||
X local ($in, $len, $pad) = @_;
|
X local ($in, $len, $pad) = @_;
|
||||||
X local ($out) = "$in";
|
X local ($out) = "$in";
|
||||||
@ -661,7 +661,7 @@ X
|
|||||||
;# otherwise, $Status will be 0 and $Error_Msg will contain an error message.
|
;# otherwise, $Status will be 0 and $Error_Msg will contain an error message.
|
||||||
;#
|
;#
|
||||||
;# If $Use_Sendmail is 1 then sendmail is used to send the message. Normally
|
;# If $Use_Sendmail is 1 then sendmail is used to send the message. Normally
|
||||||
;# a mailer such as Mail is used. By specifiying this you can include
|
;# a mailer such as Mail is used. By specifying this you can include
|
||||||
;# headers in addition to text in either $Message or $Message_Is_File.
|
;# headers in addition to text in either $Message or $Message_Is_File.
|
||||||
;# If either $Message or $Message_Is_File contain a Subject: header then
|
;# If either $Message or $Message_Is_File contain a Subject: header then
|
||||||
;# $Subject is ignored; otherwise, a Subject: header is automatically created.
|
;# $Subject is ignored; otherwise, a Subject: header is automatically created.
|
||||||
@ -1026,15 +1026,15 @@ X
|
|||||||
;#
|
;#
|
||||||
;# Does not care about order of switches, options, and arguments like
|
;# Does not care about order of switches, options, and arguments like
|
||||||
;# getopts.pl. Thus all non-switches/options will be kept in ARGV even if they
|
;# getopts.pl. Thus all non-switches/options will be kept in ARGV even if they
|
||||||
;# are not at the end. If $Pass_Invalid is set all unkown options will be
|
;# are not at the end. If $Pass_Invalid is set all unknown options will be
|
||||||
;# passed back to the caller by keeping them in @ARGV. This is useful when
|
;# passed back to the caller by keeping them in @ARGV. This is useful when
|
||||||
;# parsing a command line for your script while ignoring options that you
|
;# parsing a command line for your script while ignoring options that you
|
||||||
;# may pass to another script. If this is set New_Getopts tries to maintain
|
;# may pass to another script. If this is set New_Getopts tries to maintain
|
||||||
;# the switch clustering on the unkown switches.
|
;# the switch clustering on the unknown switches.
|
||||||
;#
|
;#
|
||||||
;# Accepts the special argument -usage to print the Usage string. Also accepts
|
;# Accepts the special argument -usage to print the Usage string. Also accepts
|
||||||
;# the special option -version which prints the contents of the string
|
;# the special option -version which prints the contents of the string
|
||||||
;# $VERSION. $VERSION may or may not have an embeded \n in it. If -usage
|
;# $VERSION. $VERSION may or may not have an embedded \n in it. If -usage
|
||||||
;# or -version are specified a status of -1 is returned. Note that the usage
|
;# or -version are specified a status of -1 is returned. Note that the usage
|
||||||
;# option is only accepted if the usage string is not null.
|
;# option is only accepted if the usage string is not null.
|
||||||
;#
|
;#
|
||||||
@ -1048,8 +1048,8 @@ X
|
|||||||
;# $Switch_To_Order {"v"} = 1;
|
;# $Switch_To_Order {"v"} = 1;
|
||||||
;# $Switch_To_Order {"x"} = 2;
|
;# $Switch_To_Order {"x"} = 2;
|
||||||
;#
|
;#
|
||||||
;# Note that in the case of multiple occurances of an option $Switch_To_Order
|
;# Note that in the case of multiple occurrences of an option $Switch_To_Order
|
||||||
;# will store each occurance of the argument via a string that emulates
|
;# will store each occurrence of the argument via a string that emulates
|
||||||
;# an array. This is done by using join ($;, ...). You can retrieve the
|
;# an array. This is done by using join ($;, ...). You can retrieve the
|
||||||
;# array by using split (/$;/, ...).
|
;# array by using split (/$;/, ...).
|
||||||
;#
|
;#
|
||||||
@ -1062,7 +1062,7 @@ X
|
|||||||
;# Another exciting ;-) feature that newgetopts has. Along with creating the
|
;# Another exciting ;-) feature that newgetopts has. Along with creating the
|
||||||
;# normal $opt_ scalars for the last value of an argument the list @opt_ is
|
;# normal $opt_ scalars for the last value of an argument the list @opt_ is
|
||||||
;# created. It is an array which contains all the values of arguments to the
|
;# created. It is an array which contains all the values of arguments to the
|
||||||
;# basename of the variable. They are stored in the order which they occured
|
;# basename of the variable. They are stored in the order which they occurred
|
||||||
;# on the command line starting with $[. Note that blank arguments are stored
|
;# on the command line starting with $[. Note that blank arguments are stored
|
||||||
;# as "". Along with providing support for multiple options on the command
|
;# as "". Along with providing support for multiple options on the command
|
||||||
;# line this also provides a method of counting the number of times an option
|
;# line this also provides a method of counting the number of times an option
|
||||||
@ -1293,8 +1293,8 @@ X
|
|||||||
;# All other lines will be indented to match the amount of whitespace of
|
;# All other lines will be indented to match the amount of whitespace of
|
||||||
;# $Offset.
|
;# $Offset.
|
||||||
;#
|
;#
|
||||||
;# + If $Bullet_Indent is $TRUE $Offset will only be applied to the begining
|
;# + If $Bullet_Indent is $TRUE $Offset will only be applied to the beginning
|
||||||
;# of lines as they occured in the original $String. Lines that are created
|
;# of lines as they occurred in the original $String. Lines that are created
|
||||||
;# by this routine will always be indented by blank spaces.
|
;# by this routine will always be indented by blank spaces.
|
||||||
;#
|
;#
|
||||||
;# + If $Columns is 0 no word-wrap is done. This might be useful to still
|
;# + If $Columns is 0 no word-wrap is done. This might be useful to still
|
||||||
@ -1306,7 +1306,7 @@ X
|
|||||||
;# + If $Offset_Blank is $TRUE then empty lines will have $Offset pre-pended
|
;# + If $Offset_Blank is $TRUE then empty lines will have $Offset pre-pended
|
||||||
;# to them. Otherwise, they will still empty.
|
;# to them. Otherwise, they will still empty.
|
||||||
;#
|
;#
|
||||||
;# This is a realy workhorse routine that I use in many places because of its
|
;# This is a really workhorse routine that I use in many places because of its
|
||||||
;# veratility.
|
;# veratility.
|
||||||
;#
|
;#
|
||||||
;# Arguments:
|
;# Arguments:
|
||||||
@ -1668,7 +1668,7 @@ sed 's/^X//' << 'SHAR_EOF' > 'man/postclip.1' &&
|
|||||||
of the message. This keeps bounced mail private and helps to avoid disk space problems. \*(mp tries its best to keep as much of the header trail as possible.
|
of the message. This keeps bounced mail private and helps to avoid disk space problems. \*(mp tries its best to keep as much of the header trail as possible.
|
||||||
Hopefully only the original body of the message will be filtered. Only messages
|
Hopefully only the original body of the message will be filtered. Only messages
|
||||||
that have a subject that begins with 'Returned mail:' are filtered. This
|
that have a subject that begins with 'Returned mail:' are filtered. This
|
||||||
ensures that other mail is not accidently mucked with. Finally, note that
|
ensures that other mail is not accidentally mucked with. Finally, note that
|
||||||
\fBsendmail\fR is used to deliver the message after it has been (possibly)
|
\fBsendmail\fR is used to deliver the message after it has been (possibly)
|
||||||
filtered. All of the original headers will remain intact.
|
filtered. All of the original headers will remain intact.
|
||||||
.sp 1
|
.sp 1
|
||||||
|
@ -90,10 +90,9 @@ Proofpoint, Inc.
|
|||||||
.de Ve
|
.de Ve
|
||||||
Version \\$2
|
Version \\$2
|
||||||
..
|
..
|
||||||
.Ve $Revision: 8.759 $
|
|
||||||
.rm Ve
|
.rm Ve
|
||||||
.sp
|
.sp
|
||||||
For Sendmail Version 8.15
|
For Sendmail Version 8.16
|
||||||
.)l
|
.)l
|
||||||
.(f
|
.(f
|
||||||
Sendmail is a trademark of Proofpoint, Inc.
|
Sendmail is a trademark of Proofpoint, Inc.
|
||||||
@ -149,8 +148,9 @@ RFC 2554 (SMTP Service Extension for Authentication),
|
|||||||
RFC 2821 (Simple Mail Transfer Protocol),
|
RFC 2821 (Simple Mail Transfer Protocol),
|
||||||
RFC 2822 (Internet Message Format),
|
RFC 2822 (Internet Message Format),
|
||||||
RFC 2852 (Deliver By SMTP Service Extension),
|
RFC 2852 (Deliver By SMTP Service Extension),
|
||||||
|
RFC 2920 (SMTP Service Extension for Command Pipelining),
|
||||||
and
|
and
|
||||||
RFC 2920 (SMTP Service Extension for Command Pipelining).
|
RFC 7505 (A "Null MX" No Service Resource Record for Domains That Accept No Mail).
|
||||||
However, since
|
However, since
|
||||||
.i sendmail
|
.i sendmail
|
||||||
is designed to work in a wider world,
|
is designed to work in a wider world,
|
||||||
@ -309,9 +309,8 @@ program; for details see
|
|||||||
.sh 3 "Creating a Site Configuration File"
|
.sh 3 "Creating a Site Configuration File"
|
||||||
.\"XXX
|
.\"XXX
|
||||||
.pp
|
.pp
|
||||||
(This section is not yet complete.
|
See sendmail/README for various compilation flags that can be set,
|
||||||
For now, see the file devtools/README for details.)
|
and devtools/README for details how to set them.
|
||||||
See sendmail/README for various compilation flags that can be set.
|
|
||||||
.sh 3 "Tweaking the Makefile"
|
.sh 3 "Tweaking the Makefile"
|
||||||
.pp
|
.pp
|
||||||
.\" .b "XXX This should all be in the Site Configuration File section."
|
.\" .b "XXX This should all be in the Site Configuration File section."
|
||||||
@ -323,6 +322,8 @@ notably the
|
|||||||
database.
|
database.
|
||||||
At least one of these should be defined if at all possible.
|
At least one of these should be defined if at all possible.
|
||||||
.nr ii 1i
|
.nr ii 1i
|
||||||
|
.ip CDB
|
||||||
|
Constant DataBase (tinycdb).
|
||||||
.ip NDBM
|
.ip NDBM
|
||||||
The ``new DBM'' format,
|
The ``new DBM'' format,
|
||||||
available on nearly all systems around today.
|
available on nearly all systems around today.
|
||||||
@ -1224,7 +1225,9 @@ A recipient address is mapped to a queue group as follows.
|
|||||||
First, if there is a ruleset called ``queuegroup'',
|
First, if there is a ruleset called ``queuegroup'',
|
||||||
and if this ruleset maps the address to a queue group name,
|
and if this ruleset maps the address to a queue group name,
|
||||||
then that queue group is chosen.
|
then that queue group is chosen.
|
||||||
That is, the argument for the ruleset is the recipient address
|
That is, the argument for the ruleset is
|
||||||
|
the recipient address
|
||||||
|
(i.e., the address part of the resolved triple)
|
||||||
and the result should be
|
and the result should be
|
||||||
.b $#
|
.b $#
|
||||||
followed by the name of a queue group.
|
followed by the name of a queue group.
|
||||||
@ -1282,7 +1285,7 @@ In case one of the queue runners tries delivery to a slow recipient site
|
|||||||
at the end of a queue run, the next queue run may be substantially delayed.
|
at the end of a queue run, the next queue run may be substantially delayed.
|
||||||
In general this should be smoothed out due to the distribution of
|
In general this should be smoothed out due to the distribution of
|
||||||
those slow jobs, however, for sites with small number of
|
those slow jobs, however, for sites with small number of
|
||||||
queue entries this might introduce noticable delays.
|
queue entries this might introduce noticeable delays.
|
||||||
In general, persistent queue runners are only useful for
|
In general, persistent queue runners are only useful for
|
||||||
sites with big queues.
|
sites with big queues.
|
||||||
.sh 3 "Manual Intervention"
|
.sh 3 "Manual Intervention"
|
||||||
@ -2908,7 +2911,7 @@ Therefore it is necessary to run the client mail queue periodically.
|
|||||||
.pp
|
.pp
|
||||||
.i Sendmail
|
.i Sendmail
|
||||||
has several parameters to control resource usage.
|
has several parameters to control resource usage.
|
||||||
Besides those mentionted in the previous section, there are at least
|
Besides those mentioned in the previous section, there are at least
|
||||||
.b MaxDaemonChildren ,
|
.b MaxDaemonChildren ,
|
||||||
.b ConnectionRateThrottle ,
|
.b ConnectionRateThrottle ,
|
||||||
.b MaxQueueChildren ,
|
.b MaxQueueChildren ,
|
||||||
@ -3038,8 +3041,9 @@ should not be used by the SMTP server.
|
|||||||
.pp
|
.pp
|
||||||
The level of logging can be set for
|
The level of logging can be set for
|
||||||
.i sendmail .
|
.i sendmail .
|
||||||
The default using a standard configuration table is level 9.
|
The default using a standard configuration is level 9.
|
||||||
The levels are as follows:
|
The levels are approximately as follows
|
||||||
|
(some log types are using different level depending on various factors):
|
||||||
.nr ii 0.5i
|
.nr ii 0.5i
|
||||||
.ip 0
|
.ip 0
|
||||||
Minimal logging.
|
Minimal logging.
|
||||||
@ -3078,7 +3082,7 @@ questionable situations.
|
|||||||
.ip 14
|
.ip 14
|
||||||
Logs refused connections.
|
Logs refused connections.
|
||||||
.ip 15
|
.ip 15
|
||||||
Log all incoming and outgoing SMTP commands.
|
Log all incoming SMTP commands.
|
||||||
.ip 20
|
.ip 20
|
||||||
Logs attempts to run locked queue files.
|
Logs attempts to run locked queue files.
|
||||||
These are not errors,
|
These are not errors,
|
||||||
@ -3280,7 +3284,7 @@ Accept group-writable
|
|||||||
.i \&.forward
|
.i \&.forward
|
||||||
files as safe for program and file delivery.
|
files as safe for program and file delivery.
|
||||||
.ip GroupWritableIncludeFile
|
.ip GroupWritableIncludeFile
|
||||||
Allow group wriable
|
Allow group writable
|
||||||
.i :include:
|
.i :include:
|
||||||
files.
|
files.
|
||||||
.ip GroupWritableIncludeFileSafe
|
.ip GroupWritableIncludeFileSafe
|
||||||
@ -3355,7 +3359,7 @@ Allow world writable
|
|||||||
.i \&.forward
|
.i \&.forward
|
||||||
files.
|
files.
|
||||||
.ip WorldWritableIncludefile
|
.ip WorldWritableIncludefile
|
||||||
Allow world wriable
|
Allow world writable
|
||||||
.i :include:
|
.i :include:
|
||||||
files.
|
files.
|
||||||
.ip WriteMapToHardLink
|
.ip WriteMapToHardLink
|
||||||
@ -3932,7 +3936,7 @@ The complete syntax for ruleset 0 is:
|
|||||||
.)b
|
.)b
|
||||||
This specifies the
|
This specifies the
|
||||||
{mailer, host, user}
|
{mailer, host, user}
|
||||||
3-tuple necessary to direct the mailer.
|
3-tuple (triple) necessary to direct the mailer.
|
||||||
Note: the third element (
|
Note: the third element (
|
||||||
.i user
|
.i user
|
||||||
) is often also called
|
) is often also called
|
||||||
@ -3964,9 +3968,11 @@ If the
|
|||||||
is the built-in IPC mailer,
|
is the built-in IPC mailer,
|
||||||
the
|
the
|
||||||
.i host
|
.i host
|
||||||
may be a colon-separated list of hosts
|
may be a colon (or comma) separated list of hosts.
|
||||||
that are searched in order for the first working address
|
Each is separately MX expanded and the results are concatenated
|
||||||
(exactly like MX records).
|
to make (essentially) one long MX list.
|
||||||
|
Hosts separated by a comma have the same MX preference,
|
||||||
|
and for each colon separated host the MX preference is increased.
|
||||||
The
|
The
|
||||||
.i user
|
.i user
|
||||||
is later rewritten by the mailer-specific envelope rewriting set
|
is later rewritten by the mailer-specific envelope rewriting set
|
||||||
@ -4148,7 +4154,7 @@ macro
|
|||||||
for use in the argv expansion of the specified mailer.
|
for use in the argv expansion of the specified mailer.
|
||||||
Notice: since the envelope sender address will be used if
|
Notice: since the envelope sender address will be used if
|
||||||
a delivery status notification must be send,
|
a delivery status notification must be send,
|
||||||
i.e., is may specify a recipient,
|
i.e., it may specify a recipient,
|
||||||
it is also run through ruleset zero.
|
it is also run through ruleset zero.
|
||||||
If ruleset zero returns a temporary error
|
If ruleset zero returns a temporary error
|
||||||
.b 4xy
|
.b 4xy
|
||||||
@ -4515,7 +4521,7 @@ for details, as well as
|
|||||||
and note this warning:
|
and note this warning:
|
||||||
Options already set before are not cleared!
|
Options already set before are not cleared!
|
||||||
.ip CipherList
|
.ip CipherList
|
||||||
Specify cipher list for STARTTLS,
|
Specify cipher list for STARTTLS (does not apply to TLSv1.3),
|
||||||
see
|
see
|
||||||
.i ciphers (1)
|
.i ciphers (1)
|
||||||
for possible values.
|
for possible values.
|
||||||
@ -4526,6 +4532,28 @@ for the session.
|
|||||||
File containing a certificate.
|
File containing a certificate.
|
||||||
.ip KeyFile
|
.ip KeyFile
|
||||||
File containing the private key for the certificate.
|
File containing the private key for the certificate.
|
||||||
|
.ip Flags
|
||||||
|
Currently the only valid flags are
|
||||||
|
.br
|
||||||
|
.i R
|
||||||
|
to require a CRL for each encountered certificate during verification
|
||||||
|
(by default a missing CRL is ignored),
|
||||||
|
.br
|
||||||
|
.i c
|
||||||
|
and
|
||||||
|
.i C
|
||||||
|
which basically clears/sets the option
|
||||||
|
.i TLSFallbacktoClear
|
||||||
|
for just this session, respectively,
|
||||||
|
.br
|
||||||
|
.i d
|
||||||
|
to turn off DANE which is obviously only valid for
|
||||||
|
.i tls_clt_features
|
||||||
|
and requires DANE to be compiled in.
|
||||||
|
This might be needed in case of a misconfiguration,
|
||||||
|
e.g.,
|
||||||
|
specifying invalid TLSA RRs.
|
||||||
|
.br
|
||||||
.lp
|
.lp
|
||||||
.lp
|
.lp
|
||||||
Example:
|
Example:
|
||||||
@ -4550,9 +4578,6 @@ and
|
|||||||
.i KeyFile
|
.i KeyFile
|
||||||
must be specified together;
|
must be specified together;
|
||||||
specifying only one is an error.
|
specifying only one is an error.
|
||||||
.pp
|
|
||||||
These rulesets require the sendmail binary to be built with _FFR_TLS_SE_OPTS
|
|
||||||
enabled (see the "For Future Release" section).
|
|
||||||
.sh 4 "authinfo"
|
.sh 4 "authinfo"
|
||||||
.pp
|
.pp
|
||||||
The
|
The
|
||||||
@ -4589,9 +4614,9 @@ is ignored (even if the ruleset does not return a ``useful'' result).
|
|||||||
The
|
The
|
||||||
.i queuegroup
|
.i queuegroup
|
||||||
ruleset is used to map a recipient address to a queue group name.
|
ruleset is used to map a recipient address to a queue group name.
|
||||||
The input for the ruleset is a recipient address as specified by the
|
The input for the ruleset is
|
||||||
.sm "SMTP RCPT"
|
the recipient address
|
||||||
command.
|
(i.e., the address part of the resolved triple)
|
||||||
The ruleset should return
|
The ruleset should return
|
||||||
.b $#
|
.b $#
|
||||||
followed by the name of a queue group.
|
followed by the name of a queue group.
|
||||||
@ -4615,7 +4640,7 @@ pause.
|
|||||||
If the return value starts with anything else or is not a number,
|
If the return value starts with anything else or is not a number,
|
||||||
it is silently ignored.
|
it is silently ignored.
|
||||||
Note: this ruleset is not invoked (and hence the feature is disabled)
|
Note: this ruleset is not invoked (and hence the feature is disabled)
|
||||||
when the smtps (SMTP over SSL) is used, i.e.,
|
when smtps (SMTP over SSL) is used, i.e.,
|
||||||
the
|
the
|
||||||
.i s
|
.i s
|
||||||
modifier is set for the daemon via
|
modifier is set for the daemon via
|
||||||
@ -4651,9 +4676,11 @@ to an IP host address.
|
|||||||
.pp
|
.pp
|
||||||
The host name passed in after the
|
The host name passed in after the
|
||||||
.q $@
|
.q $@
|
||||||
may also be a colon-separated list of hosts.
|
may also be a colon or comma separated list of hosts.
|
||||||
Each is separately MX expanded and the results are concatenated
|
Each is separately MX expanded and the results are concatenated
|
||||||
to make (essentially) one long MX list.
|
to make (essentially) one long MX list.
|
||||||
|
Hosts separated by a comma have the same MX preference,
|
||||||
|
and for each colon separated host the MX preference is increased.
|
||||||
The intent here is to create
|
The intent here is to create
|
||||||
.q fake
|
.q fake
|
||||||
MX records that are not published in DNS
|
MX records that are not published in DNS
|
||||||
@ -5224,7 +5251,7 @@ The output of the
|
|||||||
function, i.e., the number of seconds since 0 hours, 0 minutes,
|
function, i.e., the number of seconds since 0 hours, 0 minutes,
|
||||||
0 seconds, January 1, 1970, Coordinated Universal Time (UTC).
|
0 seconds, January 1, 1970, Coordinated Universal Time (UTC).
|
||||||
.ip ${tls_version}
|
.ip ${tls_version}
|
||||||
The TLS/SSL version used for the connection, e.g., TLSv1, SSLv3, SSLv2;
|
The TLS/SSL version used for the connection, e.g., TLSv1.2, TLSv1;
|
||||||
defined after STARTTLS has been used.
|
defined after STARTTLS has been used.
|
||||||
.ip ${total_rate}
|
.ip ${total_rate}
|
||||||
The total number of incoming connections over the time interval specified
|
The total number of incoming connections over the time interval specified
|
||||||
@ -5241,6 +5268,7 @@ NOT no cert requested.
|
|||||||
FAIL cert presented but could not be verified,
|
FAIL cert presented but could not be verified,
|
||||||
e.g., the signing CA is missing.
|
e.g., the signing CA is missing.
|
||||||
NONE STARTTLS has not been performed.
|
NONE STARTTLS has not been performed.
|
||||||
|
CLEAR STARTTLS has been disabled internally for a clear text delivery attempt.
|
||||||
TEMP temporary error occurred.
|
TEMP temporary error occurred.
|
||||||
PROTOCOL some protocol error occurred
|
PROTOCOL some protocol error occurred
|
||||||
at the ESMTP level (not TLS).
|
at the ESMTP level (not TLS).
|
||||||
@ -5859,7 +5887,7 @@ Do User Database rewriting on recipients as well as senders.
|
|||||||
Normally when
|
Normally when
|
||||||
.i sendmail
|
.i sendmail
|
||||||
connects to a host via SMTP,
|
connects to a host via SMTP,
|
||||||
it checks to make sure that this isn't accidently the same host name
|
it checks to make sure that this isn't accidentally the same host name
|
||||||
as might happen if
|
as might happen if
|
||||||
.i sendmail
|
.i sendmail
|
||||||
is misconfigured or if a long-haul network interface is set in loopback mode.
|
is misconfigured or if a long-haul network interface is set in loopback mode.
|
||||||
@ -5893,7 +5921,7 @@ macro occurs in the
|
|||||||
part of the mailer definition,
|
part of the mailer definition,
|
||||||
that field will be repeated as necessary
|
that field will be repeated as necessary
|
||||||
for all qualifying users.
|
for all qualifying users.
|
||||||
Removing this flag can defeat duplicate supression on a remote site
|
Removing this flag can defeat duplicate suppression on a remote site
|
||||||
as each recipient is sent in a separate transaction.
|
as each recipient is sent in a separate transaction.
|
||||||
.ip M\(dg
|
.ip M\(dg
|
||||||
This mailer wants a
|
This mailer wants a
|
||||||
@ -6519,6 +6547,10 @@ is specified),
|
|||||||
(if
|
(if
|
||||||
.sm NDBM
|
.sm NDBM
|
||||||
is specified),
|
is specified),
|
||||||
|
.q cdb
|
||||||
|
(if
|
||||||
|
.sm CDB
|
||||||
|
is specified),
|
||||||
.q stab
|
.q stab
|
||||||
(internal symbol table \*- not normally used
|
(internal symbol table \*- not normally used
|
||||||
unless you have no other database lookup),
|
unless you have no other database lookup),
|
||||||
@ -6647,7 +6679,7 @@ see section about STARTTLS for more information.
|
|||||||
Specify the fingerprint algorithm (digest) to use for the presented cert.
|
Specify the fingerprint algorithm (digest) to use for the presented cert.
|
||||||
If the option is not set,
|
If the option is not set,
|
||||||
md5 is used and the macro
|
md5 is used and the macro
|
||||||
.p ${cert_md5}
|
.b ${cert_md5}
|
||||||
contains the cert fingerprint.
|
contains the cert fingerprint.
|
||||||
If the option is explicitly set,
|
If the option is explicitly set,
|
||||||
the specified algorithm (e.g., sha1) is used
|
the specified algorithm (e.g., sha1) is used
|
||||||
@ -6655,7 +6687,7 @@ and the macro
|
|||||||
.b ${cert_fp}
|
.b ${cert_fp}
|
||||||
contains the cert fingerprint.
|
contains the cert fingerprint.
|
||||||
.ip CipherList
|
.ip CipherList
|
||||||
Specify cipher list for STARTTLS.
|
Specify cipher list for STARTTLS (does not apply to TLSv1.3).
|
||||||
See
|
See
|
||||||
.i ciphers (1)
|
.i ciphers (1)
|
||||||
for possible values.
|
for possible values.
|
||||||
@ -6756,7 +6788,7 @@ By default,
|
|||||||
.i -SSL_OP_TLSEXT_PADDING
|
.i -SSL_OP_TLSEXT_PADDING
|
||||||
are used
|
are used
|
||||||
(if those options are available).
|
(if those options are available).
|
||||||
Options can be cleared by preceeding them with a minus sign.
|
Options can be cleared by preceding them with a minus sign.
|
||||||
It is also possible to specify numerical values, e.g.,
|
It is also possible to specify numerical values, e.g.,
|
||||||
.b -0x0010 .
|
.b -0x0010 .
|
||||||
.ip ColonOkInAddr
|
.ip ColonOkInAddr
|
||||||
@ -6851,9 +6883,18 @@ Solaris and pre-4.4BSD kernel users should see the note in sendmail/README .
|
|||||||
[no short name]
|
[no short name]
|
||||||
Name of file that contains certificate
|
Name of file that contains certificate
|
||||||
revocation status, useful for X.509v3 authentication.
|
revocation status, useful for X.509v3 authentication.
|
||||||
CRL checking requires at least OpenSSL version 0.9.7.
|
|
||||||
Note: if a CRLFile is specified but the file is unusable,
|
Note: if a CRLFile is specified but the file is unusable,
|
||||||
STARTTLS is disabled.
|
STARTTLS is disabled.
|
||||||
|
.ip CRLPath=\fIname\fP
|
||||||
|
[no short name]
|
||||||
|
Name of directory that contains hashes pointing to
|
||||||
|
certificate revocation status files.
|
||||||
|
Symbolic links can be generated with the following
|
||||||
|
two (Bourne) shell commands:
|
||||||
|
.(b
|
||||||
|
C=FileName_of_CRL
|
||||||
|
ln -s $C `openssl crl -noout -hash < $C`.r0
|
||||||
|
.)b
|
||||||
.ip DHParameters
|
.ip DHParameters
|
||||||
This option applies to the server side only.
|
This option applies to the server side only.
|
||||||
Possible values are:
|
Possible values are:
|
||||||
@ -6948,7 +6989,7 @@ can be a sequence (without any delimiters)
|
|||||||
of the following characters:
|
of the following characters:
|
||||||
.(b
|
.(b
|
||||||
.ta 1i
|
.ta 1i
|
||||||
a always require authentication
|
a always require AUTH
|
||||||
b bind to interface through which mail has been received
|
b bind to interface through which mail has been received
|
||||||
c perform hostname canonification (.cf)
|
c perform hostname canonification (.cf)
|
||||||
f require fully qualified hostname (.cf)
|
f require fully qualified hostname (.cf)
|
||||||
@ -6961,7 +7002,7 @@ O optional; if opening the socket fails ignore it
|
|||||||
S don't offer STARTTLS
|
S don't offer STARTTLS
|
||||||
.)b
|
.)b
|
||||||
That is, one way to specify a message submission agent (MSA) that
|
That is, one way to specify a message submission agent (MSA) that
|
||||||
always requires authentication is:
|
always requires AUTH is:
|
||||||
.(b
|
.(b
|
||||||
O DaemonPortOptions=Name=MSA, Port=587, M=Ea
|
O DaemonPortOptions=Name=MSA, Port=587, M=Ea
|
||||||
.)b
|
.)b
|
||||||
@ -7000,7 +7041,7 @@ This will also override possible settings via
|
|||||||
Note,
|
Note,
|
||||||
.i sendmail
|
.i sendmail
|
||||||
will listen on a new socket
|
will listen on a new socket
|
||||||
for each occurence of the
|
for each occurrence of the
|
||||||
.b DaemonPortOptions
|
.b DaemonPortOptions
|
||||||
option in a configuration file.
|
option in a configuration file.
|
||||||
The modifier ``O'' causes sendmail to ignore a socket
|
The modifier ``O'' causes sendmail to ignore a socket
|
||||||
@ -7296,6 +7337,18 @@ are:
|
|||||||
.\"8BITMIME\(->7BIT conversions are done.
|
.\"8BITMIME\(->7BIT conversions are done.
|
||||||
In all cases properly declared 8BITMIME data will be converted to 7BIT
|
In all cases properly declared 8BITMIME data will be converted to 7BIT
|
||||||
as needed.
|
as needed.
|
||||||
|
.p
|
||||||
|
Note: if an automatic conversion is performed, a header with
|
||||||
|
the following format will be added:
|
||||||
|
.(b
|
||||||
|
X-MIME-Autoconverted: from OLD to NEW by $j id $i
|
||||||
|
.)b
|
||||||
|
where
|
||||||
|
.\" format?
|
||||||
|
OLD
|
||||||
|
and
|
||||||
|
NEW
|
||||||
|
describe the original format and the converted format, respectively.
|
||||||
.ip ErrorHeader=\fIfile-or-message\fP
|
.ip ErrorHeader=\fIfile-or-message\fP
|
||||||
[E]
|
[E]
|
||||||
Prepend error messages with the indicated message.
|
Prepend error messages with the indicated message.
|
||||||
@ -7393,6 +7446,10 @@ and then in
|
|||||||
.ip HeloName=\fIname\fP
|
.ip HeloName=\fIname\fP
|
||||||
[no short name]
|
[no short name]
|
||||||
Set the name to be used for HELO/EHLO (instead of $j).
|
Set the name to be used for HELO/EHLO (instead of $j).
|
||||||
|
.ip HelpFile=\fIfile\fP
|
||||||
|
[H]
|
||||||
|
Specify the help file for SMTP.
|
||||||
|
If no file name is specified, "helpfile" is used.
|
||||||
.ip HoldExpensive
|
.ip HoldExpensive
|
||||||
[c]
|
[c]
|
||||||
If an outgoing mailer is marked as being expensive,
|
If an outgoing mailer is marked as being expensive,
|
||||||
@ -7520,9 +7577,10 @@ If not set, there is no limit to the number of children --
|
|||||||
that is, the system load average controls this.
|
that is, the system load average controls this.
|
||||||
.ip MaxHeadersLength=\fIN\fP
|
.ip MaxHeadersLength=\fIN\fP
|
||||||
[no short name]
|
[no short name]
|
||||||
The maximum length of the sum of all headers.
|
If set to a value greater than zero it specifies
|
||||||
|
the maximum length of the sum of all headers.
|
||||||
This can be used to prevent a denial of service attack.
|
This can be used to prevent a denial of service attack.
|
||||||
The default is no limit.
|
The default is 32K.
|
||||||
.ip MaxHopCount=\fIN\fP
|
.ip MaxHopCount=\fIN\fP
|
||||||
[h]
|
[h]
|
||||||
The maximum hop count.
|
The maximum hop count.
|
||||||
@ -7706,6 +7764,12 @@ Sets the list of characters that must be quoted if used in a full name
|
|||||||
that is in the phrase part of a ``phrase <address>'' syntax.
|
that is in the phrase part of a ``phrase <address>'' syntax.
|
||||||
The default is ``\'.''.
|
The default is ``\'.''.
|
||||||
The characters ``@,;:\e()[]'' are always added to this list.
|
The characters ``@,;:\e()[]'' are always added to this list.
|
||||||
|
Note: To avoid potential breakage of
|
||||||
|
DKIM signatures it is useful to set
|
||||||
|
.(b
|
||||||
|
O MustQuoteChars=.
|
||||||
|
.)b
|
||||||
|
Moreover, relaxed header signing should be used for DKIM signatures.
|
||||||
.ip NiceQueueRun
|
.ip NiceQueueRun
|
||||||
[no short name]
|
[no short name]
|
||||||
The priority of queue runners (nice(3)).
|
The priority of queue runners (nice(3)).
|
||||||
@ -8189,7 +8253,7 @@ By default,
|
|||||||
.i -SSL_OP_TLSEXT_PADDING
|
.i -SSL_OP_TLSEXT_PADDING
|
||||||
are used
|
are used
|
||||||
(if those options are available).
|
(if those options are available).
|
||||||
Options can be cleared by preceeding them with a minus sign.
|
Options can be cleared by preceding them with a minus sign.
|
||||||
It is also possible to specify numerical values, e.g.,
|
It is also possible to specify numerical values, e.g.,
|
||||||
.b -0x0010 .
|
.b -0x0010 .
|
||||||
.ip ServiceSwitchFile=\fIfilename\fP
|
.ip ServiceSwitchFile=\fIfilename\fP
|
||||||
@ -8301,6 +8365,31 @@ Defaults to
|
|||||||
If set, issue temporary errors (4xy) instead of permanent errors (5xy).
|
If set, issue temporary errors (4xy) instead of permanent errors (5xy).
|
||||||
This can be useful during testing of a new configuration to avoid
|
This can be useful during testing of a new configuration to avoid
|
||||||
erroneous bouncing of mails.
|
erroneous bouncing of mails.
|
||||||
|
.ip SSLEngine
|
||||||
|
Name of SSL engine to use.
|
||||||
|
The available values depend on the OpenSSL version against which
|
||||||
|
.i sendmail
|
||||||
|
is compiled,
|
||||||
|
see
|
||||||
|
.(b
|
||||||
|
openssl engine -v
|
||||||
|
.)b
|
||||||
|
for some information.
|
||||||
|
.ip SSLEnginePath
|
||||||
|
Path to dynamic library for SSL engine.
|
||||||
|
This option is only useful if
|
||||||
|
.i SSLEngine
|
||||||
|
is set.
|
||||||
|
If both are set, the engine will be loaded dynamically at runtime
|
||||||
|
using the concatenation of the path,
|
||||||
|
a slash "/",
|
||||||
|
the string "lib",
|
||||||
|
the value of
|
||||||
|
.i SSLEngine ,
|
||||||
|
and the string ".so".
|
||||||
|
If only
|
||||||
|
.i SSLEngine
|
||||||
|
is set then the static version of the engine is used.
|
||||||
.ip StatusFile=\fIfile\fP
|
.ip StatusFile=\fIfile\fP
|
||||||
[S]
|
[S]
|
||||||
Log summary statistics in the named
|
Log summary statistics in the named
|
||||||
@ -8340,6 +8429,22 @@ PostMilter is useful only when
|
|||||||
.i sendmail
|
.i sendmail
|
||||||
is running as an SMTP server; in all other situations it
|
is running as an SMTP server; in all other situations it
|
||||||
acts the same as True.
|
acts the same as True.
|
||||||
|
.ip TLSFallbacktoClear
|
||||||
|
[no short name]
|
||||||
|
If set,
|
||||||
|
.i sendmail
|
||||||
|
immediately tries an outbound connection again without STARTTLS
|
||||||
|
after a TLS handshake failure.
|
||||||
|
Note:
|
||||||
|
this applies to all connections even if TLS specific requirements are set
|
||||||
|
(see rulesets
|
||||||
|
.i tls_rcpt
|
||||||
|
and
|
||||||
|
.i tls_client
|
||||||
|
).
|
||||||
|
Hence such requirements will cause an error on a retry without STARTTLS.
|
||||||
|
Therefore they should only trigger a temporary failure so the connection
|
||||||
|
is later on tried again.
|
||||||
.ip TLSSrvOptions
|
.ip TLSSrvOptions
|
||||||
[no short name]
|
[no short name]
|
||||||
List of options for SMTP STARTTLS for the server
|
List of options for SMTP STARTTLS for the server
|
||||||
@ -8824,6 +8929,12 @@ $[\fIhostname\fP$]
|
|||||||
.)b
|
.)b
|
||||||
.pp
|
.pp
|
||||||
There are many defined classes.
|
There are many defined classes.
|
||||||
|
.ip cdb
|
||||||
|
Database lookups using the cdb(3) library.
|
||||||
|
.i Sendmail
|
||||||
|
must be compiled with
|
||||||
|
.b CDB
|
||||||
|
defined.
|
||||||
.ip dbm
|
.ip dbm
|
||||||
Database lookups using the ndbm(3) library.
|
Database lookups using the ndbm(3) library.
|
||||||
.i Sendmail
|
.i Sendmail
|
||||||
@ -8885,7 +8996,7 @@ only the first value will be returned
|
|||||||
unless the
|
unless the
|
||||||
.b \-z
|
.b \-z
|
||||||
(value separator)
|
(value separator)
|
||||||
map flag is set.
|
map option is set.
|
||||||
Also, the
|
Also, the
|
||||||
.b \-1
|
.b \-1
|
||||||
map flag will treat a multiple value return
|
map flag will treat a multiple value return
|
||||||
@ -8906,14 +9017,11 @@ The format of the text file is defined by the
|
|||||||
and
|
and
|
||||||
.b \-z
|
.b \-z
|
||||||
(field delimiter)
|
(field delimiter)
|
||||||
flags.
|
options.
|
||||||
.ip ph
|
.ip ph
|
||||||
PH query map.
|
PH query map.
|
||||||
Contributed and supported by
|
Contributed and supported by
|
||||||
Mark Roth, roth@uiuc.edu.
|
Mark Roth, roth@uiuc.edu.
|
||||||
For more information,
|
|
||||||
consult the web site
|
|
||||||
.q http://www-dev.cites.uiuc.edu/sendmail/ .
|
|
||||||
.ip nsd
|
.ip nsd
|
||||||
nsd map for IRIX 6.5 and later.
|
nsd map for IRIX 6.5 and later.
|
||||||
Contributed and supported by Bob Mende of SGI,
|
Contributed and supported by Bob Mende of SGI,
|
||||||
@ -8922,11 +9030,15 @@ mende@sgi.com.
|
|||||||
Internal symbol table lookups.
|
Internal symbol table lookups.
|
||||||
Used internally for aliasing.
|
Used internally for aliasing.
|
||||||
.ip implicit
|
.ip implicit
|
||||||
Really should be called
|
Sequentially try a list of available map types:
|
||||||
.q alias
|
.i hash ,
|
||||||
\(em this is used to get the default lookups
|
.i dbm ,
|
||||||
for alias files,
|
and
|
||||||
and is the default if no class is specified for alias files.
|
.i cdb .
|
||||||
|
It is the default for alias files if no class is specified.
|
||||||
|
If is no matching map type is found,
|
||||||
|
the text version is used for the alias file,
|
||||||
|
but other maps fail to open.
|
||||||
.ip user
|
.ip user
|
||||||
Looks up users using
|
Looks up users using
|
||||||
.i getpwnam (3).
|
.i getpwnam (3).
|
||||||
@ -8948,15 +9060,24 @@ This can be used to find out if this machine is the target for an MX record,
|
|||||||
and mail can be accepted on that basis.
|
and mail can be accepted on that basis.
|
||||||
If the
|
If the
|
||||||
.b \-z
|
.b \-z
|
||||||
flag is given, then all MX names are returned,
|
option is given, then all MX names are returned,
|
||||||
separated by the given delimiter.
|
separated by the given delimiter.
|
||||||
|
Note: the return value is deterministic,
|
||||||
|
i.e., even if multiple MX records have the same preference,
|
||||||
|
they will be returned in the same order.
|
||||||
.ip dns
|
.ip dns
|
||||||
This map requires the option -R to specify the DNS resource record
|
This map requires the option -R to specify the DNS resource record
|
||||||
type to lookup. The following types are supported:
|
type to lookup.
|
||||||
|
The following types are supported:
|
||||||
A, AAAA, AFSDB, CNAME, MX, NS, PTR, SRV, and TXT.
|
A, AAAA, AFSDB, CNAME, MX, NS, PTR, SRV, and TXT.
|
||||||
A map lookup will return only one record.
|
A map lookup will return only one record
|
||||||
|
unless the
|
||||||
|
.b \-z
|
||||||
|
(value separator)
|
||||||
|
option is set.
|
||||||
Hence for some types, e.g., MX records, the return value might be a random
|
Hence for some types, e.g., MX records, the return value might be a random
|
||||||
element of the list due to randomizing in the DNS resolver.
|
element of the results due to randomizing in the DNS resolver,
|
||||||
|
if only one element is returned.
|
||||||
.ip arpa
|
.ip arpa
|
||||||
Returns the ``reverse'' for the given IP (IPv4 or IPv6) address,
|
Returns the ``reverse'' for the given IP (IPv4 or IPv6) address,
|
||||||
i.e., the string for the PTR lookup,
|
i.e., the string for the PTR lookup,
|
||||||
@ -9069,33 +9190,45 @@ if used, it is substituted by the substring matches, delimited by
|
|||||||
.b $|
|
.b $|
|
||||||
or the string specified with the the
|
or the string specified with the the
|
||||||
.b \-d
|
.b \-d
|
||||||
flag. The flags available for the map are
|
option.
|
||||||
|
The options available for the map are
|
||||||
.(b
|
.(b
|
||||||
.ta 4n
|
.ta 4n
|
||||||
-n not
|
-n not
|
||||||
-f case sensitive
|
-f case sensitive
|
||||||
-b basic regular expressions (default is extended)
|
-b basic regular expressions (default is extended)
|
||||||
-s substring match
|
-s substring match
|
||||||
-d set the delimiter used for -s
|
-d set the delimiter string used for -s
|
||||||
-a append string to key
|
-a append string to key
|
||||||
-m match only, do not replace/discard value
|
-m match only, do not replace/discard value
|
||||||
-D perform no lookup in deferred delivery mode.
|
-D perform no lookup in deferred delivery mode.
|
||||||
.)b
|
.)b
|
||||||
The
|
The
|
||||||
.b \-s
|
.b \-s
|
||||||
flag can include an optional parameter which can be used
|
option can include an optional parameter which can be used
|
||||||
to select the substrings in the result of the lookup. For example,
|
to select the substrings in the result of the lookup.
|
||||||
|
For example,
|
||||||
.(b
|
.(b
|
||||||
-s1,3,4
|
-s1,3,4
|
||||||
.)b
|
.)b
|
||||||
|
The delimiter string specified via the
|
||||||
|
.b \-d
|
||||||
|
option is the sequence of characters after
|
||||||
|
.b d
|
||||||
|
ending at the first space.
|
||||||
|
Hence it isn't possible to specify a space as delimiter,
|
||||||
|
so if the option is immediately followed by a space
|
||||||
|
the delimiter string is empty,
|
||||||
|
which means the substrings are joined.
|
||||||
|
|
||||||
Notes: to match a
|
Notes: to match a
|
||||||
.b $
|
.b $
|
||||||
in a string,
|
in a string,
|
||||||
\\$$
|
\\$$
|
||||||
must be used.
|
must be used.
|
||||||
If the pattern contains spaces, they must be replaced
|
If the pattern contains spaces,
|
||||||
with the blank substitution character, unless it is
|
they must be replaced with the blank substitution character,
|
||||||
space itself.
|
unless it is space itself.
|
||||||
.ip program
|
.ip program
|
||||||
The arguments on the
|
The arguments on the
|
||||||
.b K
|
.b K
|
||||||
@ -9185,9 +9318,9 @@ and is one of the following upper case words:
|
|||||||
.ta 9n
|
.ta 9n
|
||||||
OK the key was found, result contains the looked up value
|
OK the key was found, result contains the looked up value
|
||||||
NOTFOUND the key was not found, the result is empty
|
NOTFOUND the key was not found, the result is empty
|
||||||
TEMP a temporary failure occured
|
TEMP a temporary failure occurred
|
||||||
TIMEOUT a timeout occured on the server side
|
TIMEOUT a timeout occurred on the server side
|
||||||
PERM a permanent failure occured
|
PERM a permanent failure occurred
|
||||||
.)b
|
.)b
|
||||||
|
|
||||||
In case of errors (status TEMP, TIMEOUT or PERM) the result field may
|
In case of errors (status TEMP, TIMEOUT or PERM) the result field may
|
||||||
@ -9331,7 +9464,7 @@ or
|
|||||||
to indicate newline or tab respectively.
|
to indicate newline or tab respectively.
|
||||||
If omitted entirely,
|
If omitted entirely,
|
||||||
the column separator is any sequence of white space.
|
the column separator is any sequence of white space.
|
||||||
For LDAP maps this is the separator character
|
For LDAP and some other maps this is the separator character
|
||||||
to combine multiple values
|
to combine multiple values
|
||||||
into a single return string.
|
into a single return string.
|
||||||
If not set,
|
If not set,
|
||||||
@ -9413,6 +9546,11 @@ timeout: specify the timeout (in seconds) for communication
|
|||||||
with the socket map server.
|
with the socket map server.
|
||||||
.pp
|
.pp
|
||||||
The following additional flags are present in the ldap map only:
|
The following additional flags are present in the ldap map only:
|
||||||
|
.ip "\-c\fItimeout\fP"
|
||||||
|
Set the LDAP network timeout.
|
||||||
|
sendmail must be compiled with
|
||||||
|
.b \-DLDAP_OPT_NETWORK_TIMEOUT
|
||||||
|
to use this flag.
|
||||||
.ip "\-R"
|
.ip "\-R"
|
||||||
Do not auto chase referrals. sendmail must be compiled with
|
Do not auto chase referrals. sendmail must be compiled with
|
||||||
.b \-DLDAP_REFERRALS
|
.b \-DLDAP_REFERRALS
|
||||||
@ -9480,6 +9618,9 @@ Should be one of
|
|||||||
.b LDAP_AUTH_SIMPLE ,
|
.b LDAP_AUTH_SIMPLE ,
|
||||||
or
|
or
|
||||||
.b LDAP_AUTH_KRBV4 .
|
.b LDAP_AUTH_KRBV4 .
|
||||||
|
The leading
|
||||||
|
.b LDAP_AUTH_
|
||||||
|
can be omitted and the value is case-insensitive.
|
||||||
.ip "\-P\fIpasswordfile\fP"
|
.ip "\-P\fIpasswordfile\fP"
|
||||||
The file containing the secret key for the
|
The file containing the secret key for the
|
||||||
.b LDAP_AUTH_SIMPLE
|
.b LDAP_AUTH_SIMPLE
|
||||||
@ -9530,8 +9671,9 @@ and the data is located in
|
|||||||
.pp
|
.pp
|
||||||
The program
|
The program
|
||||||
.i makemap (8)
|
.i makemap (8)
|
||||||
can be used to build any of the three database-oriented maps.
|
can be used to build database-oriented maps.
|
||||||
It takes the following flags:
|
It takes at least the following flags
|
||||||
|
(for a complete list see its man page):
|
||||||
.ip \-f
|
.ip \-f
|
||||||
Do not fold upper to lower case in the map.
|
Do not fold upper to lower case in the map.
|
||||||
.ip \-N
|
.ip \-N
|
||||||
@ -9980,8 +10122,10 @@ configuration file.
|
|||||||
If set,
|
If set,
|
||||||
the new version of the DBM library
|
the new version of the DBM library
|
||||||
that allows multiple databases will be used.
|
that allows multiple databases will be used.
|
||||||
If neither NDBM nor NEWDB are set,
|
If neither CDB, NDBM, nor NEWDB are set,
|
||||||
a much less efficient method of alias lookup is used.
|
a much less efficient method of alias lookup is used.
|
||||||
|
.ip CWDB
|
||||||
|
If set, use the cdb (tinycdb) package.
|
||||||
.ip NEWDB
|
.ip NEWDB
|
||||||
If set, use the new database package from Berkeley (from 4.4BSD).
|
If set, use the new database package from Berkeley (from 4.4BSD).
|
||||||
This package is substantially faster than DBM or NDBM.
|
This package is substantially faster than DBM or NDBM.
|
||||||
@ -10418,7 +10562,7 @@ Addresses in this header should receive error messages.
|
|||||||
This header is a Content-Transfer-Encoding header.
|
This header is a Content-Transfer-Encoding header.
|
||||||
.ip H_CTYPE
|
.ip H_CTYPE
|
||||||
This header is a Content-Type header.
|
This header is a Content-Type header.
|
||||||
.ip H_STRIPVAL
|
.ip H_BCC
|
||||||
Strip the value from the header (for Bcc:).
|
Strip the value from the header (for Bcc:).
|
||||||
.nr ii 5n
|
.nr ii 5n
|
||||||
.lp
|
.lp
|
||||||
@ -10440,7 +10584,7 @@ struct hdrinfo HdrInfo[] =
|
|||||||
"to", H_RCPT,
|
"to", H_RCPT,
|
||||||
"resent-to", H_RCPT,
|
"resent-to", H_RCPT,
|
||||||
"cc", H_RCPT,
|
"cc", H_RCPT,
|
||||||
"bcc", H_RCPT\^|\^H_STRIPVAL,
|
"bcc", H_RCPT\^|\^H_BCC,
|
||||||
/* message identification and control */
|
/* message identification and control */
|
||||||
"message", H_EOH,
|
"message", H_EOH,
|
||||||
"text", H_EOH,
|
"text", H_EOH,
|
||||||
@ -10864,7 +11008,7 @@ it is necessary to understand at least some basics about X.509 certificates
|
|||||||
and public key cryptography.
|
and public key cryptography.
|
||||||
This information can be found in books about SSL/TLS
|
This information can be found in books about SSL/TLS
|
||||||
or on WWW sites, e.g.,
|
or on WWW sites, e.g.,
|
||||||
.q http://www.OpenSSL.org/ .
|
.q https://www.OpenSSL.org/ .
|
||||||
.sh 3 "Certificates for STARTTLS"
|
.sh 3 "Certificates for STARTTLS"
|
||||||
.pp
|
.pp
|
||||||
When acting as a server,
|
When acting as a server,
|
||||||
@ -11003,6 +11147,43 @@ The macros which are subject to this encoding are
|
|||||||
{cert_subject}, {cert_issuer}, {cn_subject}, {cn_issuer},
|
{cert_subject}, {cert_issuer}, {cn_subject}, {cn_issuer},
|
||||||
as well as
|
as well as
|
||||||
{auth_authen} and {auth_author}.
|
{auth_authen} and {auth_author}.
|
||||||
|
.sh 2 "DANE"
|
||||||
|
.pp
|
||||||
|
Initial support for DANE (see RFC 7672 et.al.)
|
||||||
|
is available if
|
||||||
|
.i sendmail
|
||||||
|
is compiled with the option
|
||||||
|
.b DANE .
|
||||||
|
Only TLSA RR 3-1-x (DANE-EE) is currently implemented.
|
||||||
|
The option
|
||||||
|
.(b
|
||||||
|
O DANE=true
|
||||||
|
.)b
|
||||||
|
enables this feature at run time
|
||||||
|
and it automatically adds
|
||||||
|
.b use_dnssec
|
||||||
|
and
|
||||||
|
.b use_edns0
|
||||||
|
to
|
||||||
|
.(b
|
||||||
|
O ResolverOptions
|
||||||
|
.)b
|
||||||
|
This requires a (preferrably local)
|
||||||
|
validating DNS resolver which supports those options.
|
||||||
|
|
||||||
|
If the client finds a usable TLSA RR and the check
|
||||||
|
succeeds the macro
|
||||||
|
.b ${verify}
|
||||||
|
is set to
|
||||||
|
.b TRUSTED .
|
||||||
|
All non-DNS maps are considered
|
||||||
|
.i secure
|
||||||
|
just like DNS lookups with DNSSEC.
|
||||||
|
Be aware that the implementation might not handle all
|
||||||
|
error conditions as required by the RFCs.
|
||||||
|
Moreover, TLSA RRs are not looked up for some features,
|
||||||
|
e.g.,
|
||||||
|
.i FallBackSmartHost .
|
||||||
.sh 1 "ACKNOWLEDGEMENTS"
|
.sh 1 "ACKNOWLEDGEMENTS"
|
||||||
.pp
|
.pp
|
||||||
I've worked on
|
I've worked on
|
||||||
@ -11243,7 +11424,6 @@ this is equivalent to using \-p.)
|
|||||||
.ip \-q\fItime\fP
|
.ip \-q\fItime\fP
|
||||||
Try to process the queued up mail.
|
Try to process the queued up mail.
|
||||||
If the time is given,
|
If the time is given,
|
||||||
a
|
|
||||||
.i sendmail
|
.i sendmail
|
||||||
will start one or more processes to run through the queue(s) at the specified
|
will start one or more processes to run through the queue(s) at the specified
|
||||||
time interval to deliver queued mail; otherwise, it only runs once.
|
time interval to deliver queued mail; otherwise, it only runs once.
|
||||||
@ -11307,7 +11487,7 @@ together, and items with different key letters
|
|||||||
.q and'ed
|
.q and'ed
|
||||||
together.
|
together.
|
||||||
.ip "\-Q[reason]"
|
.ip "\-Q[reason]"
|
||||||
Quarantine a normal queue items with the given reason or
|
Quarantine normal queue items with the given reason or
|
||||||
unquarantine quarantined queue items if no reason is given.
|
unquarantine quarantined queue items if no reason is given.
|
||||||
This should only be used with some sort of item matching using
|
This should only be used with some sort of item matching using
|
||||||
.b \-q[!]\fIXstring\fP
|
.b \-q[!]\fIXstring\fP
|
||||||
@ -11512,11 +11692,10 @@ but is actually realiased when the job is processed.
|
|||||||
There will be one line for each recipient.
|
There will be one line for each recipient.
|
||||||
Version 1 qf files
|
Version 1 qf files
|
||||||
also include a leading colon-terminated list of flags,
|
also include a leading colon-terminated list of flags,
|
||||||
which can be
|
some of which are
|
||||||
`S' to return a message on successful final delivery,
|
`S' to return a message on successful final delivery,
|
||||||
`F' to return a message on failure,
|
`F' to return a message on failure,
|
||||||
`D' to return a message if the message is delayed,
|
`D' to return a message if the message is delayed,
|
||||||
`B' to indicate that the body should be returned,
|
|
||||||
`N' to suppress returning the body,
|
`N' to suppress returning the body,
|
||||||
and
|
and
|
||||||
`P' to declare this as a ``primary'' (command line or SMTP-session) address.
|
`P' to declare this as a ``primary'' (command line or SMTP-session) address.
|
||||||
@ -11727,7 +11906,6 @@ replace it with a blank sheet for double-sided output.
|
|||||||
.\".sz 10
|
.\".sz 10
|
||||||
.\"Eric Allman
|
.\"Eric Allman
|
||||||
.\".sp
|
.\".sp
|
||||||
.\"Version $Revision: 8.759 $
|
|
||||||
.\".ce 0
|
.\".ce 0
|
||||||
.bp 3
|
.bp 3
|
||||||
.ce
|
.ce
|
||||||
|
@ -8,6 +8,8 @@ all: FRC
|
|||||||
$(SHELL) $(BUILD) $(OPTIONS) $@
|
$(SHELL) $(BUILD) $(OPTIONS) $@
|
||||||
clean: FRC
|
clean: FRC
|
||||||
$(SHELL) $(BUILD) $(OPTIONS) $@
|
$(SHELL) $(BUILD) $(OPTIONS) $@
|
||||||
|
check: FRC
|
||||||
|
$(SHELL) $(BUILD) $(OPTIONS) $@
|
||||||
install: FRC
|
install: FRC
|
||||||
$(SHELL) $(BUILD) $(OPTIONS) $@
|
$(SHELL) $(BUILD) $(OPTIONS) $@
|
||||||
|
|
||||||
|
@ -23,19 +23,19 @@ SM_UNUSED(static char copyright[]) =
|
|||||||
|
|
||||||
#ifndef lint
|
#ifndef lint
|
||||||
SM_UNUSED(static char id[]) = "@(#)$Id: editmap.c,v 1.26 2013-11-22 20:51:26 ca Exp $";
|
SM_UNUSED(static char id[]) = "@(#)$Id: editmap.c,v 1.26 2013-11-22 20:51:26 ca Exp $";
|
||||||
#endif /* ! lint */
|
#endif
|
||||||
|
|
||||||
|
|
||||||
#include <sys/types.h>
|
#include <sys/types.h>
|
||||||
#ifndef ISC_UNIX
|
#ifndef ISC_UNIX
|
||||||
# include <sys/file.h>
|
# include <sys/file.h>
|
||||||
#endif /* ! ISC_UNIX */
|
#endif
|
||||||
#include <ctype.h>
|
#include <ctype.h>
|
||||||
#include <stdlib.h>
|
#include <stdlib.h>
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
#ifdef EX_OK
|
#ifdef EX_OK
|
||||||
# undef EX_OK /* unistd.h may have another use for this */
|
# undef EX_OK /* unistd.h may have another use for this */
|
||||||
#endif /* EX_OK */
|
#endif
|
||||||
#include <sysexits.h>
|
#include <sysexits.h>
|
||||||
#include <assert.h>
|
#include <assert.h>
|
||||||
#include <sendmail/sendmail.h>
|
#include <sendmail/sendmail.h>
|
||||||
@ -100,7 +100,7 @@ main(argc, argv)
|
|||||||
#if HASFCHOWN
|
#if HASFCHOWN
|
||||||
FILE *cfp;
|
FILE *cfp;
|
||||||
char buf[MAXLINE];
|
char buf[MAXLINE];
|
||||||
#endif /* HASFCHOWN */
|
#endif
|
||||||
static char rnamebuf[MAXNAME]; /* holds RealUserName */
|
static char rnamebuf[MAXNAME]; /* holds RealUserName */
|
||||||
extern char *optarg;
|
extern char *optarg;
|
||||||
extern int optind;
|
extern int optind;
|
||||||
|
@ -43,11 +43,11 @@
|
|||||||
/* Only need to export C interface if used by C++ source code */
|
/* Only need to export C interface if used by C++ source code */
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
extern "C" {
|
extern "C" {
|
||||||
#endif /* __cplusplus */
|
#endif
|
||||||
|
|
||||||
#ifndef _SOCK_ADDR
|
#ifndef _SOCK_ADDR
|
||||||
# define _SOCK_ADDR struct sockaddr
|
# define _SOCK_ADDR struct sockaddr
|
||||||
#endif /* ! _SOCK_ADDR */
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** libmilter functions return one of the following to indicate
|
** libmilter functions return one of the following to indicate
|
||||||
@ -58,7 +58,7 @@ extern "C" {
|
|||||||
#define MI_FAILURE (-1)
|
#define MI_FAILURE (-1)
|
||||||
#if _FFR_WORKERS_POOL
|
#if _FFR_WORKERS_POOL
|
||||||
# define MI_CONTINUE 1
|
# define MI_CONTINUE 1
|
||||||
#endif /* _FFR_WORKERS_POOL */
|
#endif
|
||||||
|
|
||||||
/* "forward" declarations */
|
/* "forward" declarations */
|
||||||
typedef struct smfi_str SMFICTX;
|
typedef struct smfi_str SMFICTX;
|
||||||
@ -76,17 +76,17 @@ typedef int sfsistat;
|
|||||||
|
|
||||||
#if defined(__linux__) && defined(__GNUC__) && defined(__cplusplus) && __GNUC_MINOR__ >= 8
|
#if defined(__linux__) && defined(__GNUC__) && defined(__cplusplus) && __GNUC_MINOR__ >= 8
|
||||||
# define SM__P(X) __PMT(X)
|
# define SM__P(X) __PMT(X)
|
||||||
#else /* __linux__ && __GNUC__ && __cplusplus && _GNUC_MINOR__ >= 8 */
|
#else
|
||||||
# define SM__P(X) __P(X)
|
# define SM__P(X) __P(X)
|
||||||
#endif /* __linux__ && __GNUC__ && __cplusplus && _GNUC_MINOR__ >= 8 */
|
#endif
|
||||||
|
|
||||||
/* Some platforms don't define __P -- do it for them here: */
|
/* Some platforms don't define __P -- do it for them here: */
|
||||||
#ifndef __P
|
#ifndef __P
|
||||||
# ifdef __STDC__
|
# ifdef __STDC__
|
||||||
# define __P(X) X
|
# define __P(X) X
|
||||||
# else /* __STDC__ */
|
# else
|
||||||
# define __P(X) ()
|
# define __P(X) ()
|
||||||
# endif /* __STDC__ */
|
# endif
|
||||||
#endif /* __P */
|
#endif /* __P */
|
||||||
|
|
||||||
#if SM_CONF_STDBOOL_H
|
#if SM_CONF_STDBOOL_H
|
||||||
@ -464,7 +464,7 @@ LIBMILTER_API int smfi_chgheader __P((SMFICTX *, char *, int, char *));
|
|||||||
**
|
**
|
||||||
** SMFICTX *ctx; Opaque context structure
|
** SMFICTX *ctx; Opaque context structure
|
||||||
** char *headerf; Header field name
|
** char *headerf; Header field name
|
||||||
** int index; The Nth occurence of header field name
|
** int index; The Nth occurrence of header field name
|
||||||
** char *headerv; New header field value (empty for delete header)
|
** char *headerv; New header field value (empty for delete header)
|
||||||
*/
|
*/
|
||||||
|
|
||||||
@ -594,10 +594,10 @@ LIBMILTER_API int smfi_setsymlist __P((SMFICTX *, int, char *));
|
|||||||
|
|
||||||
#if _FFR_THREAD_MONITOR
|
#if _FFR_THREAD_MONITOR
|
||||||
LIBMILTER_API int smfi_set_max_exec_time __P((unsigned int));
|
LIBMILTER_API int smfi_set_max_exec_time __P((unsigned int));
|
||||||
#endif /* _FFR_THREAD_MONITOR */
|
#endif
|
||||||
|
|
||||||
#ifdef __cplusplus
|
#ifdef __cplusplus
|
||||||
}
|
}
|
||||||
#endif /* __cplusplus */
|
#endif
|
||||||
|
|
||||||
#endif /* ! _LIBMILTER_MFAPI_H */
|
#endif /* ! _LIBMILTER_MFAPI_H */
|
||||||
|
@ -19,7 +19,7 @@
|
|||||||
|
|
||||||
#ifndef SMFI_PROT_VERSION
|
#ifndef SMFI_PROT_VERSION
|
||||||
# define SMFI_PROT_VERSION 6 /* MTA - libmilter protocol version */
|
# define SMFI_PROT_VERSION 6 /* MTA - libmilter protocol version */
|
||||||
#endif /* SMFI_PROT_VERSION */
|
#endif
|
||||||
|
|
||||||
/* Shared protocol constants */
|
/* Shared protocol constants */
|
||||||
#define MILTER_LEN_BYTES 4 /* length of 32 bit integer in bytes */
|
#define MILTER_LEN_BYTES 4 /* length of 32 bit integer in bytes */
|
||||||
@ -121,6 +121,6 @@
|
|||||||
|
|
||||||
#if _FFR_MILTER_CHECK
|
#if _FFR_MILTER_CHECK
|
||||||
# define SMFIP_TEST 0x80000000L
|
# define SMFIP_TEST 0x80000000L
|
||||||
#endif /* _FFR_MILTER_CHECK */
|
#endif
|
||||||
|
|
||||||
#endif /* !_LIBMILTER_MFDEF_H */
|
#endif /* !_LIBMILTER_MFDEF_H */
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 1999-2002 Proofpoint, Inc. and its suppliers.
|
* Copyright (c) 1999-2002, 2018 Proofpoint, Inc. and its suppliers.
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
* By using this file, you agree to the terms and conditions set
|
* By using this file, you agree to the terms and conditions set
|
||||||
@ -18,13 +18,13 @@
|
|||||||
# include <sm/gen.h>
|
# include <sm/gen.h>
|
||||||
# include <sm/errstring.h>
|
# include <sm/errstring.h>
|
||||||
|
|
||||||
# ifdef NDBM
|
# if NDBM
|
||||||
# include <ndbm.h>
|
# include <ndbm.h>
|
||||||
# endif /* NDBM */
|
# endif
|
||||||
|
|
||||||
# ifdef NEWDB
|
# if NEWDB
|
||||||
# include "sm/bdb.h"
|
# include "sm/bdb.h"
|
||||||
# endif /* NEWDB */
|
# endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** Some size constants
|
** Some size constants
|
||||||
@ -119,7 +119,6 @@ typedef int (*db_get_func) __P((SMDB_DATABASE *db,
|
|||||||
** flags -- put options:
|
** flags -- put options:
|
||||||
** SMDBF_NO_OVERWRITE - Return an error if key alread
|
** SMDBF_NO_OVERWRITE - Return an error if key alread
|
||||||
** exists.
|
** exists.
|
||||||
** SMDBF_ALLOW_DUP - Allow duplicates in btree maps.
|
|
||||||
**
|
**
|
||||||
** Returns:
|
** Returns:
|
||||||
** 0 - Success, otherwise errno.
|
** 0 - Success, otherwise errno.
|
||||||
@ -190,6 +189,7 @@ struct database_struct
|
|||||||
db_lockfd_func smdb_lockfd;
|
db_lockfd_func smdb_lockfd;
|
||||||
void *smdb_impl;
|
void *smdb_impl;
|
||||||
};
|
};
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** DB_CURSOR_CLOSE -- Close a cursor
|
** DB_CURSOR_CLOSE -- Close a cursor
|
||||||
**
|
**
|
||||||
@ -244,10 +244,10 @@ typedef int (*db_cursor_get_func) __P((SMDB_CURSOR *cursor,
|
|||||||
** Flags for DB_CURSOR_GET
|
** Flags for DB_CURSOR_GET
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#define SMDB_CURSOR_GET_FIRST 0
|
#define SMDB_CURSOR_GET_FIRST 0 /* NOT USED by any application */
|
||||||
#define SMDB_CURSOR_GET_LAST 1
|
#define SMDB_CURSOR_GET_LAST 1 /* NOT USED by any application */
|
||||||
#define SMDB_CURSOR_GET_NEXT 2
|
#define SMDB_CURSOR_GET_NEXT 2
|
||||||
#define SMDB_CURSOR_GET_RANGE 3
|
#define SMDB_CURSOR_GET_RANGE 3 /* NOT USED by any application */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** DB_CURSOR_PUT -- Put the key/value at this cursor.
|
** DB_CURSOR_PUT -- Put the key/value at this cursor.
|
||||||
@ -313,12 +313,34 @@ typedef unsigned int SMDB_FLAG;
|
|||||||
|
|
||||||
# define SMDB_TYPE_DEFAULT NULL
|
# define SMDB_TYPE_DEFAULT NULL
|
||||||
# define SMDB_TYPE_DEFAULT_LEN 0
|
# define SMDB_TYPE_DEFAULT_LEN 0
|
||||||
|
# define SMDB_TYPE_IMPL "implicit"
|
||||||
|
# define SMDB_TYPE_IMPL_LEN 9
|
||||||
# define SMDB_TYPE_HASH "hash"
|
# define SMDB_TYPE_HASH "hash"
|
||||||
# define SMDB_TYPE_HASH_LEN 5
|
# define SMDB_TYPE_HASH_LEN 5
|
||||||
# define SMDB_TYPE_BTREE "btree"
|
# define SMDB_TYPE_BTREE "btree"
|
||||||
# define SMDB_TYPE_BTREE_LEN 6
|
# define SMDB_TYPE_BTREE_LEN 6
|
||||||
# define SMDB_TYPE_NDBM "dbm"
|
# define SMDB_TYPE_NDBM "dbm"
|
||||||
# define SMDB_TYPE_NDBM_LEN 4
|
# define SMDB_TYPE_NDBM_LEN 4
|
||||||
|
# define SMDB_TYPE_CDB "cdb"
|
||||||
|
# define SMDB_TYPE_CDB_LEN 4
|
||||||
|
|
||||||
|
# define SMDB_IS_TYPE_HASH(type) (strncmp(type, SMDB_TYPE_HASH, SMDB_TYPE_HASH_LEN) == 0)
|
||||||
|
# define SMDB_IS_TYPE_BTREE(type) (strncmp(type, SMDB_TYPE_BTREE, SMDB_TYPE_BTREE_LEN) == 0)
|
||||||
|
# define SMDB_IS_TYPE_NDBM(type) (strncmp(type, SMDB_TYPE_NDBM, SMDB_TYPE_NDBM_LEN) == 0)
|
||||||
|
# define SMDB_IS_TYPE_CDB(type) (strncmp(type, SMDB_TYPE_CDB, SMDB_TYPE_CDB_LEN) == 0)
|
||||||
|
|
||||||
|
# define SMDB_IS_TYPE_DEFAULT(t) (((t) == SMDB_TYPE_DEFAULT) \
|
||||||
|
|| (strncmp(type, SMDB_TYPE_IMPL, SMDB_TYPE_IMPL_LEN) == 0) \
|
||||||
|
)
|
||||||
|
|
||||||
|
# if CDB >= 2
|
||||||
|
# define SMCDB_FILE_EXTENSION "db"
|
||||||
|
# else
|
||||||
|
# define SMCDB_FILE_EXTENSION "cdb"
|
||||||
|
# endif
|
||||||
|
# define SMDB1_FILE_EXTENSION "db"
|
||||||
|
# define SMDB2_FILE_EXTENSION "db"
|
||||||
|
# define SMNDB_DIR_FILE_EXTENSION "dir"
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** These are flags
|
** These are flags
|
||||||
@ -326,26 +348,22 @@ typedef unsigned int SMDB_FLAG;
|
|||||||
|
|
||||||
/* Flags for put */
|
/* Flags for put */
|
||||||
# define SMDBF_NO_OVERWRITE 0x00000001
|
# define SMDBF_NO_OVERWRITE 0x00000001
|
||||||
# define SMDBF_ALLOW_DUP 0x00000002
|
|
||||||
|
|
||||||
|
typedef int (smdb_open_func) __P((SMDB_DATABASE **, char *, int, int, long, SMDB_DBTYPE, SMDB_USER_INFO *, SMDB_DBPARAMS *));
|
||||||
|
|
||||||
extern SMDB_DATABASE *smdb_malloc_database __P((void));
|
extern SMDB_DATABASE *smdb_malloc_database __P((void));
|
||||||
extern void smdb_free_database __P((SMDB_DATABASE *));
|
extern void smdb_free_database __P((SMDB_DATABASE *));
|
||||||
extern int smdb_open_database __P((SMDB_DATABASE **, char *, int,
|
extern smdb_open_func smdb_open_database;
|
||||||
int, long, SMDB_DBTYPE,
|
# if NEWDB
|
||||||
SMDB_USER_INFO *,
|
extern smdb_open_func smdb_db_open;
|
||||||
SMDB_DBPARAMS *));
|
# else
|
||||||
# ifdef NEWDB
|
# define smdb_db_open NULL
|
||||||
extern int smdb_db_open __P((SMDB_DATABASE **, char *, int, int,
|
# endif
|
||||||
long, SMDB_DBTYPE, SMDB_USER_INFO *,
|
# if NDBM
|
||||||
SMDB_DBPARAMS *));
|
extern smdb_open_func smdb_ndbm_open;
|
||||||
# endif /* NEWDB */
|
# else
|
||||||
# ifdef NDBM
|
# define smdb_ndbm_open NULL
|
||||||
extern int smdb_ndbm_open __P((SMDB_DATABASE **, char *, int, int,
|
# endif
|
||||||
long, SMDB_DBTYPE,
|
|
||||||
SMDB_USER_INFO *,
|
|
||||||
SMDB_DBPARAMS *));
|
|
||||||
# endif /* NDBM */
|
|
||||||
extern int smdb_add_extension __P((char *, int, char *, char *));
|
extern int smdb_add_extension __P((char *, int, char *, char *));
|
||||||
extern int smdb_setup_file __P((char *, char *, int, long,
|
extern int smdb_setup_file __P((char *, char *, int, long,
|
||||||
SMDB_USER_INFO *, struct stat *));
|
SMDB_USER_INFO *, struct stat *));
|
||||||
@ -353,8 +371,15 @@ extern int smdb_lock_file __P((int *, char *, int, long, char *));
|
|||||||
extern int smdb_unlock_file __P((int));
|
extern int smdb_unlock_file __P((int));
|
||||||
extern int smdb_filechanged __P((char *, char *, int,
|
extern int smdb_filechanged __P((char *, char *, int,
|
||||||
struct stat *));
|
struct stat *));
|
||||||
extern void smdb_print_available_types __P((void));
|
extern void smdb_print_available_types __P((bool));
|
||||||
|
extern bool smdb_is_db_type __P((const char *));
|
||||||
extern char *smdb_db_definition __P((SMDB_DBTYPE));
|
extern char *smdb_db_definition __P((SMDB_DBTYPE));
|
||||||
extern int smdb_lock_map __P((SMDB_DATABASE *, int));
|
extern int smdb_lock_map __P((SMDB_DATABASE *, int));
|
||||||
extern int smdb_unlock_map __P((SMDB_DATABASE *));
|
extern int smdb_unlock_map __P((SMDB_DATABASE *));
|
||||||
|
|
||||||
|
# if CDB
|
||||||
|
extern smdb_open_func smdb_cdb_open;
|
||||||
|
# else
|
||||||
|
# define smdb_cdb_open NULL
|
||||||
|
# endif
|
||||||
#endif /* ! _SMDB_H_ */
|
#endif /* ! _SMDB_H_ */
|
||||||
|
@ -19,34 +19,34 @@
|
|||||||
# ifndef _PATH_SENDMAILCF
|
# ifndef _PATH_SENDMAILCF
|
||||||
# if defined(USE_VENDOR_CF_PATH) && defined(_PATH_VENDOR_CF)
|
# if defined(USE_VENDOR_CF_PATH) && defined(_PATH_VENDOR_CF)
|
||||||
# define _PATH_SENDMAILCF _PATH_VENDOR_CF
|
# define _PATH_SENDMAILCF _PATH_VENDOR_CF
|
||||||
# else /* defined(USE_VENDOR_CF_PATH) && defined(_PATH_VENDOR_CF) */
|
# else
|
||||||
# define _PATH_SENDMAILCF "/etc/mail/sendmail.cf"
|
# define _PATH_SENDMAILCF "/etc/mail/sendmail.cf"
|
||||||
# endif /* defined(USE_VENDOR_CF_PATH) && defined(_PATH_VENDOR_CF) */
|
# endif
|
||||||
# endif /* ! _PATH_SENDMAILCF */
|
# endif /* ! _PATH_SENDMAILCF */
|
||||||
|
|
||||||
# ifndef _PATH_SENDMAILPID
|
# ifndef _PATH_SENDMAILPID
|
||||||
# ifdef BSD4_4
|
# ifdef BSD4_4
|
||||||
# define _PATH_SENDMAILPID "/var/run/sendmail.pid"
|
# define _PATH_SENDMAILPID "/var/run/sendmail.pid"
|
||||||
# else /* BSD4_4 */
|
# else
|
||||||
# define _PATH_SENDMAILPID "/etc/mail/sendmail.pid"
|
# define _PATH_SENDMAILPID "/etc/mail/sendmail.pid"
|
||||||
# endif /* BSD4_4 */
|
# endif
|
||||||
# endif /* ! _PATH_SENDMAILPID */
|
# endif /* ! _PATH_SENDMAILPID */
|
||||||
|
|
||||||
# ifndef _PATH_SENDMAIL
|
# ifndef _PATH_SENDMAIL
|
||||||
# define _PATH_SENDMAIL "/usr/lib/sendmail"
|
# define _PATH_SENDMAIL "/usr/lib/sendmail"
|
||||||
# endif /* ! _PATH_SENDMAIL */
|
# endif
|
||||||
|
|
||||||
# ifndef _PATH_MAILDIR
|
# ifndef _PATH_MAILDIR
|
||||||
# define _PATH_MAILDIR "/var/spool/mail"
|
# define _PATH_MAILDIR "/var/spool/mail"
|
||||||
# endif /* ! _PATH_MAILDIR */
|
# endif
|
||||||
|
|
||||||
# ifndef _PATH_LOCTMP
|
# ifndef _PATH_LOCTMP
|
||||||
# define _PATH_LOCTMP "/tmp/local.XXXXXX"
|
# define _PATH_LOCTMP "/tmp/local.XXXXXX"
|
||||||
# endif /* ! _PATH_LOCTMP */
|
# endif
|
||||||
|
|
||||||
# ifndef _PATH_HOSTS
|
# ifndef _PATH_HOSTS
|
||||||
# define _PATH_HOSTS "/etc/hosts"
|
# define _PATH_HOSTS "/etc/hosts"
|
||||||
# endif /* ! _PATH_HOSTS */
|
# endif
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -29,7 +29,7 @@
|
|||||||
**********************************************************************/
|
**********************************************************************/
|
||||||
#ifndef MAXMAILERS
|
#ifndef MAXMAILERS
|
||||||
# define MAXMAILERS 25 /* maximum mailers known to system */
|
# define MAXMAILERS 25 /* maximum mailers known to system */
|
||||||
#endif /* ! MAXMAILERS */
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** Flags passed to safefile/safedirpath.
|
** Flags passed to safefile/safedirpath.
|
||||||
|
@ -47,19 +47,19 @@ sm_abort __P((
|
|||||||
|
|
||||||
# ifndef SM_CHECK_ALL
|
# ifndef SM_CHECK_ALL
|
||||||
# define SM_CHECK_ALL 1
|
# define SM_CHECK_ALL 1
|
||||||
# endif /* ! SM_CHECK_ALL */
|
# endif
|
||||||
|
|
||||||
# ifndef SM_CHECK_REQUIRE
|
# ifndef SM_CHECK_REQUIRE
|
||||||
# define SM_CHECK_REQUIRE SM_CHECK_ALL
|
# define SM_CHECK_REQUIRE SM_CHECK_ALL
|
||||||
# endif /* ! SM_CHECK_REQUIRE */
|
# endif
|
||||||
|
|
||||||
# ifndef SM_CHECK_ENSURE
|
# ifndef SM_CHECK_ENSURE
|
||||||
# define SM_CHECK_ENSURE SM_CHECK_ALL
|
# define SM_CHECK_ENSURE SM_CHECK_ALL
|
||||||
# endif /* ! SM_CHECK_ENSURE */
|
# endif
|
||||||
|
|
||||||
# ifndef SM_CHECK_ASSERT
|
# ifndef SM_CHECK_ASSERT
|
||||||
# define SM_CHECK_ASSERT SM_CHECK_ALL
|
# define SM_CHECK_ASSERT SM_CHECK_ALL
|
||||||
# endif /* ! SM_CHECK_ASSERT */
|
# endif
|
||||||
|
|
||||||
# if SM_CHECK_REQUIRE
|
# if SM_CHECK_REQUIRE
|
||||||
# if defined(__STDC__) || defined(__cplusplus)
|
# if defined(__STDC__) || defined(__cplusplus)
|
||||||
|
@ -17,7 +17,7 @@
|
|||||||
# include <db.h>
|
# include <db.h>
|
||||||
# ifndef DB_VERSION_MAJOR
|
# ifndef DB_VERSION_MAJOR
|
||||||
# define DB_VERSION_MAJOR 1
|
# define DB_VERSION_MAJOR 1
|
||||||
# endif /* ! DB_VERSION_MAJOR */
|
# endif
|
||||||
|
|
||||||
# if (DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR >= 1) || DB_VERSION_MAJOR >= 5
|
# if (DB_VERSION_MAJOR == 4 && DB_VERSION_MINOR >= 1) || DB_VERSION_MAJOR >= 5
|
||||||
|
|
||||||
|
@ -6,7 +6,7 @@
|
|||||||
* forth in the LICENSE file which can be found at the top level of
|
* forth in the LICENSE file which can be found at the top level of
|
||||||
* the sendmail distribution.
|
* the sendmail distribution.
|
||||||
*
|
*
|
||||||
* $Id: cdefs.h,v 1.17 2013-11-22 20:51:31 ca Exp $
|
* $Id: cdefs.h,v 1.17 2013/11/22 20:51:31 ca Exp $
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -27,7 +27,7 @@
|
|||||||
|
|
||||||
# if SM_CONF_SYS_CDEFS_H
|
# if SM_CONF_SYS_CDEFS_H
|
||||||
# include <sys/cdefs.h>
|
# include <sys/cdefs.h>
|
||||||
# endif /* SM_CONF_SYS_CDEFS_H */
|
# endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** Define the standard C language portability macros
|
** Define the standard C language portability macros
|
||||||
@ -86,9 +86,9 @@
|
|||||||
# if __GNUC__ >= 2
|
# if __GNUC__ >= 2
|
||||||
# if __GNUC__ == 2 && __GNUC_MINOR__ < 7
|
# if __GNUC__ == 2 && __GNUC_MINOR__ < 7
|
||||||
# define SM_UNUSED(decl) decl
|
# define SM_UNUSED(decl) decl
|
||||||
# else /* __GNUC__ == 2 && __GNUC_MINOR__ < 7 */
|
# else
|
||||||
# define SM_UNUSED(decl) decl __attribute__((__unused__))
|
# define SM_UNUSED(decl) decl __attribute__((__unused__))
|
||||||
# endif /* __GNUC__ == 2 && __GNUC_MINOR__ < 7 */
|
# endif
|
||||||
# else /* __GNUC__ >= 2 */
|
# else /* __GNUC__ >= 2 */
|
||||||
# define SM_UNUSED(decl) decl
|
# define SM_UNUSED(decl) decl
|
||||||
# endif /* __GNUC__ >= 2 */
|
# endif /* __GNUC__ >= 2 */
|
||||||
@ -112,9 +112,9 @@
|
|||||||
|
|
||||||
# ifdef SM_OMIT_BOGUS_WARNINGS
|
# ifdef SM_OMIT_BOGUS_WARNINGS
|
||||||
# define SM_NONVOLATILE volatile
|
# define SM_NONVOLATILE volatile
|
||||||
# else /* SM_OMIT_BOGUS_WARNINGS */
|
# else
|
||||||
# define SM_NONVOLATILE
|
# define SM_NONVOLATILE
|
||||||
# endif /* SM_OMIT_BOGUS_WARNINGS */
|
# endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** Turn on format string argument checking.
|
** Turn on format string argument checking.
|
||||||
@ -131,17 +131,17 @@
|
|||||||
# ifndef PRINTFLIKE
|
# ifndef PRINTFLIKE
|
||||||
# if SM_CONF_FORMAT_TEST
|
# if SM_CONF_FORMAT_TEST
|
||||||
# define PRINTFLIKE(x,y) __attribute__ ((__format__ (__printf__, x, y)))
|
# define PRINTFLIKE(x,y) __attribute__ ((__format__ (__printf__, x, y)))
|
||||||
# else /* SM_CONF_FORMAT_TEST */
|
# else
|
||||||
# define PRINTFLIKE(x,y)
|
# define PRINTFLIKE(x,y)
|
||||||
# endif /* SM_CONF_FORMAT_TEST */
|
# endif
|
||||||
# endif /* ! PRINTFLIKE */
|
# endif /* ! PRINTFLIKE */
|
||||||
|
|
||||||
# ifndef SCANFLIKE
|
# ifndef SCANFLIKE
|
||||||
# if SM_CONF_FORMAT_TEST
|
# if SM_CONF_FORMAT_TEST
|
||||||
# define SCANFLIKE(x,y) __attribute__ ((__format__ (__scanf__, x, y)))
|
# define SCANFLIKE(x,y) __attribute__ ((__format__ (__scanf__, x, y)))
|
||||||
# else /* SM_CONF_FORMAT_TEST */
|
# else
|
||||||
# define SCANFLIKE(x,y)
|
# define SCANFLIKE(x,y)
|
||||||
# endif /* SM_CONF_FORMAT_TEST */
|
# endif
|
||||||
# endif /* ! SCANFLIKE */
|
# endif /* ! SCANFLIKE */
|
||||||
|
|
||||||
#endif /* ! SM_CDEFS_H */
|
#endif /* ! SM_CDEFS_H */
|
||||||
|
@ -22,7 +22,7 @@
|
|||||||
# include <sm/signal.h>
|
# include <sm/signal.h>
|
||||||
# if SM_CONF_SETITIMER
|
# if SM_CONF_SETITIMER
|
||||||
# include <sys/time.h>
|
# include <sys/time.h>
|
||||||
# endif /* SM_CONF_SETITIMER */
|
# endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** STRUCT SM_EVENT -- event queue.
|
** STRUCT SM_EVENT -- event queue.
|
||||||
@ -37,9 +37,9 @@ struct sm_event
|
|||||||
{
|
{
|
||||||
# if SM_CONF_SETITIMER
|
# if SM_CONF_SETITIMER
|
||||||
struct timeval ev_time; /* time of the call (microseconds) */
|
struct timeval ev_time; /* time of the call (microseconds) */
|
||||||
# else /* SM_CONF_SETITIMER */
|
# else
|
||||||
time_t ev_time; /* time of the call (seconds) */
|
time_t ev_time; /* time of the call (seconds) */
|
||||||
# endif /* SM_CONF_SETITIMER */
|
# endif
|
||||||
void (*ev_func)__P((int));
|
void (*ev_func)__P((int));
|
||||||
/* function to call */
|
/* function to call */
|
||||||
int ev_arg; /* argument to ev_func */
|
int ev_arg; /* argument to ev_func */
|
||||||
|
File diff suppressed because it is too large
Load Diff
@ -31,9 +31,9 @@
|
|||||||
# ifndef SM_CONF_STDBOOL_H
|
# ifndef SM_CONF_STDBOOL_H
|
||||||
# if !defined(__clang__) && defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L
|
# if !defined(__clang__) && defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L
|
||||||
# define SM_CONF_STDBOOL_H 1
|
# define SM_CONF_STDBOOL_H 1
|
||||||
# else /* !defined(__clang__) && defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L */
|
# else
|
||||||
# define SM_CONF_STDBOOL_H 0
|
# define SM_CONF_STDBOOL_H 0
|
||||||
# endif /* !defined(__clang__) && defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L */
|
# endif
|
||||||
# endif /* ! SM_CONF_STDBOOL_H */
|
# endif /* ! SM_CONF_STDBOOL_H */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -42,7 +42,7 @@
|
|||||||
|
|
||||||
# ifndef SM_CONF_SYS_CDEFS_H
|
# ifndef SM_CONF_SYS_CDEFS_H
|
||||||
# define SM_CONF_SYS_CDEFS_H 0
|
# define SM_CONF_SYS_CDEFS_H 0
|
||||||
# endif /* ! SM_CONF_SYS_CDEFS_H */
|
# endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** SM_CONF_STDDEF_H is 1 if <stddef.h> exists
|
** SM_CONF_STDDEF_H is 1 if <stddef.h> exists
|
||||||
@ -50,7 +50,7 @@
|
|||||||
|
|
||||||
# ifndef SM_CONF_STDDEF_H
|
# ifndef SM_CONF_STDDEF_H
|
||||||
# define SM_CONF_STDDEF_H 1
|
# define SM_CONF_STDDEF_H 1
|
||||||
# endif /* ! SM_CONF_STDDEF_H */
|
# endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** Configuration macro that specifies whether strlcpy/strlcat are available.
|
** Configuration macro that specifies whether strlcpy/strlcat are available.
|
||||||
@ -60,7 +60,7 @@
|
|||||||
|
|
||||||
# ifndef SM_CONF_STRL
|
# ifndef SM_CONF_STRL
|
||||||
# define SM_CONF_STRL 0
|
# define SM_CONF_STRL 0
|
||||||
# endif /* ! SM_CONF_STRL */
|
# endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** Configuration macro indicating that setitimer is available
|
** Configuration macro indicating that setitimer is available
|
||||||
@ -68,7 +68,7 @@
|
|||||||
|
|
||||||
# ifndef SM_CONF_SETITIMER
|
# ifndef SM_CONF_SETITIMER
|
||||||
# define SM_CONF_SETITIMER 1
|
# define SM_CONF_SETITIMER 1
|
||||||
# endif /* ! SM_CONF_SETITIMER */
|
# endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** Does <sys/types.h> define uid_t and gid_t?
|
** Does <sys/types.h> define uid_t and gid_t?
|
||||||
@ -76,14 +76,14 @@
|
|||||||
|
|
||||||
# ifndef SM_CONF_UID_GID
|
# ifndef SM_CONF_UID_GID
|
||||||
# define SM_CONF_UID_GID 1
|
# define SM_CONF_UID_GID 1
|
||||||
# endif /* ! SM_CONF_UID_GID */
|
# endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** Does <sys/types.h> define ssize_t?
|
** Does <sys/types.h> define ssize_t?
|
||||||
*/
|
*/
|
||||||
# ifndef SM_CONF_SSIZE_T
|
# ifndef SM_CONF_SSIZE_T
|
||||||
# define SM_CONF_SSIZE_T 1
|
# define SM_CONF_SSIZE_T 1
|
||||||
# endif /* ! SM_CONF_SSIZE_T */
|
# endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** Does the C compiler support long long?
|
** Does the C compiler support long long?
|
||||||
@ -95,9 +95,9 @@
|
|||||||
# else /* defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L */
|
# else /* defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L */
|
||||||
# if defined(__GNUC__)
|
# if defined(__GNUC__)
|
||||||
# define SM_CONF_LONGLONG 1
|
# define SM_CONF_LONGLONG 1
|
||||||
# else /* defined(__GNUC__) */
|
# else
|
||||||
# define SM_CONF_LONGLONG 0
|
# define SM_CONF_LONGLONG 0
|
||||||
# endif /* defined(__GNUC__) */
|
# endif
|
||||||
# endif /* defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L */
|
# endif /* defined(__STDC_VERSION__) && __STDC_VERSION__ >= 199901L */
|
||||||
# endif /* ! SM_CONF_LONGLONG */
|
# endif /* ! SM_CONF_LONGLONG */
|
||||||
|
|
||||||
@ -108,7 +108,7 @@
|
|||||||
|
|
||||||
# ifndef SM_CONF_QUAD_T
|
# ifndef SM_CONF_QUAD_T
|
||||||
# define SM_CONF_QUAD_T 0
|
# define SM_CONF_QUAD_T 0
|
||||||
# endif /* ! SM_CONF_QUAD_T */
|
# endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** Configuration macro indicating that shared memory is available
|
** Configuration macro indicating that shared memory is available
|
||||||
@ -116,7 +116,7 @@
|
|||||||
|
|
||||||
# ifndef SM_CONF_SHM
|
# ifndef SM_CONF_SHM
|
||||||
# define SM_CONF_SHM 0
|
# define SM_CONF_SHM 0
|
||||||
# endif /* ! SM_CONF_SHM */
|
# endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** Does <setjmp.h> define sigsetjmp?
|
** Does <setjmp.h> define sigsetjmp?
|
||||||
@ -124,7 +124,7 @@
|
|||||||
|
|
||||||
# ifndef SM_CONF_SIGSETJMP
|
# ifndef SM_CONF_SIGSETJMP
|
||||||
# define SM_CONF_SIGSETJMP 1
|
# define SM_CONF_SIGSETJMP 1
|
||||||
# endif /* ! SM_CONF_SIGSETJMP */
|
# endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** Does <sysexits.h> exist, and define the EX_* macros with values
|
** Does <sysexits.h> exist, and define the EX_* macros with values
|
||||||
@ -133,17 +133,17 @@
|
|||||||
|
|
||||||
# ifndef SM_CONF_SYSEXITS_H
|
# ifndef SM_CONF_SYSEXITS_H
|
||||||
# define SM_CONF_SYSEXITS_H 0
|
# define SM_CONF_SYSEXITS_H 0
|
||||||
# endif /* ! SM_CONF_SYSEXITS_H */
|
# endif
|
||||||
|
|
||||||
/* has memchr() prototype? (if not: needs memory.h) */
|
/* has memchr() prototype? (if not: needs memory.h) */
|
||||||
# ifndef SM_CONF_MEMCHR
|
# ifndef SM_CONF_MEMCHR
|
||||||
# define SM_CONF_MEMCHR 1
|
# define SM_CONF_MEMCHR 1
|
||||||
# endif /* ! SM_CONF_MEMCHR */
|
# endif
|
||||||
|
|
||||||
/* try LLONG tests in libsm/t-types.c? */
|
/* try LLONG tests in libsm/t-types.c? */
|
||||||
# ifndef SM_CONF_TEST_LLONG
|
# ifndef SM_CONF_TEST_LLONG
|
||||||
# define SM_CONF_TEST_LLONG 1
|
# define SM_CONF_TEST_LLONG 1
|
||||||
# endif /* !SM_CONF_TEST_LLONG */
|
# endif
|
||||||
|
|
||||||
/* LDAP Checks */
|
/* LDAP Checks */
|
||||||
# if LDAPMAP
|
# if LDAPMAP
|
||||||
@ -161,9 +161,9 @@
|
|||||||
|
|
||||||
# if USING_NETSCAPE_LDAP || LDAP_API_VERSION >= 2004
|
# if USING_NETSCAPE_LDAP || LDAP_API_VERSION >= 2004
|
||||||
# define SM_CONF_LDAP_MEMFREE 1
|
# define SM_CONF_LDAP_MEMFREE 1
|
||||||
# else /* USING_NETSCAPE_LDAP || LDAP_API_VERSION >= 2004 */
|
# else
|
||||||
# define SM_CONF_LDAP_MEMFREE 0
|
# define SM_CONF_LDAP_MEMFREE 0
|
||||||
# endif /* USING_NETSCAPE_LDAP || LDAP_API_VERSION >= 2004 */
|
# endif
|
||||||
# endif /* ! SM_CONF_LDAP_MEMFREE */
|
# endif /* ! SM_CONF_LDAP_MEMFREE */
|
||||||
|
|
||||||
/* Does the LDAP library have ldap_initialize()? */
|
/* Does the LDAP library have ldap_initialize()? */
|
||||||
@ -177,13 +177,13 @@
|
|||||||
/* OpenLDAP does it with LDAP_OPT_URI */
|
/* OpenLDAP does it with LDAP_OPT_URI */
|
||||||
# ifdef LDAP_OPT_URI
|
# ifdef LDAP_OPT_URI
|
||||||
# define SM_CONF_LDAP_INITIALIZE 1
|
# define SM_CONF_LDAP_INITIALIZE 1
|
||||||
# endif /* LDAP_OPT_URI */
|
# endif
|
||||||
# endif /* !SM_CONF_LDAP_INITIALIZE */
|
# endif /* !SM_CONF_LDAP_INITIALIZE */
|
||||||
# endif /* LDAPMAP */
|
# endif /* LDAPMAP */
|
||||||
|
|
||||||
/* don't use strcpy() */
|
/* don't use strcpy() */
|
||||||
# ifndef DO_NOT_USE_STRCPY
|
# ifndef DO_NOT_USE_STRCPY
|
||||||
# define DO_NOT_USE_STRCPY 1
|
# define DO_NOT_USE_STRCPY 1
|
||||||
# endif /* ! DO_NOT_USE_STRCPY */
|
# endif
|
||||||
|
|
||||||
#endif /* ! SM_CONFIG_H */
|
#endif /* ! SM_CONFIG_H */
|
||||||
|
@ -94,7 +94,7 @@ struct sm_debug
|
|||||||
|
|
||||||
# ifndef SM_DEBUG_CHECK
|
# ifndef SM_DEBUG_CHECK
|
||||||
# define SM_DEBUG_CHECK 1
|
# define SM_DEBUG_CHECK 1
|
||||||
# endif /* ! SM_DEBUG_CHECK */
|
# endif
|
||||||
|
|
||||||
# if SM_DEBUG_CHECK
|
# if SM_DEBUG_CHECK
|
||||||
/*
|
/*
|
||||||
|
@ -18,12 +18,12 @@
|
|||||||
|
|
||||||
#if defined(__QNX__)
|
#if defined(__QNX__)
|
||||||
# define E_PSEUDOBASE 512
|
# define E_PSEUDOBASE 512
|
||||||
#endif /* defined(__QNX__) */
|
#endif
|
||||||
|
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
#if NEEDINTERRNO
|
#if NEEDINTERRNO
|
||||||
extern int errno;
|
extern int errno;
|
||||||
#endif /* NEEDINTERRNO */
|
#endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** These are used in a few cases where we need some special
|
** These are used in a few cases where we need some special
|
||||||
@ -33,7 +33,7 @@ extern int errno;
|
|||||||
|
|
||||||
#ifndef E_PSEUDOBASE
|
#ifndef E_PSEUDOBASE
|
||||||
# define E_PSEUDOBASE 256
|
# define E_PSEUDOBASE 256
|
||||||
#endif /* ! E_PSEUDOBASE */
|
#endif
|
||||||
|
|
||||||
#define E_SM_OPENTIMEOUT (E_PSEUDOBASE + 0) /* Timeout on file open */
|
#define E_SM_OPENTIMEOUT (E_PSEUDOBASE + 0) /* Timeout on file open */
|
||||||
#define E_SM_NOSLINK (E_PSEUDOBASE + 1) /* Symbolic links not allowed */
|
#define E_SM_NOSLINK (E_PSEUDOBASE + 1) /* Symbolic links not allowed */
|
||||||
@ -88,7 +88,6 @@ extern int errno;
|
|||||||
#define SMDBE_OLD_VERSION (E_SMDBBASE + 23)
|
#define SMDBE_OLD_VERSION (E_SMDBBASE + 23)
|
||||||
#define SMDBE_VERSION_MISMATCH (E_SMDBBASE + 24)
|
#define SMDBE_VERSION_MISMATCH (E_SMDBBASE + 24)
|
||||||
|
|
||||||
extern const char *sm_errstring __P((int _errno));
|
extern const char *sm_errstring __P((int _errnum));
|
||||||
|
|
||||||
|
|
||||||
#endif /* SM_ERRSTRING_H */
|
#endif /* SM_ERRSTRING_H */
|
||||||
|
@ -43,7 +43,7 @@
|
|||||||
# else /* SM_CONF_STDDEF_H */
|
# else /* SM_CONF_STDDEF_H */
|
||||||
# ifndef NULL
|
# ifndef NULL
|
||||||
# define NULL 0
|
# define NULL 0
|
||||||
# endif /* ! NULL */
|
# endif
|
||||||
# define offsetof(type, member) ((size_t)(&((type *)0)->member))
|
# define offsetof(type, member) ((size_t)(&((type *)0)->member))
|
||||||
# endif /* SM_CONF_STDDEF_H */
|
# endif /* SM_CONF_STDDEF_H */
|
||||||
|
|
||||||
|
@ -25,7 +25,7 @@
|
|||||||
/* change default to 0 for production? */
|
/* change default to 0 for production? */
|
||||||
# ifndef SM_HEAP_CHECK
|
# ifndef SM_HEAP_CHECK
|
||||||
# define SM_HEAP_CHECK 1
|
# define SM_HEAP_CHECK 1
|
||||||
# endif /* ! SM_HEAP_CHECK */
|
# endif
|
||||||
|
|
||||||
# if SM_HEAP_CHECK
|
# if SM_HEAP_CHECK
|
||||||
# define sm_malloc_x(sz) sm_malloc_tagged_x(sz, __FILE__, __LINE__, SmHeapGroup)
|
# define sm_malloc_x(sz) sm_malloc_tagged_x(sz, __FILE__, __LINE__, SmHeapGroup)
|
||||||
|
@ -53,7 +53,7 @@
|
|||||||
#define SM_IO_WHAT_MODE 1
|
#define SM_IO_WHAT_MODE 1
|
||||||
#define SM_IO_WHAT_VECTORS 2
|
#define SM_IO_WHAT_VECTORS 2
|
||||||
#define SM_IO_WHAT_FD 3
|
#define SM_IO_WHAT_FD 3
|
||||||
#define SM_IO_WHAT_TYPE 4
|
/* was WHAT_TYPE 4 unused */
|
||||||
#define SM_IO_WHAT_ISTYPE 5
|
#define SM_IO_WHAT_ISTYPE 5
|
||||||
#define SM_IO_IS_READABLE 6
|
#define SM_IO_IS_READABLE 6
|
||||||
#define SM_IO_WHAT_TIMEOUT 7
|
#define SM_IO_WHAT_TIMEOUT 7
|
||||||
@ -342,7 +342,7 @@ __END_DECLS
|
|||||||
__BEGIN_DECLS
|
__BEGIN_DECLS
|
||||||
int sm_rget __P((SM_FILE_T *, int));
|
int sm_rget __P((SM_FILE_T *, int));
|
||||||
int sm_vfscanf __P((SM_FILE_T *, int SM_NONVOLATILE, const char *,
|
int sm_vfscanf __P((SM_FILE_T *, int SM_NONVOLATILE, const char *,
|
||||||
va_list SM_NONVOLATILE));
|
va_list));
|
||||||
int sm_wbuf __P((SM_FILE_T *, int, int));
|
int sm_wbuf __P((SM_FILE_T *, int, int));
|
||||||
__END_DECLS
|
__END_DECLS
|
||||||
|
|
||||||
@ -383,7 +383,7 @@ __END_DECLS
|
|||||||
# ifndef _POSIX_SOURCE
|
# ifndef _POSIX_SOURCE
|
||||||
# define sm_io_getc(fp, t) sm_getc(fp, t)
|
# define sm_io_getc(fp, t) sm_getc(fp, t)
|
||||||
# define sm_io_putc(fp, t, x) sm_putc(fp, t, x)
|
# define sm_io_putc(fp, t, x) sm_putc(fp, t, x)
|
||||||
# endif /* _POSIX_SOURCE */
|
# endif
|
||||||
#endif /* lint */
|
#endif /* lint */
|
||||||
|
|
||||||
#endif /* SM_IO_H */
|
#endif /* SM_IO_H */
|
||||||
|
@ -22,13 +22,13 @@
|
|||||||
|
|
||||||
# ifndef LDAPMAP_MAX_ATTR
|
# ifndef LDAPMAP_MAX_ATTR
|
||||||
# define LDAPMAP_MAX_ATTR 64
|
# define LDAPMAP_MAX_ATTR 64
|
||||||
# endif /* ! LDAPMAP_MAX_ATTR */
|
# endif
|
||||||
# ifndef LDAPMAP_MAX_FILTER
|
# ifndef LDAPMAP_MAX_FILTER
|
||||||
# define LDAPMAP_MAX_FILTER 1024
|
# define LDAPMAP_MAX_FILTER 1024
|
||||||
# endif /* ! LDAPMAP_MAX_FILTER */
|
# endif
|
||||||
# ifndef LDAPMAP_MAX_PASSWD
|
# ifndef LDAPMAP_MAX_PASSWD
|
||||||
# define LDAPMAP_MAX_PASSWD 256
|
# define LDAPMAP_MAX_PASSWD 256
|
||||||
# endif /* ! LDAPMAP_MAX_PASSWD */
|
# endif
|
||||||
|
|
||||||
# if LDAPMAP
|
# if LDAPMAP
|
||||||
|
|
||||||
@ -91,9 +91,12 @@ struct sm_ldap_struct
|
|||||||
/* ldapmap_lookup options */
|
/* ldapmap_lookup options */
|
||||||
char ldap_attrsep;
|
char ldap_attrsep;
|
||||||
|
|
||||||
# if _FFR_LDAP_NETWORK_TIMEOUT
|
# if LDAP_NETWORK_TIMEOUT
|
||||||
int ldap_networktmo;
|
int ldap_networktmo;
|
||||||
# endif /* _FFR_LDAP_NETWORK_TIMEOUT */
|
# endif
|
||||||
|
# if _FFR_SM_LDAP_DBG
|
||||||
|
int ldap_debug;
|
||||||
|
# endif
|
||||||
|
|
||||||
/* Linked list of maps sharing the same LDAP binding */
|
/* Linked list of maps sharing the same LDAP binding */
|
||||||
void *ldap_next;
|
void *ldap_next;
|
||||||
@ -135,7 +138,7 @@ extern void sm_ldap_close __P((SM_LDAP_STRUCT *));
|
|||||||
/* Portability defines */
|
/* Portability defines */
|
||||||
# if !SM_CONF_LDAP_MEMFREE
|
# if !SM_CONF_LDAP_MEMFREE
|
||||||
# define ldap_memfree(x) ((void) 0)
|
# define ldap_memfree(x) ((void) 0)
|
||||||
# endif /* !SM_CONF_LDAP_MEMFREE */
|
# endif
|
||||||
|
|
||||||
# endif /* LDAPMAP */
|
# endif /* LDAPMAP */
|
||||||
#endif /* ! SM_LDAP_H */
|
#endif /* ! SM_LDAP_H */
|
||||||
|
@ -31,13 +31,13 @@
|
|||||||
|
|
||||||
# ifndef LLONG_MIN
|
# ifndef LLONG_MIN
|
||||||
# define LLONG_MIN ((LONGLONG_T)(~(ULLONG_MAX >> 1)))
|
# define LLONG_MIN ((LONGLONG_T)(~(ULLONG_MAX >> 1)))
|
||||||
# endif /* ! LLONG_MIN */
|
# endif
|
||||||
# ifndef LLONG_MAX
|
# ifndef LLONG_MAX
|
||||||
# define LLONG_MAX ((LONGLONG_T)(ULLONG_MAX >> 1))
|
# define LLONG_MAX ((LONGLONG_T)(ULLONG_MAX >> 1))
|
||||||
# endif /* ! LLONG_MAX */
|
# endif
|
||||||
# ifndef ULLONG_MAX
|
# ifndef ULLONG_MAX
|
||||||
# define ULLONG_MAX ((ULONGLONG_T)(-1))
|
# define ULLONG_MAX ((ULONGLONG_T)(-1))
|
||||||
# endif /* ! ULLONG_MAX */
|
# endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** PATH_MAX is defined by the POSIX standard. All modern systems
|
** PATH_MAX is defined by the POSIX standard. All modern systems
|
||||||
@ -47,9 +47,9 @@
|
|||||||
# ifndef PATH_MAX
|
# ifndef PATH_MAX
|
||||||
# ifdef MAXPATHLEN
|
# ifdef MAXPATHLEN
|
||||||
# define PATH_MAX MAXPATHLEN
|
# define PATH_MAX MAXPATHLEN
|
||||||
# else /* MAXPATHLEN */
|
# else
|
||||||
# define PATH_MAX 2048
|
# define PATH_MAX 2048
|
||||||
# endif /* MAXPATHLEN */
|
# endif
|
||||||
# endif /* ! PATH_MAX */
|
# endif /* ! PATH_MAX */
|
||||||
|
|
||||||
#endif /* ! SM_LIMITS_H */
|
#endif /* ! SM_LIMITS_H */
|
||||||
|
19
contrib/sendmail/include/sm/notify.h
Normal file
19
contrib/sendmail/include/sm/notify.h
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
/*
|
||||||
|
* Copyright (c) 2016 Proofpoint, Inc. and its suppliers.
|
||||||
|
* All rights reserved.
|
||||||
|
*
|
||||||
|
* By using this file, you agree to the terms and conditions set
|
||||||
|
* forth in the LICENSE file which can be found at the top level of
|
||||||
|
* the sendmail distribution.
|
||||||
|
*/
|
||||||
|
|
||||||
|
#ifndef SM_NOTIFY_H
|
||||||
|
#define SM_NOTIFY_H
|
||||||
|
|
||||||
|
int sm_notify_init __P((int));
|
||||||
|
int sm_notify_start __P((bool, int));
|
||||||
|
int sm_notify_stop __P((bool, int));
|
||||||
|
int sm_notify_rcv __P((char *, size_t, int));
|
||||||
|
int sm_notify_snd __P((char *, size_t));
|
||||||
|
|
||||||
|
#endif /* ! SM_MSG_H */
|
@ -1,12 +1,10 @@
|
|||||||
/*
|
/*
|
||||||
* Copyright (c) 2000-2001 Proofpoint, Inc. and its suppliers.
|
* Copyright (c) 2000-2001, 2018 Proofpoint, Inc. and its suppliers.
|
||||||
* All rights reserved.
|
* All rights reserved.
|
||||||
*
|
*
|
||||||
* By using this file, you agree to the terms and conditions set
|
* By using this file, you agree to the terms and conditions set
|
||||||
* forth in the LICENSE file which can be found at the top level of
|
* forth in the LICENSE file which can be found at the top level of
|
||||||
* the sendmail distribution.
|
* the sendmail distribution.
|
||||||
*
|
|
||||||
* $Id: sm_os_freebsd.h,v 1.12 2013-11-22 20:51:34 ca Exp $
|
|
||||||
*/
|
*/
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@ -32,10 +30,14 @@
|
|||||||
|
|
||||||
#ifndef SM_CONF_SHM
|
#ifndef SM_CONF_SHM
|
||||||
# define SM_CONF_SHM 1
|
# define SM_CONF_SHM 1
|
||||||
#endif /* SM_CONF_SHM */
|
#endif
|
||||||
#ifndef SM_CONF_SEM
|
#ifndef SM_CONF_SEM
|
||||||
# define SM_CONF_SEM 2
|
# if __FreeBSD__ > 11
|
||||||
#endif /* SM_CONF_SEM */
|
# define SM_CONF_SEM 2 /* union semun is now longer available by default */
|
||||||
|
# else
|
||||||
|
# define SM_CONF_SEM 1
|
||||||
|
# endif
|
||||||
|
#endif
|
||||||
#ifndef SM_CONF_MSG
|
#ifndef SM_CONF_MSG
|
||||||
# define SM_CONF_MSG 1
|
# define SM_CONF_MSG 1
|
||||||
#endif /* SM_CONF_MSG */
|
#endif
|
||||||
|
@ -123,7 +123,7 @@ typedef struct
|
|||||||
#if _FFR_PERF_RPOOL
|
#if _FFR_PERF_RPOOL
|
||||||
int sm_nbigblocks;
|
int sm_nbigblocks;
|
||||||
int sm_npools;
|
int sm_npools;
|
||||||
#endif /* _FFR_PERF_RPOOL */
|
#endif
|
||||||
|
|
||||||
} SM_RPOOL_T;
|
} SM_RPOOL_T;
|
||||||
|
|
||||||
@ -167,10 +167,10 @@ sm_rpool_malloc __P((
|
|||||||
|
|
||||||
#if DO_NOT_USE_STRCPY
|
#if DO_NOT_USE_STRCPY
|
||||||
extern char *sm_rpool_strdup_x __P((SM_RPOOL_T *rpool, const char *s));
|
extern char *sm_rpool_strdup_x __P((SM_RPOOL_T *rpool, const char *s));
|
||||||
#else /* DO_NOT_USE_STRCPY */
|
#else
|
||||||
# define sm_rpool_strdup_x(rpool, str) \
|
# define sm_rpool_strdup_x(rpool, str) \
|
||||||
strcpy(sm_rpool_malloc_x(rpool, strlen(str) + 1), str)
|
strcpy(sm_rpool_malloc_x(rpool, strlen(str) + 1), str)
|
||||||
#endif /* DO_NOT_USE_STRCPY */
|
#endif
|
||||||
|
|
||||||
extern SM_RPOOL_ATTACH_T
|
extern SM_RPOOL_ATTACH_T
|
||||||
sm_rpool_attach_x __P((
|
sm_rpool_attach_x __P((
|
||||||
|
@ -35,10 +35,10 @@ union semun
|
|||||||
|
|
||||||
# ifndef SEM_A
|
# ifndef SEM_A
|
||||||
# define SEM_A 0200
|
# define SEM_A 0200
|
||||||
# endif /* SEM_A */
|
# endif
|
||||||
# ifndef SEM_R
|
# ifndef SEM_R
|
||||||
# define SEM_R 0400
|
# define SEM_R 0400
|
||||||
# endif /* SEM_R */
|
# endif
|
||||||
|
|
||||||
# define SM_NSEM 1
|
# define SM_NSEM 1
|
||||||
|
|
||||||
|
@ -34,10 +34,10 @@ extern int sm_shmsetowner __P((int, uid_t, gid_t, mode_t));
|
|||||||
/* for those braindead systems... (e.g., SunOS 4) */
|
/* for those braindead systems... (e.g., SunOS 4) */
|
||||||
# ifndef SHM_R
|
# ifndef SHM_R
|
||||||
# define SHM_R 0400
|
# define SHM_R 0400
|
||||||
# endif /* SHM_R */
|
# endif
|
||||||
# ifndef SHM_W
|
# ifndef SHM_W
|
||||||
# define SHM_W 0200
|
# define SHM_W 0200
|
||||||
# endif /* SHM_W */
|
# endif
|
||||||
|
|
||||||
# endif /* SM_CONF_SHM */
|
# endif /* SM_CONF_SHM */
|
||||||
#endif /* ! SM_SHM_H */
|
#endif /* ! SM_SHM_H */
|
||||||
|
@ -30,7 +30,7 @@ extern bool
|
|||||||
sm_match __P((const char *_str, const char *_pattern));
|
sm_match __P((const char *_str, const char *_pattern));
|
||||||
|
|
||||||
extern char *
|
extern char *
|
||||||
sm_strdup __P((char *));
|
sm_strdup __P((const char *));
|
||||||
|
|
||||||
extern char *
|
extern char *
|
||||||
sm_strndup_x __P((const char *_str, size_t _len));
|
sm_strndup_x __P((const char *_str, size_t _len));
|
||||||
@ -87,7 +87,7 @@ sm_strlcpyn __P((char *,
|
|||||||
# if !HASSTRERROR
|
# if !HASSTRERROR
|
||||||
extern char *
|
extern char *
|
||||||
strerror __P((int _errno));
|
strerror __P((int _errno));
|
||||||
# endif /* !HASSTRERROR */
|
# endif
|
||||||
|
|
||||||
extern int
|
extern int
|
||||||
sm_strrevcmp __P((const char *, const char *));
|
sm_strrevcmp __P((const char *, const char *));
|
||||||
@ -109,5 +109,7 @@ sm_strtoull __P((const char *, char**, int));
|
|||||||
|
|
||||||
extern void
|
extern void
|
||||||
stripquotes __P((char *));
|
stripquotes __P((char *));
|
||||||
|
extern void
|
||||||
|
unfoldstripquotes __P((char *));
|
||||||
|
|
||||||
#endif /* SM_STRING_H */
|
#endif /* SM_STRING_H */
|
||||||
|
@ -20,9 +20,9 @@
|
|||||||
|
|
||||||
# if defined(__STDC__) || defined(__cplusplus)
|
# if defined(__STDC__) || defined(__cplusplus)
|
||||||
# define SM_TEST(cond) sm_test(cond, #cond, __FILE__, __LINE__)
|
# define SM_TEST(cond) sm_test(cond, #cond, __FILE__, __LINE__)
|
||||||
# else /* defined(__STDC__) || defined(__cplusplus) */
|
# else
|
||||||
# define SM_TEST(cond) sm_test(cond, "cond", __FILE__, __LINE__)
|
# define SM_TEST(cond) sm_test(cond, "cond", __FILE__, __LINE__)
|
||||||
# endif /* defined(__STDC__) || defined(__cplusplus) */
|
# endif
|
||||||
|
|
||||||
extern int SmTestIndex;
|
extern int SmTestIndex;
|
||||||
extern int SmTestNumErrors;
|
extern int SmTestNumErrors;
|
||||||
|
@ -38,11 +38,11 @@
|
|||||||
# if !SM_CONF_UID_GID
|
# if !SM_CONF_UID_GID
|
||||||
# define uid_t int
|
# define uid_t int
|
||||||
# define gid_t int
|
# define gid_t int
|
||||||
# endif /* !SM_CONF_UID_GID */
|
# endif
|
||||||
|
|
||||||
# if !SM_CONF_SSIZE_T
|
# if !SM_CONF_SSIZE_T
|
||||||
# define ssize_t int
|
# define ssize_t int
|
||||||
# endif /* !SM_CONF_SSIZE_T */
|
# endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
** Define LONGLONG_T and ULONGLONG_T, which are portable locutions
|
** Define LONGLONG_T and ULONGLONG_T, which are portable locutions
|
||||||
|
@ -32,6 +32,11 @@
|
|||||||
# define SM_VA_COPY(dst, src) __va_copy((dst), (src))
|
# define SM_VA_COPY(dst, src) __va_copy((dst), (src))
|
||||||
# else
|
# else
|
||||||
# define SM_VA_COPY(dst, src) memcpy(&(dst), &(src), sizeof((dst)))
|
# define SM_VA_COPY(dst, src) memcpy(&(dst), &(src), sizeof((dst)))
|
||||||
|
# define SM_VA_END_COPY(ap) do { } while (0)
|
||||||
|
# endif
|
||||||
|
|
||||||
|
# ifndef SM_VA_END_COPY
|
||||||
|
# define SM_VA_END_COPY(ap) va_end(ap)
|
||||||
# endif
|
# endif
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -25,9 +25,9 @@ extern SM_DEBUG_T SmXtrapReport;
|
|||||||
|
|
||||||
# if SM_DEBUG_CHECK
|
# if SM_DEBUG_CHECK
|
||||||
# define sm_xtrap_check() (++SmXtrapCount == sm_debug_level(&SmXtrapDebug))
|
# define sm_xtrap_check() (++SmXtrapCount == sm_debug_level(&SmXtrapDebug))
|
||||||
# else /* SM_DEBUG_CHECK */
|
# else
|
||||||
# define sm_xtrap_check() (0)
|
# define sm_xtrap_check() (0)
|
||||||
# endif /* SM_DEBUG_CHECK */
|
# endif
|
||||||
|
|
||||||
# define sm_xtrap_raise_x(exc) \
|
# define sm_xtrap_raise_x(exc) \
|
||||||
if (sm_xtrap_check()) \
|
if (sm_xtrap_check()) \
|
||||||
|
@ -6,10 +6,10 @@ OPTIONS= $(CONFIG) $(FLAGS)
|
|||||||
|
|
||||||
all: FRC
|
all: FRC
|
||||||
$(SHELL) $(BUILD) $(OPTIONS) $@
|
$(SHELL) $(BUILD) $(OPTIONS) $@
|
||||||
check: FRC
|
|
||||||
$(SHELL) $(BUILD) $(OPTIONS) $@
|
|
||||||
clean: FRC
|
clean: FRC
|
||||||
$(SHELL) $(BUILD) $(OPTIONS) $@
|
$(SHELL) $(BUILD) $(OPTIONS) $@
|
||||||
|
check: FRC
|
||||||
|
$(SHELL) $(BUILD) $(OPTIONS) $@
|
||||||
install: FRC
|
install: FRC
|
||||||
$(SHELL) $(BUILD) $(OPTIONS) $@
|
$(SHELL) $(BUILD) $(OPTIONS) $@
|
||||||
|
|
||||||
|
@ -207,28 +207,19 @@ libmilter requires pthread support in the operating system. Moreover, it
|
|||||||
requires that the library functions it uses are thread safe; which is true
|
requires that the library functions it uses are thread safe; which is true
|
||||||
for the operating systems libmilter has been developed and tested on. On
|
for the operating systems libmilter has been developed and tested on. On
|
||||||
some operating systems this requires special compile time options (e.g.,
|
some operating systems this requires special compile time options (e.g.,
|
||||||
not just -pthread). libmilter is currently known to work on (modulo problems
|
not just -pthread).
|
||||||
in the pthread support of some specific versions):
|
|
||||||
|
|
||||||
FreeBSD 3.x, 4.x
|
|
||||||
SunOS 5.x (x >= 5)
|
|
||||||
AIX 4.3.x
|
|
||||||
HP UX 11.x
|
|
||||||
Linux (recent versions/distributions)
|
|
||||||
|
|
||||||
libmilter is currently not supported on:
|
|
||||||
|
|
||||||
|
So far, libmilter is not supported on:
|
||||||
IRIX 6.x
|
IRIX 6.x
|
||||||
Ultrix
|
Ultrix
|
||||||
|
|
||||||
Feedback about problems (and possible fixes) is welcome.
|
Feedback about problems (and possible fixes) is welcome.
|
||||||
|
|
||||||
|
|
||||||
+--------------------------+
|
+--------------------------+
|
||||||
| SOURCE FOR SAMPLE FILTER |
|
| SOURCE FOR SAMPLE FILTER |
|
||||||
+--------------------------+
|
+--------------------------+
|
||||||
|
|
||||||
Note that the filter example.c may not be thread safe on some operating
|
Note that the filter example.c may not be thread safe on some operating
|
||||||
systems. You should check your system man pages for the functions used
|
systems. You should check your system man pages for the functions used
|
||||||
below to verify the functions are thread safe.
|
to verify they are thread safe.
|
||||||
|
|
||||||
$Revision: 8.42 $, Last updated $Date: 2006-06-29 17:10:16 $
|
|
||||||
|
@ -139,9 +139,9 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name)
|
|||||||
}
|
}
|
||||||
#if _FFR_ADD_NULL
|
#if _FFR_ADD_NULL
|
||||||
buf = malloc(expl + 1);
|
buf = malloc(expl + 1);
|
||||||
#else /* _FFR_ADD_NULL */
|
#else
|
||||||
buf = malloc(expl);
|
buf = malloc(expl);
|
||||||
#endif /* _FFR_ADD_NULL */
|
#endif
|
||||||
if (buf == NULL)
|
if (buf == NULL)
|
||||||
{
|
{
|
||||||
*cmd = SMFIC_MALLOC;
|
*cmd = SMFIC_MALLOC;
|
||||||
@ -194,7 +194,7 @@ mi_rd_cmd(sd, timeout, cmd, rlen, name)
|
|||||||
#if _FFR_ADD_NULL
|
#if _FFR_ADD_NULL
|
||||||
/* makes life simpler for common string routines */
|
/* makes life simpler for common string routines */
|
||||||
buf[expl] = '\0';
|
buf[expl] = '\0';
|
||||||
#endif /* _FFR_ADD_NULL */
|
#endif
|
||||||
return buf;
|
return buf;
|
||||||
}
|
}
|
||||||
i += len;
|
i += len;
|
||||||
|
@ -26,8 +26,9 @@ Each function will return either MI_SUCCESS or MI_FAILURE to
|
|||||||
indicate the status of the operation.
|
indicate the status of the operation.
|
||||||
|
|
||||||
<P>
|
<P>
|
||||||
None of these functions communicate with the MTA. All alter the
|
None of these functions communicate with the MTA.
|
||||||
library's state, some of which is communicated to the MTA inside
|
All alter the library's state, some of which
|
||||||
|
is communicated to the MTA inside
|
||||||
<A HREF="smfi_main.html">smfi_main</A>.
|
<A HREF="smfi_main.html">smfi_main</A>.
|
||||||
|
|
||||||
<P>
|
<P>
|
||||||
@ -80,26 +81,31 @@ The following functions change a message's contents and attributes.
|
|||||||
<EM>They may only be called in <A HREF="xxfi_eom.html">xxfi_eom</A></EM>.
|
<EM>They may only be called in <A HREF="xxfi_eom.html">xxfi_eom</A></EM>.
|
||||||
All of these functions may invoke additional communication with the MTA.
|
All of these functions may invoke additional communication with the MTA.
|
||||||
They will return either MI_SUCCESS or MI_FAILURE to indicate the status of
|
They will return either MI_SUCCESS or MI_FAILURE to indicate the status of
|
||||||
the operation. Message data (senders, recipients, headers, body chunks)
|
the operation.
|
||||||
|
Message data (senders, recipients, headers, body chunks)
|
||||||
passed to these functions via parameters is copied and does not need to be
|
passed to these functions via parameters is copied and does not need to be
|
||||||
preserved (i.e., allocated memory can be freed).
|
preserved (i.e., allocated memory can be freed).
|
||||||
|
|
||||||
<P>
|
<P>
|
||||||
A filter must have set the appropriate flag (listed below) in the
|
A filter which might call a message modification function
|
||||||
description passed to <A HREF="smfi_register.html">smfi_register</A>
|
must set the appropriate flag
|
||||||
to call any message modification function. Failure to do so will
|
(<A HREF="#SMFIF">listed below</A>),
|
||||||
cause the MTA to treat a call to the function as a failure of the
|
either
|
||||||
filter, terminating its connection.
|
in the description passed to <A HREF="smfi_register.html">smfi_register</A>
|
||||||
|
or via <A HREF="xxfi_negotiate.html">xxfi_negotiate</A>.
|
||||||
|
Failure to do so will cause the MTA to treat a call to the function
|
||||||
|
as a failure of the filter, terminating its connection.
|
||||||
|
|
||||||
<P>
|
<P>
|
||||||
Note that the status returned indicates only whether or not the
|
Note that the status returned indicates only whether or not the
|
||||||
filter's message was successfully sent to the MTA, not whether or not
|
filter's message was successfully sent to the MTA, not whether or not
|
||||||
the MTA performed the requested operation. For example,
|
the MTA performed the requested operation.
|
||||||
|
For example,
|
||||||
<A HREF="smfi_addheader.html">smfi_addheader</A>, when called with an
|
<A HREF="smfi_addheader.html">smfi_addheader</A>, when called with an
|
||||||
illegal header name, will return MI_SUCCESS even though the MTA may
|
illegal header name, will return MI_SUCCESS even though the MTA may
|
||||||
later refuse to add the illegal header.
|
later refuse to add the illegal header.
|
||||||
<P>
|
<P>
|
||||||
<TABLE BORDER="1" CELLSPACING=0 CELLPADDING=2><TR BGCOLOR="#dddddd"><TH>Function</TH><TH>Description</TH><TH>SMFIF_* flag</TR>
|
<TABLE BORDER="1" CELLSPACING=0 CELLPADDING=2><TR BGCOLOR="#dddddd"><TH>Function</TH><TH>Description</TH><TH><A NAME="SMFIF">SMFIF_* flag</A></TH></TR>
|
||||||
<TR><TD><A HREF="smfi_addheader.html">smfi_addheader</A></TD><TD>Add a header to
|
<TR><TD><A HREF="smfi_addheader.html">smfi_addheader</A></TD><TD>Add a header to
|
||||||
the message.</TD><TD>SMFIF_ADDHDRS</TD></TR>
|
the message.</TD><TD>SMFIF_ADDHDRS</TD></TR>
|
||||||
|
|
||||||
@ -180,27 +186,30 @@ which are registered via <A HREF="smfi_register.html">smfi_register</A>:
|
|||||||
|
|
||||||
<TR><TD><A HREF="xxfi_close.html">xxfi_close</A></TD><TD>connection cleanup</TD></TR>
|
<TR><TD><A HREF="xxfi_close.html">xxfi_close</A></TD><TD>connection cleanup</TD></TR>
|
||||||
|
|
||||||
<TR><TD><A HREF="xxfi_negotiate.html">xxfi_negotiate</A></TD><TD>option negotiattion</TD></TR>
|
<TR><TD><A HREF="xxfi_negotiate.html">xxfi_negotiate</A></TD><TD>option negotiation</TD></TR>
|
||||||
|
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
|
||||||
<P>
|
<P>
|
||||||
The above callbacks should all return one of the following return values,
|
The above callbacks should all return one of the following return values,
|
||||||
having the indicated meanings. Any return other than one of the below
|
having the indicated meanings.
|
||||||
values constitutes an error, and will cause sendmail to terminate its
|
Any return other than one of the below values constitutes an error,
|
||||||
connection to the offending filter.
|
and will cause sendmail to terminate its connection to the offending filter.
|
||||||
|
|
||||||
<P><A NAME="conn-spec">Milter</A> distinguishes between recipient-,
|
<P><A NAME="conn-spec">Milter</A> distinguishes between recipient-,
|
||||||
message-, and connection-oriented routines. Recipient-oriented
|
message-, and connection-oriented routines.
|
||||||
callbacks may affect the processing of a single message recipient;
|
Recipient-oriented callbacks may affect the processing
|
||||||
message-oriented callbacks, a single message; connection-oriented
|
of a single message recipient;
|
||||||
callbacks, an entire connection (during which multiple messages may be
|
message-oriented callbacks, a single message;
|
||||||
delivered to multiple sets of recipients).
|
connection-oriented callbacks, an entire connection
|
||||||
|
(during which multiple messages may be delivered
|
||||||
|
to multiple sets of recipients).
|
||||||
<A HREF="xxfi_envrcpt.html">xxfi_envrcpt</A> is recipient-oriented.
|
<A HREF="xxfi_envrcpt.html">xxfi_envrcpt</A> is recipient-oriented.
|
||||||
|
<A HREF="xxfi_negotiate.html">xxfi_negotiate</A>,
|
||||||
<A HREF="xxfi_connect.html">xxfi_connect</A>,
|
<A HREF="xxfi_connect.html">xxfi_connect</A>,
|
||||||
<A HREF="xxfi_helo.html">xxfi_helo</A> and
|
<A HREF="xxfi_helo.html">xxfi_helo</A> and
|
||||||
<A HREF="xxfi_close.html">xxfi_close</A> are connection-oriented. All
|
<A HREF="xxfi_close.html">xxfi_close</A> are connection-oriented.
|
||||||
other callbacks are message-oriented.
|
All other callbacks are message-oriented.
|
||||||
|
|
||||||
<P>
|
<P>
|
||||||
<TABLE BORDER="1" CELLSPACING=0 CELLPADDING=2>
|
<TABLE BORDER="1" CELLSPACING=0 CELLPADDING=2>
|
||||||
@ -233,8 +242,8 @@ other callbacks are message-oriented.
|
|||||||
<TR valign="top">
|
<TR valign="top">
|
||||||
<TD>SMFIS_TEMPFAIL</TD>
|
<TD>SMFIS_TEMPFAIL</TD>
|
||||||
<TD>Return a temporary failure, i.e., the corresponding SMTP command will return an appropriate 4xx status code.
|
<TD>Return a temporary failure, i.e., the corresponding SMTP command will return an appropriate 4xx status code.
|
||||||
For a message-oriented routine (except <A HREF="xxfi_envfrom.html">xxfi_envfrom</A>), fail for this message. <BR>
|
For a message-oriented routine (except <A HREF="xxfi_envfrom.html">xxfi_envfrom</A>), fail for this message.<BR>
|
||||||
For a connection-oriented routine, fail for this connection; call <A HREF="xxfi_close.html">xxfi_close</A>. <BR>
|
For a connection-oriented routine, fail for this connection; call <A HREF="xxfi_close.html">xxfi_close</A>.<BR>
|
||||||
For a recipient-oriented routine, only fail for the current recipient; continue message processing.
|
For a recipient-oriented routine, only fail for the current recipient; continue message processing.
|
||||||
</TD>
|
</TD>
|
||||||
</TR>
|
</TR>
|
||||||
|
@ -31,11 +31,15 @@ administrator to combine multiple independently-developed filters.
|
|||||||
<P>
|
<P>
|
||||||
We expect to see both vendor-supplied, configurable mail filtering
|
We expect to see both vendor-supplied, configurable mail filtering
|
||||||
applications and a multiplicity of script-like filters designed by and
|
applications and a multiplicity of script-like filters designed by and
|
||||||
for MTA administrators. A certain degree of coding sophistication and
|
for MTA administrators.
|
||||||
domain knowledge on the part of the filter provider is assumed. This
|
A certain degree of coding sophistication and
|
||||||
allows filters to exercise fine-grained control at the SMTP level.
|
domain knowledge on the part of the filter provider is assumed.
|
||||||
|
This allows filters to exercise fine-grained control at the SMTP level.
|
||||||
However, as will be seen in the example, many filtering applications
|
However, as will be seen in the example, many filtering applications
|
||||||
can be written with relatively little protocol knowledge.
|
can be written with relatively little protocol knowledge,
|
||||||
|
but a basic understanding (e.g., as documented in RFC 5321:
|
||||||
|
<EM>The dialog is purposely lock-step, one-at-a-time</EM>)
|
||||||
|
is necessary.
|
||||||
|
|
||||||
<P>
|
<P>
|
||||||
Given these expectations, the API is designed to achieve the following
|
Given these expectations, the API is designed to achieve the following
|
||||||
|
@ -71,7 +71,7 @@ connection.
|
|||||||
The MTA will try to contact the filter again on each new connection.
|
The MTA will try to contact the filter again on each new connection.
|
||||||
|
|
||||||
<P>
|
<P>
|
||||||
There are three fields inside of the <CODE>T=</CODE> equate: S, R, and E.
|
There are four fields inside of the <CODE>T=</CODE> equate: C, S, R, and E.
|
||||||
Note the separator between each is a ";" (semicolon), as ","
|
Note the separator between each is a ";" (semicolon), as ","
|
||||||
(comma) already separates equates.
|
(comma) already separates equates.
|
||||||
The value of each field is a decimal number followed by a single letter
|
The value of each field is a decimal number followed by a single letter
|
||||||
|
@ -59,6 +59,8 @@ returns to <CODE>MESSAGE</CODE>.
|
|||||||
<PRE>
|
<PRE>
|
||||||
For each of N connections
|
For each of N connections
|
||||||
{
|
{
|
||||||
|
For each filter
|
||||||
|
egotiate MTA/milter capabilities/requirements (<A HREF="xxfi_negotiate.html">xxfi_negotiate</A>)
|
||||||
For each filter
|
For each filter
|
||||||
process connection (<A HREF="xxfi_connect.html">xxfi_connect</A>)
|
process connection (<A HREF="xxfi_connect.html">xxfi_connect</A>)
|
||||||
For each filter
|
For each filter
|
||||||
@ -203,11 +205,21 @@ communication with the MTA happens.
|
|||||||
Filters are not terminated asynchronously
|
Filters are not terminated asynchronously
|
||||||
(except by signals that can't be caught).
|
(except by signals that can't be caught).
|
||||||
In the case of <TT>Abort</TT> the
|
In the case of <TT>Abort</TT> the
|
||||||
<A HREF="xxfi_abort.html">xxfi_abort</A> callback is invoked.
|
<A HREF="xxfi_abort.html">xxfi_abort</A> callback is usually invoked
|
||||||
|
if there is an active transaction.
|
||||||
|
However, if an invoked callback takes too long to execute
|
||||||
|
(the maximum time <TT>Abort</TT> waits is currently 5s)
|
||||||
|
<!-- XREF: MI_CHK_TIME -->
|
||||||
|
then the filter is simply terminated, i.e.,
|
||||||
|
neither the
|
||||||
|
<A HREF="xxfi_abort.html">xxfi_abort</A> callback
|
||||||
|
nor the
|
||||||
|
<A HREF="xxfi_close.html">xxfi_close</A> callback
|
||||||
|
is invoked.
|
||||||
|
|
||||||
<HR size="1">
|
<HR size="1">
|
||||||
<FONT size="-1">
|
<FONT size="-1">
|
||||||
Copyright (c) 2000, 2001, 2003, 2006 Proofpoint, Inc. and its suppliers.
|
Copyright (c) 2000, 2001, 2003, 2006, 2018 Proofpoint, Inc. and its suppliers.
|
||||||
All rights reserved.
|
All rights reserved.
|
||||||
<BR>
|
<BR>
|
||||||
By using this file, you agree to the terms and conditions set
|
By using this file, you agree to the terms and conditions set
|
||||||
|
@ -187,7 +187,7 @@ sfsistat
|
|||||||
++argc;
|
++argc;
|
||||||
|
|
||||||
/* log this recipient */
|
/* log this recipient */
|
||||||
if (reject != NULL && rcptaddr != NULL &&
|
if (reject != NULL && rcptaddr != NULL &&
|
||||||
(strcasecmp(rcptaddr, reject) == 0))
|
(strcasecmp(rcptaddr, reject) == 0))
|
||||||
{
|
{
|
||||||
if (fprintf(priv->mlfi_fp, "RCPT %s -- REJECTED\n",
|
if (fprintf(priv->mlfi_fp, "RCPT %s -- REJECTED\n",
|
||||||
@ -298,7 +298,7 @@ mlfi_cleanup(ctx, ok)
|
|||||||
return rstat;
|
return rstat;
|
||||||
|
|
||||||
/* close the archive file */
|
/* close the archive file */
|
||||||
if (priv->mlfi_fp != NULL && fclose(priv->mlfi_fp) == EOF)
|
if (priv->mlfi_fp != NULL && fclose(priv->mlfi_fp) == EOF)
|
||||||
{
|
{
|
||||||
/* failed; we have to wait until later */
|
/* failed; we have to wait until later */
|
||||||
fprintf(stderr, "Couldn't close archive file %s: %s\n",
|
fprintf(stderr, "Couldn't close archive file %s: %s\n",
|
||||||
|
@ -32,6 +32,7 @@ Add a header to the current message.
|
|||||||
<TD>Adds a header to the current message.</TD>
|
<TD>Adds a header to the current message.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
@ -59,7 +60,7 @@ Add a header to the current message.
|
|||||||
<LI>Adding headers in the current connection state is invalid.
|
<LI>Adding headers in the current connection state is invalid.
|
||||||
<LI>Memory allocation fails.
|
<LI>Memory allocation fails.
|
||||||
<LI>A network error occurs.
|
<LI>A network error occurs.
|
||||||
<LI>SMFIF_ADDHDRS was not set when <A href="smfi_register.html">smfi_register</A> was called.
|
<LI><A HREF="smfi_register.html#SMFIF_ADDHDRS">SMFIF_ADDHDRS</A> is not set.
|
||||||
</UL>
|
</UL>
|
||||||
Otherwise, it returns MI_SUCCESS.
|
Otherwise, it returns MI_SUCCESS.
|
||||||
</TD>
|
</TD>
|
||||||
@ -72,9 +73,8 @@ Otherwise, it returns MI_SUCCESS.
|
|||||||
<UL><LI>smfi_addheader does not change a message's existing headers.
|
<UL><LI>smfi_addheader does not change a message's existing headers.
|
||||||
To change a header's current value, use
|
To change a header's current value, use
|
||||||
<A HREF="smfi_chgheader.html">smfi_chgheader</A>.
|
<A HREF="smfi_chgheader.html">smfi_chgheader</A>.
|
||||||
<LI>A filter which calls smfi_addheader must have set the SMFIF_ADDHDRS
|
<LI>A filter which calls smfi_addheader must have set the
|
||||||
flag in the smfiDesc_str passed to
|
<A HREF="smfi_register.html#SMFIF_ADDHDRS">SMFIF_ADDHDRS</A> flag.
|
||||||
<A href="smfi_register.html">smfi_register</A>.
|
|
||||||
<LI>For smfi_addheader, filter order is important.
|
<LI>For smfi_addheader, filter order is important.
|
||||||
<B>Later filters will see the header changes made by earlier ones.</B>
|
<B>Later filters will see the header changes made by earlier ones.</B>
|
||||||
<LI>Neither the name nor the value of the header is checked for
|
<LI>Neither the name nor the value of the header is checked for
|
||||||
|
@ -31,6 +31,7 @@ Add a recipient for the current message.
|
|||||||
<TD>Add a recipient to the message envelope.</TD>
|
<TD>Add a recipient to the message envelope.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
@ -53,7 +54,7 @@ Add a recipient for the current message.
|
|||||||
<UL><LI>rcpt is NULL.
|
<UL><LI>rcpt is NULL.
|
||||||
<LI>Adding recipients in the current connection state is invalid.
|
<LI>Adding recipients in the current connection state is invalid.
|
||||||
<LI>A network error occurs.
|
<LI>A network error occurs.
|
||||||
<LI>SMFIF_ADDRCPT was not set when <A href="smfi_register.html">smfi_register</A> was called.
|
<LI><A HREF="smfi_register.html#SMFIF_ADDRCPT">SMFIF_ADDRCPT</A> is not set.
|
||||||
</UL>
|
</UL>
|
||||||
Otherwise, it will return MI_SUCCESS.
|
Otherwise, it will return MI_SUCCESS.
|
||||||
</TD>
|
</TD>
|
||||||
@ -63,9 +64,8 @@ Otherwise, it will return MI_SUCCESS.
|
|||||||
<TR align="left" valign=top>
|
<TR align="left" valign=top>
|
||||||
<TH>NOTES</TH>
|
<TH>NOTES</TH>
|
||||||
<TD>
|
<TD>
|
||||||
A filter which calls smfi_addrcpt must have set the SMFIF_ADDRCPT flag
|
A filter which calls smfi_addrcpt must have set the
|
||||||
in the smfiDesc_str passed to
|
<A HREF="smfi_register.html#SMFIF_ADDRCPT">SMFIF_ADDRCPT</A> flag.
|
||||||
<A href="smfi_register.html">smfi_register</A>.
|
|
||||||
</TD>
|
</TD>
|
||||||
</TR>
|
</TR>
|
||||||
|
|
||||||
|
@ -32,6 +32,7 @@ Add a recipient for the current message including ESMTP arguments.
|
|||||||
<TD>Add a recipient to the message envelope.</TD>
|
<TD>Add a recipient to the message envelope.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
@ -53,12 +54,11 @@ Add a recipient for the current message including ESMTP arguments.
|
|||||||
<TR>
|
<TR>
|
||||||
<TH valign="top" align=left>RETURN VALUES</TH>
|
<TH valign="top" align=left>RETURN VALUES</TH>
|
||||||
|
|
||||||
<TD>smfi_addrcpt will fail and return MI_FAILURE if:
|
<TD>smfi_addrcpt_par will fail and return MI_FAILURE if:
|
||||||
<UL><LI>rcpt is NULL.
|
<UL><LI>rcpt is NULL.
|
||||||
<LI>Adding recipients in the current connection state is invalid.
|
<LI>Adding recipients in the current connection state is invalid.
|
||||||
<LI>A network error occurs.
|
<LI>A network error occurs.
|
||||||
<LI>SMFIF_ADDRCPT_PAR was not set when
|
<LI><A HREF="smfi_register.html#SMFIF_ADDRCPT_PAR">SMFIF_ADDRCPT_PAR</A> is not set._PAR
|
||||||
<A href="smfi_register.html">smfi_register</A> was called.
|
|
||||||
</UL>
|
</UL>
|
||||||
Otherwise, it will return MI_SUCCESS.
|
Otherwise, it will return MI_SUCCESS.
|
||||||
</TD>
|
</TD>
|
||||||
@ -68,9 +68,8 @@ Otherwise, it will return MI_SUCCESS.
|
|||||||
<TR align="left" valign=top>
|
<TR align="left" valign=top>
|
||||||
<TH>NOTES</TH>
|
<TH>NOTES</TH>
|
||||||
<TD>
|
<TD>
|
||||||
A filter which calls smfi_addrcpt must have set the SMFIF_ADDRCPT_PAR flag
|
A filter which calls smfi_addrcpt_par must have set the
|
||||||
in the smfiDesc_str passed to
|
<A HREF="smfi_register.html#SMFIF_ADDRCPT_PAR">SMFIF_ADDRCPT_PAR</A> flag.
|
||||||
<A href="smfi_register.html">smfi_register</A>.
|
|
||||||
</TD>
|
</TD>
|
||||||
</TR>
|
</TR>
|
||||||
|
|
||||||
|
@ -32,6 +32,7 @@ Change the envelope sender (MAIL From) of the current message.
|
|||||||
<TD>Change the envelope sender (MAIL From) of the current message.</TD>
|
<TD>Change the envelope sender (MAIL From) of the current message.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
@ -57,7 +58,7 @@ Change the envelope sender (MAIL From) of the current message.
|
|||||||
<UL><LI>mail is NULL.
|
<UL><LI>mail is NULL.
|
||||||
<LI>Changing the sender in the current connection state is invalid.
|
<LI>Changing the sender in the current connection state is invalid.
|
||||||
<LI>A network error occurs.
|
<LI>A network error occurs.
|
||||||
<LI>SMFIF_CHGFROM was not set when <A href="smfi_register.html">smfi_register</A> was called.
|
<LI><A HREF="smfi_register.html#SMFIF_CHGFROM">SMFIF_CHGFROM</A> is not set.
|
||||||
</UL>
|
</UL>
|
||||||
Otherwise, it will return MI_SUCCESS.
|
Otherwise, it will return MI_SUCCESS.
|
||||||
</TD>
|
</TD>
|
||||||
@ -67,9 +68,8 @@ Otherwise, it will return MI_SUCCESS.
|
|||||||
<TR align="left" valign=top>
|
<TR align="left" valign=top>
|
||||||
<TH>NOTES</TH>
|
<TH>NOTES</TH>
|
||||||
<TD>
|
<TD>
|
||||||
A filter which calls smfi_chgfrom must have set the SMFIF_CHGFROM flag
|
A filter which calls smfi_chgfrom must have set the
|
||||||
in the smfiDesc_str passed to
|
<A HREF="smfi_register.html#SMFIF_CHGFROM">SMFIF_CHGFROM</A> flag.
|
||||||
<A href="smfi_register.html">smfi_register</A>.
|
|
||||||
<BR>
|
<BR>
|
||||||
Even though all ESMTP arguments could be set via this call,
|
Even though all ESMTP arguments could be set via this call,
|
||||||
it does not make sense to do so for many of them,
|
it does not make sense to do so for many of them,
|
||||||
|
@ -33,6 +33,7 @@ Change or delete a message header.
|
|||||||
<TD>Changes a header's value for the current message.</TD>
|
<TD>Changes a header's value for the current message.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
@ -63,17 +64,18 @@ smfi_chgheader will return MI_FAILURE if
|
|||||||
<LI>Modifying headers in the current connection state is invalid.
|
<LI>Modifying headers in the current connection state is invalid.
|
||||||
<LI>Memory allocation fails.
|
<LI>Memory allocation fails.
|
||||||
<LI>A network error occurs.
|
<LI>A network error occurs.
|
||||||
<LI>SMFIF_CHGHDRS was not set when <A href="smfi_register.html">smfi_register</A> was called.
|
<LI><A HREF="smfi_register.html#SMFIF_CHGHDRS">SMFIF_CHGHDRS</A> is not set.
|
||||||
</UL>
|
</UL>
|
||||||
Otherwise, it returns MI_SUCCESS.
|
Otherwise, it returns MI_SUCCESS.
|
||||||
</TR>
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Notes ---------->
|
<!----------- Notes ---------->
|
||||||
<TR align="left" valign=top>
|
<TR align="left" valign=top>
|
||||||
<TH>NOTES</TH>
|
<TH>NOTES</TH>
|
||||||
<TD>
|
<TD>
|
||||||
<UL><LI>While smfi_chgheader may be used to add new headers, it is more efficient and far safer to use <A href="smfi_addheader.html">smfi_addheader</A>.
|
<UL><LI>While smfi_chgheader may be used to add new headers, it is more efficient and far safer to use <A href="smfi_addheader.html">smfi_addheader</A>.
|
||||||
<LI>A filter which calls smfi_chgheader must have set the SMFIF_CHGHDRS flag in the smfiDesc_str passed to <A href="smfi_register.html">smfi_register</A>.
|
<LI>A filter which calls smfi_chgheader must have set the
|
||||||
|
<A HREF="smfi_register.html#SMFIF_CHGHDRS">SMFIF_CHGHDRS</A> flag.
|
||||||
<LI>For smfi_chgheader, filter order is important. <B>Later filters will see the header changes made by earlier ones.</B>
|
<LI>For smfi_chgheader, filter order is important. <B>Later filters will see the header changes made by earlier ones.</B>
|
||||||
<LI>Neither the name nor the value of the header is checked for
|
<LI>Neither the name nor the value of the header is checked for
|
||||||
standards compliance. However, each line of the header must be under
|
standards compliance. However, each line of the header must be under
|
||||||
|
@ -31,6 +31,7 @@ Remove a recipient from the current message's envelope.
|
|||||||
<TD>smfi_delrcpt removes the named recipient from the current message's envelope.</TD>
|
<TD>smfi_delrcpt removes the named recipient from the current message's envelope.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
@ -54,7 +55,7 @@ Remove a recipient from the current message's envelope.
|
|||||||
<LI>rcpt is NULL.
|
<LI>rcpt is NULL.
|
||||||
<LI>Deleting recipients in the current connection state is invalid.
|
<LI>Deleting recipients in the current connection state is invalid.
|
||||||
<LI>A network error occurs.
|
<LI>A network error occurs.
|
||||||
<LI>SMFIF_DELRCPT was not set when <A href="smfi_register.html">smfi_register</A> was called.
|
<LI><A HREF="smfi_register.html#SMFIF_DELRCPT">SMFIF_DELRCPT</A> is not set.
|
||||||
</UL>
|
</UL>
|
||||||
Otherwise, it will return MI_SUCCESS
|
Otherwise, it will return MI_SUCCESS
|
||||||
</TD>
|
</TD>
|
||||||
@ -64,7 +65,11 @@ Otherwise, it will return MI_SUCCESS
|
|||||||
<TR align="left" valign=top>
|
<TR align="left" valign=top>
|
||||||
<TH>NOTES</TH>
|
<TH>NOTES</TH>
|
||||||
<TD>
|
<TD>
|
||||||
|
<LI>
|
||||||
The addresses to be removed must match exactly. For example, an address and its expanded form do not match.
|
The addresses to be removed must match exactly. For example, an address and its expanded form do not match.
|
||||||
|
<LI>
|
||||||
|
A filter which calls smfi_delrcpt must have set the
|
||||||
|
<A HREF="smfi_register.html#SMFIF_DELRCPT">SMFIF_DELRCPT</A> flag.
|
||||||
</TD>
|
</TD>
|
||||||
</TR>
|
</TR>
|
||||||
|
|
||||||
|
@ -30,6 +30,7 @@ Get the connection-specific data pointer for this connection.
|
|||||||
<TD>None.</TD>
|
<TD>None.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
|
@ -31,6 +31,7 @@ Get the value of a sendmail macro.
|
|||||||
<TD>None.</TD>
|
<TD>None.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
|
@ -33,6 +33,7 @@ Prepend a header to the current message.
|
|||||||
<TD>Prepends a header to the current message.</TD>
|
<TD>Prepends a header to the current message.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
@ -63,7 +64,7 @@ Prepend a header to the current message.
|
|||||||
<LI>Adding headers in the current connection state is invalid.
|
<LI>Adding headers in the current connection state is invalid.
|
||||||
<LI>Memory allocation fails.
|
<LI>Memory allocation fails.
|
||||||
<LI>A network error occurs.
|
<LI>A network error occurs.
|
||||||
<LI>SMFIF_ADDHDRS was not set when <A href="smfi_register.html">smfi_register</A> was called.
|
<LI><A HREF="smfi_register.html#SMFIF_ADDHDRS">SMFIF_ADDHDRS</A> is not set.
|
||||||
</UL>
|
</UL>
|
||||||
Otherwise, it returns MI_SUCCESS.
|
Otherwise, it returns MI_SUCCESS.
|
||||||
</TD>
|
</TD>
|
||||||
@ -77,9 +78,9 @@ Otherwise, it returns MI_SUCCESS.
|
|||||||
<LI>smfi_insheader does not change a message's existing headers.
|
<LI>smfi_insheader does not change a message's existing headers.
|
||||||
To change a header's current value, use
|
To change a header's current value, use
|
||||||
<A HREF="smfi_chgheader.html">smfi_chgheader</A>.
|
<A HREF="smfi_chgheader.html">smfi_chgheader</A>.
|
||||||
<LI>A filter which calls smfi_insheader must have set the SMFIF_ADDHDRS
|
<LI>A filter which calls smfi_insheader must have set the
|
||||||
flag in the smfiDesc_str passed to
|
<A HREF="smfi_register.html#SMFIF_ADDHDRS">SMFIF_ADDHDRS</A>
|
||||||
<A href="smfi_register.html">smfi_register</A>.
|
flag.
|
||||||
<LI>For smfi_insheader, filter order is important.
|
<LI>For smfi_insheader, filter order is important.
|
||||||
<B>Later filters will see the header changes made by earlier ones.</B>
|
<B>Later filters will see the header changes made by earlier ones.</B>
|
||||||
<LI>A filter will receive <EM>only</EM> headers that have been sent
|
<LI>A filter will receive <EM>only</EM> headers that have been sent
|
||||||
|
@ -29,6 +29,7 @@ Hand control to libmilter event loop.
|
|||||||
<TD>smfi_main hands control to the Milter event loop.</TD>
|
<TD>smfi_main hands control to the Milter event loop.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Return values ---------->
|
<!----------- Return values ---------->
|
||||||
<TR>
|
<TR>
|
||||||
|
@ -34,13 +34,14 @@ but before calling <TT>smfi_main()</TT>.
|
|||||||
<TD>smfi_opensocket attempts to create the socket specified previously by
|
<TD>smfi_opensocket attempts to create the socket specified previously by
|
||||||
a call to <TT>smfi_setconn()</TT> which will be the interface between MTAs
|
a call to <TT>smfi_setconn()</TT> which will be the interface between MTAs
|
||||||
and the filter.
|
and the filter.
|
||||||
This allows the calling application to ensure that the
|
This allows the calling application to ensure that the socket can be created.
|
||||||
socket can be created.
|
|
||||||
If this is not called,
|
If this is not called,
|
||||||
<TT>smfi_main()</TT> will do so implicitly.
|
<TT>smfi_main()</TT> will create the socket implicitly
|
||||||
|
(without removing a potentially existing UNIX domain socket).
|
||||||
</TD>
|
</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
|
@ -31,6 +31,7 @@ Notify the MTA that an operation is still in progress.
|
|||||||
on a message, causing the MTA to re-start its timeouts.</TD>
|
on a message, causing the MTA to re-start its timeouts.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
|
@ -31,6 +31,7 @@ Quarantine the message using the given reason.
|
|||||||
<TD>smfi_quarantine quarantines the message using the given reason.</TD>
|
<TD>smfi_quarantine quarantines the message using the given reason.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
@ -53,7 +54,7 @@ Quarantine the message using the given reason.
|
|||||||
<UL>
|
<UL>
|
||||||
<LI>reason is NULL or empty.
|
<LI>reason is NULL or empty.
|
||||||
<LI>A network error occurs.
|
<LI>A network error occurs.
|
||||||
<LI>SMFIF_QUARANTINE was not set when <A href="smfi_register.html">smfi_register</A> was called.
|
<LI><A HREF="smfi_register.html#SMFIF_QUARANTINE">SMFIF_QUARANTINE</A> is not set.
|
||||||
</UL>
|
</UL>
|
||||||
Otherwise, it will return MI_SUCCESS
|
Otherwise, it will return MI_SUCCESS
|
||||||
</TD>
|
</TD>
|
||||||
|
@ -37,6 +37,7 @@ is obeyed.
|
|||||||
</TD>
|
</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
@ -110,7 +111,7 @@ smfi_register may return MI_FAILURE for any of the following reasons:
|
|||||||
|
|
||||||
<!----------- Notes ---------->
|
<!----------- Notes ---------->
|
||||||
<TR align="left" valign=top>
|
<TR align="left" valign=top>
|
||||||
<TH>NOTES</TH>
|
<TH><A NAME=Notes>NOTES</A></TH>
|
||||||
<TD>
|
<TD>
|
||||||
|
|
||||||
<A NAME="flags">The xxfi_flags</A>
|
<A NAME="flags">The xxfi_flags</A>
|
||||||
@ -120,7 +121,7 @@ the following values, describing the actions the filter may take:
|
|||||||
<TR valign="top" bgcolor="#dddddd"><TH align="left">Flag</TH><TH align="center">Description</TH></TR>
|
<TR valign="top" bgcolor="#dddddd"><TH align="left">Flag</TH><TH align="center">Description</TH></TR>
|
||||||
<TR align="left" valign=top>
|
<TR align="left" valign=top>
|
||||||
<TD>
|
<TD>
|
||||||
SMFIF_ADDHDRS
|
<A NAME="SMFIF_ADDHDRS">SMFIF_ADDHDRS</A>
|
||||||
</TD>
|
</TD>
|
||||||
<TD>
|
<TD>
|
||||||
This filter may <A HREF="smfi_addheader.html">add headers</A>.
|
This filter may <A HREF="smfi_addheader.html">add headers</A>.
|
||||||
@ -128,7 +129,7 @@ the following values, describing the actions the filter may take:
|
|||||||
</TR>
|
</TR>
|
||||||
<TR align="left" valign=top>
|
<TR align="left" valign=top>
|
||||||
<TD>
|
<TD>
|
||||||
SMFIF_CHGHDRS
|
<A NAME="SMFIF_CHGHDRS">SMFIF_CHGHDRS</A>
|
||||||
</TD>
|
</TD>
|
||||||
<TD>
|
<TD>
|
||||||
This filter may
|
This filter may
|
||||||
@ -137,7 +138,7 @@ the following values, describing the actions the filter may take:
|
|||||||
</TR>
|
</TR>
|
||||||
<TR align="left" valign=top>
|
<TR align="left" valign=top>
|
||||||
<TD VALIGN="TOP">
|
<TD VALIGN="TOP">
|
||||||
SMFIF_CHGBODY
|
<A NAME="SMFIF_CHGBODY">SMFIF_CHGBODY</A>
|
||||||
</TD>
|
</TD>
|
||||||
<TD>
|
<TD>
|
||||||
This filter may
|
This filter may
|
||||||
@ -148,7 +149,7 @@ the following values, describing the actions the filter may take:
|
|||||||
</TR>
|
</TR>
|
||||||
<TR>
|
<TR>
|
||||||
<TD VALIGN="TOP">
|
<TD VALIGN="TOP">
|
||||||
SMFIF_ADDRCPT
|
<A NAME="SMFIF_ADDRCPT">SMFIF_ADDRCPT</A>
|
||||||
</TD>
|
</TD>
|
||||||
<TD>
|
<TD>
|
||||||
This filter may
|
This filter may
|
||||||
@ -158,7 +159,7 @@ the following values, describing the actions the filter may take:
|
|||||||
</TR>
|
</TR>
|
||||||
<TR>
|
<TR>
|
||||||
<TD VALIGN="TOP">
|
<TD VALIGN="TOP">
|
||||||
SMFIF_ADDRCPT_PAR
|
<A NAME="SMFIF_ADDRCPT_PAR">SMFIF_ADDRCPT_PAR</A>
|
||||||
</TD>
|
</TD>
|
||||||
<TD>
|
<TD>
|
||||||
This filter may
|
This filter may
|
||||||
@ -167,7 +168,7 @@ the following values, describing the actions the filter may take:
|
|||||||
</TR>
|
</TR>
|
||||||
<TR>
|
<TR>
|
||||||
<TD VALIGN="TOP">
|
<TD VALIGN="TOP">
|
||||||
SMFIF_DELRCPT
|
<A NAME="SMFIF_DELRCPT">SMFIF_DELRCPT</A>
|
||||||
</TD>
|
</TD>
|
||||||
<TD>
|
<TD>
|
||||||
This filter may
|
This filter may
|
||||||
@ -176,7 +177,7 @@ the following values, describing the actions the filter may take:
|
|||||||
</TR>
|
</TR>
|
||||||
<TR>
|
<TR>
|
||||||
<TD VALIGN="TOP">
|
<TD VALIGN="TOP">
|
||||||
SMFIF_QUARANTINE
|
<A NAME="SMFIF_QUARANTINE">SMFIF_QUARANTINE</A>
|
||||||
</TD>
|
</TD>
|
||||||
<TD>
|
<TD>
|
||||||
This filter may
|
This filter may
|
||||||
@ -186,7 +187,7 @@ the following values, describing the actions the filter may take:
|
|||||||
|
|
||||||
<TR>
|
<TR>
|
||||||
<TD VALIGN="TOP">
|
<TD VALIGN="TOP">
|
||||||
SMFIF_CHGFROM
|
<A NAME="SMFIF_CHGFROM">SMFIF_CHGFROM</A>
|
||||||
</TD>
|
</TD>
|
||||||
<TD>
|
<TD>
|
||||||
This filter may
|
This filter may
|
||||||
@ -196,7 +197,7 @@ the following values, describing the actions the filter may take:
|
|||||||
|
|
||||||
<TR>
|
<TR>
|
||||||
<TD VALIGN="TOP">
|
<TD VALIGN="TOP">
|
||||||
SMFIF_SETSYMLIST
|
<A NAME="SMFIF_SETSYMLIST">SMFIF_SETSYMLIST</A>
|
||||||
</TD>
|
</TD>
|
||||||
<TD>
|
<TD>
|
||||||
This filter can
|
This filter can
|
||||||
|
@ -35,6 +35,7 @@ body.
|
|||||||
</TD>
|
</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
@ -61,7 +62,7 @@ body.
|
|||||||
<LI>bodyp == NULL and bodylen > 0.
|
<LI>bodyp == NULL and bodylen > 0.
|
||||||
<LI>Changing the body in the current connection state is invalid.
|
<LI>Changing the body in the current connection state is invalid.
|
||||||
<LI>A network error occurs.
|
<LI>A network error occurs.
|
||||||
<LI>SMFIF_CHGBODY was not set when <A href="smfi_register.html">smfi_register</A> was called.
|
<LI><A HREF="smfi_register.html#SMFIF_CHGBODY">SMFIF_CHGBODY</A> is not set.
|
||||||
</UL>
|
</UL>
|
||||||
Otherwise, it will return MI_SUCCESS.
|
Otherwise, it will return MI_SUCCESS.
|
||||||
</TD>
|
</TD>
|
||||||
@ -72,9 +73,11 @@ Otherwise, it will return MI_SUCCESS.
|
|||||||
<TH>NOTES</TH>
|
<TH>NOTES</TH>
|
||||||
<TD>
|
<TD>
|
||||||
<UL>
|
<UL>
|
||||||
<LI>Since the message body may be very large, setting SMFIF_CHGBODY may significantly affect filter performance.
|
<LI>Since the message body may be very large, calling smfi_replacebody may significantly affect filter performance.
|
||||||
<LI>If a filter sets SMFIF_CHGBODY but does not call smfi_replacebody, the original body remains unchanged.
|
<LI>If a filter sets SMFIF_CHGBODY but does not call smfi_replacebody, the original body remains unchanged.
|
||||||
<LI>For smfi_replacebody, filter order is important. <B>Later filters will see the new body contents created by earlier ones.</B>
|
<LI>For smfi_replacebody, filter order is important. <B>Later filters will see the new body contents created by earlier ones.</B>
|
||||||
|
<LI>A filter which calls smfi_replacebody must have set the
|
||||||
|
<A HREF="smfi_register.html#SMFIF_CHGBODY">SMFIF_CHGBODY</A> flag.
|
||||||
</UL>
|
</UL>
|
||||||
</TD>
|
</TD>
|
||||||
</TR>
|
</TR>
|
||||||
|
@ -31,6 +31,7 @@ Set the filter's <CODE>listen(2)</CODE> backlog value.
|
|||||||
If smfi_setbacklog is not called, the operating system default is used.</TD>
|
If smfi_setbacklog is not called, the operating system default is used.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
|
@ -30,6 +30,7 @@ Set the socket through which this filter should communicate with sendmail.
|
|||||||
<TD>Sets the socket through which the filter communicates with sendmail.</TD>
|
<TD>Sets the socket through which the filter communicates with sendmail.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
|
@ -34,6 +34,7 @@ A level of zero turns off debugging. The greater
|
|||||||
the current, highest, useful value.</TD>
|
the current, highest, useful value.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
|
@ -38,6 +38,7 @@ This code will be used on subsequent error replies resulting from actions
|
|||||||
taken by this filter.</TD>
|
taken by this filter.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
@ -92,7 +93,7 @@ For example, the code:<BR>
|
|||||||
<UL>
|
<UL>
|
||||||
<LI>The rcode or xcode argument is invalid.
|
<LI>The rcode or xcode argument is invalid.
|
||||||
<LI>A memory-allocation failure occurs.
|
<LI>A memory-allocation failure occurs.
|
||||||
<LI>If any text line contains a carraige return or line feed.
|
<LI>If any text line contains a carriage return or line feed.
|
||||||
<LI>The length of any text line is more than MAXREPLYLEN (980).
|
<LI>The length of any text line is more than MAXREPLYLEN (980).
|
||||||
<LI>More than 32 lines of text replies are given.
|
<LI>More than 32 lines of text replies are given.
|
||||||
</UL>
|
</UL>
|
||||||
|
@ -31,6 +31,7 @@ Set the private data pointer for this connection.
|
|||||||
<TD>Sets the private data pointer for the context ctx.</TD>
|
<TD>Sets the private data pointer for the context ctx.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
|
@ -36,6 +36,7 @@ will be used on subsequent error replies resulting from actions taken by
|
|||||||
this filter.</TD>
|
this filter.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
@ -67,6 +68,8 @@ this filter.</TD>
|
|||||||
<UL>
|
<UL>
|
||||||
<LI>The rcode or xcode argument is invalid.
|
<LI>The rcode or xcode argument is invalid.
|
||||||
<LI>A memory-allocation failure occurs.
|
<LI>A memory-allocation failure occurs.
|
||||||
|
<LI>The length of any text line is more than MAXREPLYLEN (980).
|
||||||
|
<LI>The message argument contains a carriage return or line feed.
|
||||||
</UL>
|
</UL>
|
||||||
Otherwise, it return MI_SUCCESS.
|
Otherwise, it return MI_SUCCESS.
|
||||||
</TD>
|
</TD>
|
||||||
|
@ -37,6 +37,7 @@ milter wants to receive from the MTA.
|
|||||||
</TD>
|
</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
|
@ -33,6 +33,7 @@ If smfi_settimeout is not called, a default timeout of 7210 seconds is used.
|
|||||||
</TD>
|
</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
@ -61,10 +62,7 @@ and may break the communication with the MTA.
|
|||||||
Do <EM>not</EM> decrease this value without making sure that
|
Do <EM>not</EM> decrease this value without making sure that
|
||||||
the MTA also uses lower timeouts for communication
|
the MTA also uses lower timeouts for communication
|
||||||
(with the milter and with the SMTP client).
|
(with the milter and with the SMTP client).
|
||||||
</TR>
|
</TD></TR>
|
||||||
</TABLE>
|
|
||||||
|
|
||||||
|
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
|
||||||
<HR size="1">
|
<HR size="1">
|
||||||
|
@ -36,6 +36,7 @@ which may then exit or warm-restart.
|
|||||||
</TD>
|
</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
|
@ -32,6 +32,7 @@ Get the (runtime) version of libmilter.
|
|||||||
<TD>None.</TD>
|
<TD>None.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH VALIGN="TOP" ALIGN=LEFT>ARGUMENTS</TH><TD>
|
<TR><TH VALIGN="TOP" ALIGN=LEFT>ARGUMENTS</TH><TD>
|
||||||
|
@ -30,6 +30,7 @@ Handle the current message's being aborted.
|
|||||||
<TD>Do nothing; return SMFIS_CONTINUE.</TD>
|
<TD>Do nothing; return SMFIS_CONTINUE.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
|
@ -32,6 +32,7 @@ Handle a piece of a message's body.
|
|||||||
<TD>Do nothing; return SMFIS_CONTINUE.</TD>
|
<TD>Do nothing; return SMFIS_CONTINUE.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
|
@ -30,6 +30,7 @@ The current connection is being closed.
|
|||||||
<TD>Do nothing; return SMFIS_CONTINUE.</TD>
|
<TD>Do nothing; return SMFIS_CONTINUE.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
|
@ -29,6 +29,7 @@ sfsistat (*xxfi_connect)(
|
|||||||
<TD>Do nothing; return SMFIS_CONTINUE.</TD>
|
<TD>Do nothing; return SMFIS_CONTINUE.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
|
||||||
<!--
|
<!--
|
||||||
This callback function is invoked on each connection to the mail
|
This callback function is invoked on each connection to the mail
|
||||||
filter program.
|
filter program.
|
||||||
@ -37,8 +38,9 @@ The name of the callback can be any valid function name.
|
|||||||
The function pointer is to be assigned to the
|
The function pointer is to be assigned to the
|
||||||
smfiDesc.xxfi_connect and the pointer to the smfiDesc structure
|
smfiDesc.xxfi_connect and the pointer to the smfiDesc structure
|
||||||
is passed to smfi_register().
|
is passed to smfi_register().
|
||||||
</TD></TR>
|
|
||||||
-->
|
-->
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
<TABLE border="1" cellspacing=0>
|
<TABLE border="1" cellspacing=0>
|
||||||
|
@ -23,13 +23,14 @@ Handle the DATA command.
|
|||||||
<TABLE border="1" cellspacing=1 cellpadding=4>
|
<TABLE border="1" cellspacing=1 cellpadding=4>
|
||||||
<TR align="left" valign=top>
|
<TR align="left" valign=top>
|
||||||
<TH width="80">Called When</TH>
|
<TH width="80">Called When</TH>
|
||||||
<TD>xxfi_data is called when the client uses the DATA command.
|
<TD>xxfi_data is called when the client uses the DATA command.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
<TR align="left" valign=top>
|
<TR align="left" valign=top>
|
||||||
<TH>Default Behavior</TH>
|
<TH>Default Behavior</TH>
|
||||||
<TD>Do nothing; return SMFIS_CONTINUE.</TD>
|
<TD>Do nothing; return SMFIS_CONTINUE.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
@ -67,7 +68,7 @@ Handle the DATA command.
|
|||||||
</TD>
|
</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
</TR>
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Notes ---------->
|
<!----------- Notes ---------->
|
||||||
<TR>
|
<TR>
|
||||||
|
@ -33,6 +33,7 @@ before xxfi_envrcpt.</TD>
|
|||||||
<TD>Do nothing; return SMFIS_CONTINUE.</TD>
|
<TD>Do nothing; return SMFIS_CONTINUE.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
@ -75,7 +76,7 @@ before xxfi_envrcpt.</TD>
|
|||||||
</TD>
|
</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
</TR>
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Notes ---------->
|
<!----------- Notes ---------->
|
||||||
<TR>
|
<TR>
|
||||||
|
@ -31,6 +31,7 @@ Handle the envelope RCPT command.
|
|||||||
<TD>Do nothing; return SMFIS_CONTINUE.</TD>
|
<TD>Do nothing; return SMFIS_CONTINUE.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
@ -76,7 +77,7 @@ Handle the envelope RCPT command.
|
|||||||
</TD>
|
</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
</TR>
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Notes ---------->
|
<!----------- Notes ---------->
|
||||||
<TR>
|
<TR>
|
||||||
|
@ -31,6 +31,7 @@ Handle the end of message headers.
|
|||||||
<TD>Do nothing; return SMFIS_CONTINUE.</TD>
|
<TD>Do nothing; return SMFIS_CONTINUE.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
|
@ -30,6 +30,7 @@ End of a message.
|
|||||||
<TD>Do nothing; return SMFIS_CONTINUE.</TD>
|
<TD>Do nothing; return SMFIS_CONTINUE.</TD>
|
||||||
</TR>
|
</TR>
|
||||||
</TABLE>
|
</TABLE>
|
||||||
|
</TD></TR>
|
||||||
|
|
||||||
<!----------- Arguments ---------->
|
<!----------- Arguments ---------->
|
||||||
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
<TR><TH valign="top" align=left>ARGUMENTS</TH><TD>
|
||||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user