sendmail

A sendmail az m4-gyel van beállítva:
allmasquerade
masquerade_envelope
always_add_domain
virtusertable
local_procmail
access_db
blacklistrecipients

masquerade_as

mailer smtp, procmail
és az elején a divert és az include, az m4 fájlhoz.

Látszólag működik...
Ha eg ylevelező felhasználót szeretnék létrehozni, akkor egy egyszerű adduser és utána ez a felhasználó már küldhet és fogadhat leveleket, illetve ezzel a felhasználóval a 110-es porton keresztül letöltheti a leveleit?

Üdv:
menyeet

A pop3 tökéletesen működik, viszont az access_db ellenére, amiben szerepel az ip, azt írja, hogy Relaying denied. IP name lookup failed. reject=550 5.7.1

Ez mitől lehet?

Ez csak egy részlet, szeintem az alsó részében már nem szerepelnek erre vonatkozó beálítások. Egyébként, ha már itt tartunk, azt hol lehet beállítani, hogy a mailboxok hol legyenek? Szeretném, ha egy külön hdd-n lennének, mert lassan elfogy a hely...
Köszi a segítséget!

sendmail.cf:

# level 10 config file format
V10/Berkeley

Cwlocalhost

# host/domain names ending with a token in class P are canonical
CP.

# "Smart" relay host (may be null)
DS

# operators that cannot be in local usernames (i.e., network indicators)
CO @ % !

# a class with just dot (for identifying canonical names)
C..

# a class with just a left bracket (for identifying domain literals)
C[[

# access_db acceptance class
C{Accept}OK RELAY

# Resolve map (to check if a host exists in check_mail)
Kresolve host -a -T
C{ResOk}OKR

# Hosts for which relaying is permitted ($=R)
FR-o /etc/mail/relay-domains

# arithmetic map
Karith arith
# macro storage map
Kmacro macro
# possible values for TLS_connection in access map
C{Tls}VERIFY ENCR

# dequoting map
Kdequote dequote

DMzsebradio.org

# my name for error messages
DnMAILER-DAEMON

# Virtual user table (maps incoming users)
Kvirtuser hash /etc/mail/virtusertable

# Access list database (for spam stomping)
Kaccess hash -T /etc/mail/access

# Configuration version number
DZ8.13.0

###############
# Options #
###############

# strip message body to 7 bits on input?
O SevenBitInput=False

# 8-bit data handling
#O EightBitMode=pass8

# wait for alias file rebuild (default units: minutes)
O AliasWait=10

# location of alias file
O AliasFile=/etc/mail/aliases

# minimum number of free blocks on filesystem
O MinFreeBlocks=100

# maximum message size
#O MaxMessageSize=0

# substitution for space (blank) characters
O BlankSub=.

# avoid connecting to "expensive" mailers on initial submission?
O HoldExpensive=False

# checkpoint queue runs after every N successful deliveries
#O CheckpointInterval=10

# default delivery mode
O DeliveryMode=background

# error message header/file
#O ErrorHeader=/etc/mail/error-header

# error mode
#O ErrorMode=print

# save Unix-style "From_" lines at top of header?
#O SaveFromLine=False

# queue file mode (qf files)
#O QueueFileMode=0600

# temporary file mode
O TempFileMode=0600

# match recipients against GECOS field?
#O MatchGECOS=False

# maximum hop count
#O MaxHopCount=25

# location of help file
O HelpFile=/etc/mail/helpfile

# ignore dots as terminators in incoming messages?
#O IgnoreDots=False

# name resolver options
#O ResolverOptions=+AAONLY

# deliver MIME-encapsulated error messages?
O SendMimeErrors=True

# Forward file search path
O ForwardPath=$z/.forward.$w:$z/.forward

# open connection cache size
O ConnectionCacheSize=2

# open connection cache timeout
O ConnectionCacheTimeout=5m

# persistent host status directory
#O HostStatusDirectory=.hoststat

# single thread deliveries (requires HostStatusDirectory)?
#O SingleThreadDelivery=False

# use Errors-To: header?
O UseErrorsTo=False

# log level
O LogLevel=9

# send to me too, even in an alias expansion?
#O MeToo=True

# verify RHS in newaliases?
O CheckAliases=False

# default messages to old style headers if no special punctuation?
O OldStyleHeaders=True

# SMTP daemon options
O DaemonPortOptions=Name=MTA
O DaemonPortOptions=Port=587, Name=MSA, M=E

# SMTP client options
#O ClientPortOptions=Family=inet, Address=0.0.0.0

# Modifiers to define {daemon_flags} for direct submissions
#O DirectSubmissionModifiers

# Use as mail submission program? See sendmail/SECURITY
#O UseMSP

# privacy flags
O PrivacyOptions=authwarnings

# who (if anyone) should get extra copies of error messages
#O PostmasterCopy=Postmaster

# slope of queue-only function
#O QueueFactor=600000

# limit on number of concurrent queue runners
#O MaxQueueChildren

# maximum number of queue-runners per queue-grouping with multiple queues
#O MaxRunnersPerQueue=1

# queue directory
O QueueDirectory=/var/spool/mqueue

# key for shared memory; 0 to turn off
#O SharedMemoryKey=0

O Timeout.queuereturn=5d
O Timeout.queuewarn=4h

# queue up everything before forking?
O SuperSafe=True

# status file
O StatusFile=/var/log/sendmail.st

# SMTP initial login message (old $e macro)
O SmtpGreetingMessage=$j Sendmail $v/$Z; $b

# UNIX initial From header format (old $l macro)
O UnixFromLine=From $g $d

# delimiter (operator) characters (old $o macro)
O OperatorChars=.:%@!^/[]+

# shall I avoid calling initgroups(3) because of high NIS costs?
#O DontInitGroups=False

# list of authentication mechanisms
#O AuthMechanisms=EXTERNAL GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5

###########################
# Message precedences #
###########################

Pfirst-class=0
Pspecial-delivery=100
Plist=-30
Pbulk=-60
Pjunk=-100

#####################
# Trusted users #
#####################

# this is equivalent to setting class "t"
#Ft/etc/mail/trusted-users
Troot
Tdaemon
Tuucp

################################################
### Ruleset 96 -- bottom half of ruleset 3 ###
################################################

SCanonify2=96

# handle special cases for local names
R$* < @ localhost > $* $: $1 < @ $j . > $2 no domain at all
R$* < @ localhost . $m > $* $: $1 < @ $j . > $2 local domain
R$* < @ localhost . UUCP > $* $: $1 < @ $j . > $2 .UUCP domain

# check for IPv4/IPv6 domain literal
R$* < @ [ $+ ] > $* $: $1 < @@ [ $2 ] > $3 mark [addr]
R$* < @@ $=w > $* $: $1 < @ $j . > $3 self-literal
R$* < @@ $+ > $* $@ $1 < @ $2 > $3 canon IP addr

# if really UUCP, handle it immediately

# try UUCP traffic as a local address
R$* < @ $+ . UUCP > $* $: $1 < @ $[ $2 $] . UUCP . > $3
R$* < @ $+ . . UUCP . > $* $@ $1 < @ $2 . > $3

# hostnames ending in class P are always canonical
R$* < @ $* $=P > $* $: $1 < @ $2 $3 . > $4
R$* < @ $* $~P > $* $: $&{daemon_flags} $| $1 < @ $2 $3 > $4
R$* CC $* $| $* < @ $+.$+ > $* $: $3 < @ $4.$5 . > $6
R$* CC $* $| $* $: $3
# pass to name server to make hostname canonical
R$* $| $* < @ $* > $* $: $2 < @ $[ $3 $] > $4
R$* $| $* $: $2

# local host aliases and pseudo-domains are always canonical
R$* < @ $=w > $* $: $1 < @ $2 . > $3
R$* < @ $=M > $* $: $1 < @ $2 . > $3
R$* < @ $={VirtHost} > $* $: $1 < @ $2 . > $3
R$* < @ $* . . > $* $1 < @ $2 . > $3

##################################################
### Ruleset 4 -- Final Output Post-rewriting ###
##################################################
Sfinal=4

R$+ :; <@> $@ $1 : handle
R$* <@> $@ handle <> and list:;

# strip trailing dot off possibly canonical name
R$* < @ $+ . > $* $1 < @ $2 > $3

# eliminate internal code
R$* < @ *LOCAL* > $* $1 < @ $j > $2

# externalize local domain info
R$* < $+ > $* $1 $2 $3 defocus
R@ $+ : @ $+ : $+ @ $1 , @ $2 : $3 canonical
R@ $* $@ @ $1 ... and exit

# UUCP must always be presented in old form
R$+ @ $- . UUCP $2!$1 u@h.UUCP => h!u

# delete duplicate local names
R$+ % $=w @ $=w $1 @ $2 u%host@host => u@host

##############################################################
### Ruleset 97 -- recanonicalize and call ruleset zero ###
### (used for recursive calls) ###
##############################################################

SRecurse=97
R$* $: $>canonify $1
R$* $@ $>parse $1

######################################
### Ruleset 0 -- Parse Address ###
######################################

Sparse=0

R$* $: $>Parse0 $1 initial parsing
R<@> $#local $: <@> special case error msgs
R$* $: $>ParseLocal $1 handle local hacks
R$* $: $>Parse1 $1 final parsing

#
# Parse0 -- do initial syntax checking and eliminate local addresses.
# This should either return with the (possibly modified) input
# or return with a #error mailer. It should not return with a
# #mailer other than the #error mailer.
#

SParse0
R<@> $@ <@> special case error msgs
R$* : $* ; <@> $#error $@ 5.1.3 $: "553 List:; syntax illegal for recipient addresses"
R@ <@ $* > < @ $1 > catch "@@host" bogosity
R<@ $+> $#error $@ 5.1.3 $: "553 User address required"
R$+ <@> $#error $@ 5.1.3 $: "553 Hostname required"
R$* $: <> $1
R<> $* < @ [ $* ] : $+ > $* $1 < @ [ $2 ] : $3 > $4
R<> $* < @ [ $* ] , $+ > $* $1 < @ [ $2 ] , $3 > $4
R<> $* < @ [ $* ] $+ > $* $#error $@ 5.1.2 $: "553 Invalid address"
R<> $* < @ [ $+ ] > $* $1 < @ [ $2 ] > $3
R<> $* <$* : $* > $* $#error $@ 5.1.3 $: "553 Colon illegal in host name part"
R<> $* $1
R$* < @ . $* > $* $#error $@ 5.1.2 $: "553 Invalid host name"
R$* < @ $* .. $* > $* $#error $@ 5.1.2 $: "553 Invalid host name"
R$* < @ $* @ > $* $#error $@ 5.1.2 $: "553 Invalid route address"
R$* @ $* < @ $* > $* $#error $@ 5.1.3 $: "553 Invalid route address"
R$* , $~O $* $#error $@ 5.1.3 $: "553 Invalid route address"

# now delete the local info -- note $=O to find characters that cause forwarding
R$* < @ > $* $@ $>Parse0 $>canonify $1 user@ => user
R< @ $=w . > : $* $@ $>Parse0 $>canonify $2 @here:... -> ...
R$- < @ $=w . > $: $(dequote $1 $) < @ $2 . > dequote "foo"@here
R< @ $+ > $#error $@ 5.1.3 $: "553 User address required"
R$* $=O $* < @ $=w . > $@ $>Parse0 $>canonify $1 $2 $3 ...@here -> ...
R$- $: $(dequote $1 $) < @ *LOCAL* > dequote "foo"
R< @ *LOCAL* > $#error $@ 5.1.3 $: "553 User address required"
R$* $=O $* < @ *LOCAL* >
$@ $>Parse0 $>canonify $1 $2 $3 ...@*LOCAL* -> ...
R$* < @ *LOCAL* > $: $1

#
# Parse1 -- the bottom half of ruleset 0.
#

SParse1

# handle numeric address spec
R$* < @ [ $+ ] > $* $: $>ParseLocal $1 < @ [ $2 ] > $3 numeric internet spec
R$* < @ [ $+ ] > $* $: $1 < @ [ $2 ] : $S > $3 Add smart host to path
R$* < @ [ $+ ] : > $* $#esmtp $@ [$2] $: $1 < @ [$2] > $3 no smarthost: send
R$* < @ [ $+ ] : $- : $*> $* $#$3 $@ $4 $: $1 < @ [$2] > $5 smarthost with mailer
R$* < @ [ $+ ] : $+ > $* $#esmtp $@ $3 $: $1 < @ [$2] > $4 smarthost without mailer

# handle virtual users
R$+ $: $1 Mark for lookup
R $+ < @ $={VirtHost} . > $: < $(virtuser $1 @ $2 $@ $1 $: @ $) > $1 < @ $2 . >
R $+ < @ $=w . > $: < $(virtuser $1 @ $2 $@ $1 $: @ $) > $1 < @ $2 . >
R<@> $+ + $+ < @ $* . >
$: < $(virtuser $1 + + @ $3 $@ $1 $@ $2 $@ +$2 $: @ $) > $1 + $2 < @ $3 . >
R<@> $+ + $* < @ $* . >
$: < $(virtuser $1 + * @ $3 $@ $1 $@ $2 $@ +$2 $: @ $) > $1 + $2 < @ $3 . >
R<@> $+ + $* < @ $* . >
$: < $(virtuser $1 @ $3 $@ $1 $@ $2 $@ +$2 $: @ $) > $1 + $2 < @ $3 . >
R<@> $+ + $+ < @ $+ . > $: < $(virtuser + + @ $3 $@ $1 $@ $2 $@ +$2 $: @ $) > $1 + $2 < @ $3 . >
R<@> $+ + $* < @ $+ . > $: < $(virtuser + * @ $3 $@ $1 $@ $2 $@ +$2 $: @ $) > $1 + $2 < @ $3 . >
R<@> $+ + $* < @ $+ . > $: < $(virtuser @ $3 $@ $1 $@ $2 $@ +$2 $: ! $) > $1 + $2 < @ $3 . >
R<@> $+ < @ $+ . > $: < $(virtuser @ $2 $@ $1 $: @ $) > $1 < @ $2 . >
R<@> $+ $: $1
R $+ $: $1
R< error : $-.$-.$- : $+ > $* $#error $@ $1.$2.$3 $: $4
R< error : $- $+ > $* $#error $@ $(dequote $1 $) $: $2
R< $+ > $+ < @ $+ > $: $>Recurse $1

# short circuit local delivery so forwarded email works

R$=L < @ $=w . > $#local $: @ $1 special local names
R$+ < @ $=w . > $#local $: $1 regular local name

# resolve remotely connected UUCP links (if any)

# resolve fake top level domains by forwarding to other hosts

# pass names that still have a host to a smarthost (if defined)
R$* < @ $* > $* $: $>MailerToTriple < $S > $1 < @ $2 > $3 glue on smarthost name

# deal with other remote names
R$* < @$* > $* $#esmtp $@ $2 $: $1 < @ $2 > $3 user@host.domain

# handle locally delivered names
R$=L $#local $: @ $1 special local names
R$+ $#local $: $1 regular local names

###########################################################################
### Ruleset 5 -- special rewriting after aliases have been expanded ###
###########################################################################

SLocal_localaddr
Slocaladdr=5
R$+ $: $1 $| $>"Local_localaddr" $1
R$+ $| $#ok $@ $1 no change
R$+ $| $#$* $#$2
R$+ $| $* $: $1

# deal with plussed users so aliases work nicely
R$+ + * $#local $@ $&h $: $1
R$+ + $* $#local $@ + $2 $: $1 + *

# prepend an empty "forward host" on the front
R$+ $: <> $1

R< > $+ $: < > < $1 <> $&h > nope, restore +detail

R< > < $+ <> + $* > $: < > < $1 + $2 > check whether +detail
R< > < $+ <> $* > $: < > < $1 > else discard
R< > < $+ + $* > $* < > < $1 > + $2 $3 find the user part
R< > < $+ > + $* $#local $@ $2 $: @ $1 strip the extra +
R< > < $+ > $@ $1 no +detail
R$+ $: $1 <> $&h add +detail back in

R$+ <> + $* $: $1 + $2 check whether +detail
R$+ <> $* $: $1 else discard
R< local : $* > $* $: $>MailerToTriple < local : $1 > $2 no host extension
R< error : $* > $* $: $>MailerToTriple < error : $1 > $2 no host extension

R< $~[ : $+ > $+ $: $>MailerToTriple < $1 : $2 > $3 < @ $2 >

R< $+ > $+ $@ $>MailerToTriple < $1 > $2 < @ $1 >

###################################################################
### Ruleset 95 -- canonify mailer:[user@]host syntax to triple ###
###################################################################

SMailerToTriple=95
R< > $* $@ $1 strip off null relay
R< error : $-.$-.$- : $+ > $* $#error $@ $1.$2.$3 $: $4
R< error : $- : $+ > $* $#error $@ $(dequote $1 $) $: $2
R< error : $+ > $* $#error $: $1
R< local : $* > $* $>CanonLocal < $1 > $2
R< $~[ : $+ @ $+ > $*<$*>$* $# $1 $@ $3 $: $2<@$3> use literal user
R< $~[ : $+ > $* $# $1 $@ $2 $: $3 try qualified mailer
R< $=w > $* $@ $2 delete local host
R< $+ > $* $#relay $@ $1 $: $2 use unqualified mailer

###################################################################
### Ruleset CanonLocal -- canonify local: syntax ###
###################################################################

SCanonLocal
# strip local host from routed addresses
R< $* > < @ $+ > : $+ $@ $>Recurse $3
R< $* > $+ $=O $+ < @ $+ > $@ $>Recurse $2 $3 $4

# strip trailing dot from any host name that may appear
R< $* > $* < @ $* . > $: < $1 > $2 < @ $3 >

# handle local: syntax -- use old user, either with or without host
R< > $* < @ $* > $* $#local $@ $1@$2 $: $1
R< > $+ $#local $@ $1 $: $1

# handle local:user@host syntax -- ignore host part
R< $+ @ $+ > $* < @ $* > $: < $1 > $3 < @ $4 >

# handle local:user syntax
R< $+ > $* <@ $* > $* $#local $@ $2@$3 $: $1
R< $+ > $* $#local $@ $2 $: $1

###################################################################
### Ruleset 93 -- convert header names to masqueraded form ###
###################################################################

SMasqHdr=93

# do not masquerade anything in class N
R$* < @ $* $=N . > $@ $1 < @ $2 $3 . >

# special case the users that should be exposed
R$=E < @ *LOCAL* > $@ $1 < @ $j . > leave exposed
R$=E < @ $=M . > $@ $1 < @ $2 . >
R$=E < @ $=w . > $@ $1 < @ $2 . >

# handle domain-specific masquerading
R$* < @ $=M . > $* $: $1 < @ $2 . @ $M > $3 convert masqueraded doms
R$* < @ $=w . > $* $: $1 < @ $2 . @ $M > $3
R$* < @ *LOCAL* > $* $: $1 < @ $j . @ $M > $2
R$* < @ $+ @ > $* $: $1 < @ $2 > $3 $M is null
R$* < @ $+ @ $+ > $* $: $1 < @ $3 . > $4 $M is not null

###################################################################
### Ruleset 94 -- convert envelope names to masqueraded form ###
###################################################################

SMasqEnv=94
R$+ $@ $>MasqHdr $1

###################################################################
### Ruleset 98 -- local part of ruleset zero (can be null) ###
###################################################################

SParseLocal=98

######################################################################
### D: LookUpDomain -- search for domain in access database
###
### Parameters:
### <$1> -- key (domain name)
### <$2> -- default (what to return if not found in db)
### <$3> -- mark (must be <(!|+) single-token>)
### ! does lookup only with tag
### + does lookup with and without tag
### <$4> -- passthru (additional data passed unchanged through)
######################################################################

SD
R<$*> <$+> <$- $-> <$*> $: < $(access $4:$1 $: ? $) > <$1> <$2> <$3 $4> <$5>
R <$+> <$+> <+ $-> <$*> $: < $(access $1 $: ? $) > <$1> <$2> <+ $3> <$4>
R <[$+.$-]> <$+> <$- $-> <$*> $@ $>D <[$1]> <$3> <$4 $5> <$6>
R <[$+::$-]> <$+> <$- $-> <$*> $: $>D <[$1]> <$3> <$4 $5> <$6>
R <[$+:$-]> <$+> <$- $-> <$*> $: $>D <[$1]> <$3> <$4 $5> <$6>
R <$+.$+> <$+> <$- $-> <$*> $@ $>D <$2> <$3> <$4 $5> <$6>
R <$+> <$+> <$- $-> <$*> $@ <$2> <$5>
R<$* > <$+> <$+> <$- $-> <$*> $@ <> <$6>
R<$*> <$+> <$+> <$- $-> <$*> $@ <$1> <$6>

######################################################################
### A: LookUpAddress -- search for host address in access database
###
### Parameters:
### <$1> -- key (dot quadded host address)
### <$2> -- default (what to return if not found in db)
### <$3> -- mark (must be <(!|+) single-token>)
### ! does lookup only with tag
### + does lookup with and without tag
### <$4> -- passthru (additional data passed through)
######################################################################

SA
R<$+> <$+> <$- $-> <$*> $: < $(access $4:$1 $: ? $) > <$1> <$2> <$3 $4> <$5>
R <$+> <$+> <+ $-> <$*> $: < $(access $1 $: ? $) > <$1> <$2> <+ $3> <$4>
R <$+::$-> <$+> <$- $-> <$*> $@ $>A <$1> <$3> <$4 $5> <$6>
R <$+:$-> <$+> <$- $-> <$*> $@ $>A <$1> <$3> <$4 $5> <$6>
R <$+.$-> <$+> <$- $-> <$*> $@ $>A <$1> <$3> <$4 $5> <$6>
R <$+> <$+> <$- $-> <$*> $@ <$2> <$5>
R<$* > <$+> <$+> <$- $-> <$*> $@ <> <$6>
R<$*> <$+> <$+> <$- $-> <$*> $@ <$1> <$6>

######################################################################
### CanonAddr -- Convert an address into a standard form for
### relay checking. Route address syntax is
### crudely converted into a %-hack address.
###
### Parameters:
### $1 -- full recipient address
###
### Returns:
### parsed address, not in source route form
######################################################################

SCanonAddr
R$* $: $>Parse0 $>canonify $1 make domain canonical

######################################################################
### ParseRecipient -- Strip off hosts in $=R as well as possibly
### $* $=m or the access database.
### Check user portion for host separators.
###
### Parameters:
### $1 -- full recipient address
###
### Returns:
### parsed, non-local-relaying address
######################################################################

SParseRecipient
R$* $: $>CanonAddr $1
R $* < @ $* . > $1 < @ $2 > strip trailing dots
R $- < @ $* > $: $(dequote $1 $) < @ $2 > dequote local part

# if no $=O character, no host in the user portion, we are done
R $* $=O $* < @ $* > $: $1 $2 $3 < @ $4>
R $* $@ $1

R $* < @ $* $=R > $: $1 < @ $2 $3 >
R $* < @ $+ > $: $>D <$2> <+ To> <$1 < @ $2 >>
R<$+> <$+> $: <$1> $2

R $* < @ $* > $@ $>ParseRecipient $1
R<$+> $* $@ $2

######################################################################
### check_relay -- check hostname/address on SMTP startup
######################################################################

SLocal_check_relay
Scheck_relay
R$* $: $1 $| $>"Local_check_relay" $1
R$* $| $* $| $#$* $#$3
R$* $| $* $| $* $@ $>"Basic_check_relay" $1 $| $2

SBasic_check_relay
# check for deferred delivery mode
R$* $: < $&{deliveryMode} > $1
R< d > $* $@ deferred
R< $* > $* $: $2

R$+ $| $+ $: $>D < $1 > <+ Connect> < $2 >
R $| $+ $: $>A < $1 > <+ Connect> <> empty client_name
R <$+> $: $>A < $1 > <+ Connect> <> no: another lookup
R <$*> $: OK found nothing
R<$={Accept}> <$*> $@ $1 return value of lookup
R <$*> $#error $@ 5.7.1 $: "550 Access denied"
R <$*> $#discard $: discard
R <$*> $#error $@ quarantine $: $1
R <$*> $#error $@ $1.$2.$3 $: $4
R <$*> $#error $: $1
R<$* > <$*> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R<$+> <$*> $#error $: $1

######################################################################
### check_mail -- check SMTP `MAIL FROM:' command argument
######################################################################

SLocal_check_mail
Scheck_mail
R$* $: $1 $| $>"Local_check_mail" $1
R$* $| $#$* $#$2
R$* $| $* $@ $>"Basic_check_mail" $1

SBasic_check_mail
# check for deferred delivery mode
R$* $: < $&{deliveryMode} > $1
R< d > $* $@ deferred
R< $* > $* $: $2

# authenticated?
R$* $: $1 $| $>"tls_client" $&{verify} $| MAIL
R$* $| $#$+ $#$2
R$* $| $* $: $1

R<> $@ we MUST accept <> (RFC 1123)
R$+ $: $1
R<$+> $: <@> <$1>
R$+ $: <@> <$1>
R$* $: $&{daemon_flags} $| $1
R$* f $* $| <@> < $* @ $- > $: < ? $&{client_name} > < $3 @ $4 >
R$* u $* $| <@> < $* > $: < $3 >
R$* $| $* $: $2
# handle case of @localhost on address
R<@> < $* @ localhost > $: < ? $&{client_name} > < $1 @ localhost >
R<@> < $* @ [127.0.0.1] >
$: < ? $&{client_name} > < $1 @ [127.0.0.1] >
R<@> < $* @ localhost.$m >
$: < ? $&{client_name} > < $1 @ localhost.$m >
R<@> < $* @ localhost.UUCP >
$: < ? $&{client_name} > < $1 @ localhost.UUCP >
R<@> $* $: $1 no localhost as domain
R $* $: $2 local client: ok
R <$+> $#error $@ 5.5.4 $: "553 Real domain name required for sender address"
R $* $: $1
R$* $: $>CanonAddr $1 canonify sender address and mark it
R $* < @ $+ . > $1 < @ $2 > strip trailing dots
# handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc)
R $* < @ $* $=P > $: $1 < @ $2 $3 >
R $* < @ $j > $: $1 < @ $j >
R $* < @ $+ > $: $) > $1 < @ $2 >
R> $* < @ $+ >
$: <$2> $3 < @ $4 >

# check sender address: user@address, user@, address
R<$+> $+ < @ $* > $: @<$1> <$2 < @ $3 >> $|
R<$+> $+ $: @<$1> <$2> $|
R@ <$+> <$*> $| <$+> $: <@> <$1> <$2> $| $>SearchList <+ From> $| <$3> <>
R<@> <$+> <$*> $| <$*> $: <$3> <$1> <$2> reverse result
# retransform for further use
R <$+> <$*> $: <$1> $2 no match
R<$+> <$+> <$*> $: <$1> $3 relevant result, keep it

# handle case of no @domain on address
R $* $: $&{daemon_flags} $| $1
R$* u $* $| $* $: $3
R$* $| $* $: $2
R $* $: < ? $&{client_addr} > $1
R $* $@ ...local unqualed ok
R $* $#error $@ 5.5.4 $: "553 Domain name required for sender address " $&f
...remote is not
# check results
R $* $: @ $1 mark address: nothing known about it
R<$={ResOk}> $* $@ domain ok: stop
R $* $#error $@ 4.1.8 $: "451 Domain of sender address " $&f " does not resolve"
R $* $#error $@ 5.1.8 $: "553 Domain of sender address " $&f " does not exist"
R<$={Accept}> $* $# $1 accept from access map
R $* $#discard $: discard
R $* $#error $@ quarantine $: $1
R $* $#error $@ 5.7.1 $: "550 Access denied"
R $* $#error $@ $1.$2.$3 $: $4
R $* $#error $: $1
R<> $* $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R<$+> $* $#error $: $1 error from access db

######################################################################
### check_rcpt -- check SMTP `RCPT TO:' command argument
######################################################################

SLocal_check_rcpt
Scheck_rcpt
R$* $: $1 $| $>"Local_check_rcpt" $1
R$* $| $#$* $#$2
R$* $| $* $@ $>"Basic_check_rcpt" $1

SBasic_check_rcpt
# empty address?
R<> $#error $@ nouser $: "553 User address required"
R$@ $#error $@ nouser $: "553 User address required"
# check for deferred delivery mode
R$* $: < $&{deliveryMode} > $1
R< d > $* $@ deferred
R< $* > $* $: $2

######################################################################
R$* $: $1 $| @ $>"Rcpt_ok" $1
R$* $| @ $#TEMP $+ $: $1 $| T $2
R$* $| @ $#$* $#$2
R$* $| @ RELAY $@ RELAY
R$* $| @ $* $: O $| $>"Relay_ok" $1
R$* $| T $+ $: T $2 $| $>"Relay_ok" $1
R$* $| $#TEMP $+ $#error $2
R$* $| $#$* $#$2
R$* $| RELAY $@ RELAY
R T $+ $| $* $#error $1
# anything else is bogus
R$* $#error $@ 5.7.1 $: "550 Relaying denied"

######################################################################
### Rcpt_ok: is the recipient ok?
######################################################################
SRcpt_ok
R$* $: $>ParseRecipient $1 strip relayable hosts

# blacklist local users or any host from receiving mail
R$* $: $1
R $+ < @ $=w > $: <> <$1 < @ $2 >> $|
R $+ < @ $* > $: <> <$1 < @ $2 >> $|
R $+ $: <> <$1> $|
R<> <$*> $| <$+> $: <@> <$1> $| $>SearchList <+ To> $| <$2> <>
R<@> <$*> $| <$*> $: <$2> <$1> reverse result
R <$*> $: @ $1 mark address as no match
R<$={Accept}> <$*> $: @ $2 mark address as no match

R $* $#error $@ 5.2.1 $: "550 Mailbox disabled for this recipient"
R $* $#discard $: discard
R $* $#error $@ quarantine $: $1
R $* $#error $@ $1.$2.$3 $: $4
R $* $#error $: $1
R<> $* $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R<$+> $* $#error $: $1 error from access db
R@ $* $1 remove mark

# authenticated via TLS?
R$* $: $1 $| $>RelayTLS client authenticated?
R$* $| $# $+ $# $2 error/ok?
R$* $| $* $: $1 no

R$* $: $1 $| $>"Local_Relay_Auth" $&{auth_type}
R$* $| $# $* $# $2
R$* $| NO $: $1
R$* $| $* $: $1 $| $&{auth_type}
R$* $| $: $1
R$* $| $={TrustAuthMech} $# RELAY
R$* $| $* $: $1
# anything terminating locally is ok
R$+ < @ $=w > $@ RELAY
R$+ < @ $* $=R > $@ RELAY
R$+ < @ $+ > $: $>D <$2> <+ To> <$1 < @ $2 >>
R $* $@ RELAY
R<$* > $* $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R<$*> <$*> $: $2

# check for local user (i.e. unqualified address)
R$* $: $1
R $* < @ $+ > $: $1 < @ $2 >
# local user is ok
R $+ $@ RELAY
R<$+> $* $: $2

######################################################################
### Relay_ok: is the relay/sender ok?
######################################################################
SRelay_ok
# anything originating locally is ok
# check IP address
R$* $: $&{client_addr}
R$@ $@ RELAY originated locally
R0 $@ RELAY originated locally
R127.0.0.1 $@ RELAY originated locally
RIPv6:::1 $@ RELAY originated locally
R$=R $* $@ RELAY relayable IP address
R$* $: $>A <$1> <+ Connect> <$1>
R $* $@ RELAY relayable IP address

R<> $* $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R<$*> <$*> $: $2
R$* $: [ $1 ] put brackets around it...
R$=w $@ RELAY ... and see if it is local

# check client name: first: did it resolve?
R$* $: < $&{client_resolve} >
R $#TEMP $@ 4.4.0 $: "450 Relaying temporarily denied. Cannot resolve PTR record for " $&{client_addr}
R $#error $@ 5.7.1 $: "550 Relaying denied. IP name possibly forged " $&{client_name}
R $#error $@ 5.7.1 $: "550 Relaying denied. IP name lookup failed " $&{client_name}
R$* $: <@> $&{client_name}
# pass to name server to make hostname canonical
R<@> $* $=P $: $1 $2
R<@> $+ $: $[ $1 $]
R$* . $1 strip trailing dots
R $=w $@ RELAY
R $* $=R $@ RELAY
R $* $: $>D <$1> <+ Connect> <$1>
R $* $@ RELAY
R<$* > $* $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R<$*> <$*> $: $2

######################################################################
### F: LookUpFull -- search for an entry in access database
###
### lookup of full key (which should be an address) and
### variations if +detail exists: +* and without +detail
###
### Parameters:
### <$1> -- key
### <$2> -- default (what to return if not found in db)
### <$3> -- mark (must be <(!|+) single-token>)
### ! does lookup only with tag
### + does lookup with and without tag
### <$4> -- passthru (additional data passed unchanged through)
######################################################################

SF
R<$+> <$*> <$- $-> <$*> $: <$(access $4:$1 $: ? $)> <$1> <$2> <$3 $4> <$5>
R <$+> <$*> <+ $-> <$*> $: <$(access $1 $: ? $)> <$1> <$2> <+ $3> <$4>
R <$+ + $* @ $+> <$*> <$- $-> <$*>
$: <$(access $6:$1+*@$3 $: ? $)> <$1+$2@$3> <$4> <$5 $6> <$7>
R <$+ + $* @ $+> <$*> <+ $-> <$*>
$: <$(access $1+*@$3 $: ? $)> <$1+$2@$3> <$4> <+ $5> <$6>
R <$+ + $* @ $+> <$*> <$- $-> <$*>
$: <$(access $6:$1@$3 $: ? $)> <$1+$2@$3> <$4> <$5 $6> <$7>
R <$+ + $* @ $+> <$*> <+ $-> <$*>
$: <$(access $1@$3 $: ? $)> <$1+$2@$3> <$4> <+ $5> <$6>
R <$+> <$*> <$- $-> <$*> $@ <$2> <$5>
R<$+ > <$*> <$- $-> <$*> $@ <> <$5>
R<$+> <$*> <$- $-> <$*> $@ <$1> <$5>

######################################################################
### E: LookUpExact -- search for an entry in access database
###
### Parameters:
### <$1> -- key
### <$2> -- default (what to return if not found in db)
### <$3> -- mark (must be <(!|+) single-token>)
### ! does lookup only with tag
### + does lookup with and without tag
### <$4> -- passthru (additional data passed unchanged through)
######################################################################

SE
R<$*> <$*> <$- $-> <$*> $: <$(access $4:$1 $: ? $)> <$1> <$2> <$3 $4> <$5>
R <$+> <$*> <+ $-> <$*> $: <$(access $1 $: ? $)> <$1> <$2> <+ $3> <$4>
R <$+> <$*> <$- $-> <$*> $@ <$2> <$5>
R<$+ > <$*> <$- $-> <$*> $@ <> <$5>
R<$+> <$*> <$- $-> <$*> $@ <$1> <$5>

######################################################################
### U: LookUpUser -- search for an entry in access database
###
### lookup of key (which should be a local part) and
### variations if +detail exists: +* and without +detail
###
### Parameters:
### <$1> -- key (user@)
### <$2> -- default (what to return if not found in db)
### <$3> -- mark (must be <(!|+) single-token>)
### ! does lookup only with tag
### + does lookup with and without tag
### <$4> -- passthru (additional data passed unchanged through)
######################################################################

SU
R<$+> <$*> <$- $-> <$*> $: <$(access $4:$1 $: ? $)> <$1> <$2> <$3 $4> <$5>
R <$+> <$*> <+ $-> <$*> $: <$(access $1 $: ? $)> <$1> <$2> <+ $3> <$4>
R <$+ + $* @> <$*> <$- $-> <$*>
$: <$(access $5:$1+*@ $: ? $)> <$1+$2@> <$3> <$4 $5> <$6>
R <$+ + $* @> <$*> <+ $-> <$*>
$: <$(access $1+*@ $: ? $)> <$1+$2@> <$3> <+ $4> <$5>
R <$+ + $* @> <$*> <$- $-> <$*>
$: <$(access $5:$1@ $: ? $)> <$1+$2@> <$3> <$4 $5> <$6>
R <$+ + $* @> <$*> <+ $-> <$*>
$: <$(access $1@ $: ? $)> <$1+$2@> <$3> <+ $4> <$5>
R <$+> <$*> <$- $-> <$*> $@ <$2> <$5>
R<$+ > <$*> <$- $-> <$*> $@ <> <$5>
R<$+> <$*> <$- $-> <$*> $@ <$1> <$5>

######################################################################
### SearchList: search a list of items in the access map
### Parameters:
### $| ... <>
### where "exact" is either "+" or "!":
### <+ TAG> lookup with and w/o tag
### lookup with tag
### possible values for "mark" are:
### D: recursive host lookup (LookUpDomain)
### E: exact lookup, no modifications
### F: full lookup, try user+ext@domain and user@domain
### U: user lookup, try user+ext and user (input must have trailing @)
### return: or (not found)
######################################################################

# class with valid marks for SearchList
C{Src}E F D U
SSearchList
# just call the ruleset with the name of the tag... nice trick...
R<$+> $| <$={Src}:$*> <$*> $: <$1> $| <$4> $| $>$2 <$3> <$1> <>
R<$+> $| <> $| <> $@
R<$+> $| <$+> $| <> $@ $>SearchList <$1> $| <$2>
R<$+> $| <$*> $| <$+> <> $@ <$3>
R<$+> $| <$+> $@ <$2>

######################################################################
### trust_auth: is user trusted to authenticate as someone else?
###
### Parameters:
### $1: AUTH= parameter from MAIL command
######################################################################

SLocal_trust_auth
Strust_auth
R$* $: $&{auth_type} $| $1
# required by RFC 2554 section 4.
R$@ $| $* $#error $@ 5.7.1 $: "550 not authenticated"
R$* $| $&{auth_authen} $@ identical
R$* $| <$&{auth_authen}> $@ identical
R$* $| $* $: $1 $| $>"Local_trust_auth" $2
R$* $| $#$* $#$2
R$* $#error $@ 5.7.1 $: "550 " $&{auth_authen} " not allowed to act as " $&{auth_author}

######################################################################
### Relay_Auth: allow relaying based on authentication?
###
### Parameters:
### $1: ${auth_type}
######################################################################
SLocal_Relay_Auth

######################################################################
### srv_features: which features to offer to a client?
### (done in server)
######################################################################
Ssrv_features
R$* $: $>D <$&{client_name}> <>
R$* $: $>A <$&{client_addr}> <>
R$* $: <$(access "Srv_Features": $: ? $)>
R$* $@ OK
R<$* >$* $#temp
R<$+>$* $# $1

######################################################################
### try_tls: try to use STARTTLS?
### (done in client)
######################################################################
Stry_tls
R$* $: $>D <$&{server_name}> <>
R$* $: $>A <$&{server_addr}> <>
R$* $: <$(access "Try_TLS": $: ? $)>
R$* $@ OK
R<$* >$* $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R$* $#error $@ 5.7.1 $: "550 do not try TLS with " $&{server_name} " ["$&{server_addr}"]"

######################################################################
### tls_rcpt: is connection with server "good" enough?
### (done in client, per recipient)
###
### Parameters:
### $1: recipient
######################################################################
Stls_rcpt
R$* $: $(macro {TLS_Name} $@ $&{server_name} $) $1
R$+ $: $>CanonAddr $1
R $+ < @ $+ . > $1 <@ $2 >
R $+ < @ $+ > $: $1 <@ $2 > $|
R $+ $: $1 $|
R$* $| $+ $: $1 $| $>SearchList $| $2 <>
R$* $| $@ OK
R$* $| <$* > $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R$* $| <$+> $@ $>"TLS_connection" $&{verify} $| <$2>

######################################################################
### tls_client: is connection with client "good" enough?
### (done in server)
###
### Parameters:
### ${verify} $| (MAIL|STARTTLS)
######################################################################
Stls_client
R$* $: $(macro {TLS_Name} $@ $&{server_name} $) $1
R$* $| $* $: $1 $| $>D <$&{client_name}> <>
R$* $| $* $: $1 $| $>A <$&{client_addr}> <>
R$* $| $* $: $1 $| <$(access "TLS_Clt": $: ? $)>
R$* $| <$* > $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R$* $@ $>"TLS_connection" $1

######################################################################
### tls_server: is connection with server "good" enough?
### (done in client)
###
### Parameter:
### ${verify}
######################################################################
Stls_server
R$* $: $(macro {TLS_Name} $@ $&{server_name} $) $1
R$* $: $1 $| $>D <$&{server_name}> <>
R$* $| $* $: $1 $| $>A <$&{server_addr}> <>
R$* $| $* $: $1 $| <$(access "TLS_Srv": $: ? $)>
R$* $| <$* > $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
R$* $@ $>"TLS_connection" $1

######################################################################
### TLS_connection: is TLS connection "good" enough?
###
### Parameters:
### ${verify} $| [<>]
### Requirement: RHS from access map, may be ? for none.
######################################################################
STLS_connection
R$* $| <$*>$* $: $1 $| <$2>
# create the appropriate error codes
R$* $| $: $1 $| <503:5.7.0> <$2 $3>
R$* $| $: $1 $| <403:4.7.0> <$2 $3>
R$* $| <$={Tls} $*> $: $1 $| <403:4.7.0> <$2 $3>
# deal with TLS handshake failures: abort
RSOFTWARE $| <$-:$+> $* $#error $@ $2 $: $1 " TLS handshake failed."
RSOFTWARE $| $* $#error $@ 4.7.0 $: "403 TLS handshake failed."
R$* $| <$*> $: <$2> <> $1
R$* $| <$*> $: <$2> <$3> $1
R$* $| <$*> <$={Tls}:$->$* $: <$2> <$3:$4> <> $1
R$* $| <$*> <$={Tls}:$- + $+>$* $: <$2> <$3:$4> <$5> $1
R$* $| $* $@ OK
# authentication required: give appropriate error
# other side did authenticate (via STARTTLS)
R<$*> <> OK $@ OK
R<$*> <$+> OK $: <$1> <$2>
R<$*> <$*> OK $: <$1> <$3>
R<$*> <$*> $* $: <$1> <$3>
R<$-:$+> <$*> $#error $@ $2 $: $1 " authentication required"
R<$-:$+> <$*> FAIL $#error $@ $2 $: $1 " authentication failed"
R<$-:$+> <$*> NO $#error $@ $2 $: $1 " not authenticated"
R<$-:$+> <$*> NOT $#error $@ $2 $: $1 " no authentication requested"
R<$-:$+> <$*> NONE $#error $@ $2 $: $1 " other side does not support STARTTLS"
R<$-:$+> <$*> $+ $#error $@ $2 $: $1 " authentication failure " $4
R<$*> <$*> $: <$1> <$3> $>max $&{cipher_bits} : $&{auth_ssf}
R<$*> <$*> $- $: <$1> <$2:$4> <$3> $(arith l $@ $4 $@ $2 $)
R<$-:$+><$-:$-> <$*> TRUE $#error $@ $2 $: $1 " encryption too weak " $4 " less than " $3
R<$-:$+><$-:$-> <$*> $* $: <$1:$2 ++ $5>
R<$-:$+ ++ > $@ OK
R<$-:$+ ++ $+ > $: <$1:$2> <$3>
R<$-:$+> < $+ ++ $+ > <$1:$2> <$3> <$4>
R<$-:$+> $+ $@ $>"TLS_req" $3 $| <$1:$2>

######################################################################
### TLS_req: check additional TLS requirements
###
### Parameters: [ ] $| <$-:$+>
### $-: SMTP reply code
### $+: Enhanced Status Code
######################################################################
STLS_req
R $| $+ $@ OK
R $* $| <$+> $: $1 $| <$2>
R $* $| <$+> $@ $>"TLS_req" $1 $| <$2>
R $* $| <$-:$+> $#error $@ $4 $: $3 " CN " $&{cn_subject} " does not match " $1
R $* $| <$+> $@ $>"TLS_req" $1 $| <$2>
R $* $| <$-:$+> $#error $@ $4 $: $3 " Cert Subject " $&{cert_subject} " does not match " $1
R $* $| <$+> $@ $>"TLS_req" $1 $| <$2>
R $* $| <$-:$+> $#error $@ $4 $: $3 " Cert Issuer " $&{cert_issuer} " does not match " $1
ROK $@ OK

######################################################################
### max: return the maximum of two values separated by :
###
### Parameters: [$-]:[$-]
######################################################################
Smax
R: $: 0
R:$- $: $1
R$-: $: $1
R$-:$- $: $(arith l $@ $1 $@ $2 $) : $1 : $2
RTRUE:$-:$- $: $2
R$-:$-:$- $: $2

######################################################################
### RelayTLS: allow relaying based on TLS authentication
###
### Parameters:
### none
######################################################################
SRelayTLS
# authenticated?
R$* $: $&{verify}
R OK $: OK authenticated: continue
R $* $@ NO not authenticated
R$* $: $&{cert_issuer}
R$+ $: $(access CERTISSUER:$1 $)
RRELAY $# RELAY
RSUBJECT $: <@> $&{cert_subject}
R<@> $+ $: <@> $(access CERTSUBJECT:$1 $)
R<@> RELAY $# RELAY
R$* $: NO

######################################################################
### authinfo: lookup authinfo in the access map
###
### Parameters:
### $1: {server_name}
### $2: {server_addr}
######################################################################
Sauthinfo
R$* $: $1 $| $>D <$&{server_name}> <>
R$* $| $* $: $1 $| $>A <$&{server_addr}> <>
R$* $| $* $: $1 $| <$(access AuthInfo: $: ? $)> <>
R$* $| $* $@ no no authinfo available
R$* $| <$*> <> $# $2

#
######################################################################
######################################################################
#####
##### MAIL FILTER DEFINITIONS
#####
######################################################################
######################################################################

#
######################################################################
######################################################################
#####
##### MAILER DEFINITIONS
#####
######################################################################
######################################################################

#####################################
### SMTP Mailer specification ###
#####################################

##### $Sendmail: smtp.m4,v 8.64 2001/04/03 01:52:54 gshapiro Exp $ #####

#
# common sender and masquerading recipient rewriting
#
SMasqSMTP
R$* < @ $* > $* $@ $1 < @ $2 > $3 already fully qualified
R$+ $@ $1 < @ *LOCAL* > add local qualification

#
# convert pseudo-domain addresses to real domain addresses
#
SPseudoToReal

# pass s through
R< @ $+ > $* $@ < @ $1 > $2 resolve

# output fake domains as user%fake@relay

# do UUCP heuristics; note that these are shared with UUCP mailers
R$+ < @ $+ .UUCP. > $: < $2 ! > $1 convert to UUCP form
R$+ < @ $* > $* $@ $1 < @ $2 > $3 not UUCP form

# leave these in .UUCP form to avoid further tampering
R< $&h ! > $- ! $+ $@ $2 < @ $1 .UUCP. >
R< $&h ! > $-.$+ ! $+ $@ $3 < @ $1.$2 >
R< $&h ! > $+ $@ $1 < @ $&h .UUCP. >
R< $+ ! > $+ $: $1 ! $2 < @ $Y > use UUCP_RELAY
R$+ < @ $~[ $* : $+ > $@ $1 < @ $4 > strip mailer: part
R$+ < @ > $: $1 < @ *LOCAL* > if no UUCP_RELAY

#
# envelope sender rewriting
#
SEnvFromSMTP
R$+ $: $>PseudoToReal $1 sender/recipient common
R$* :; <@> $@ list:; special case
R$* $: $>MasqSMTP $1 qualify unqual'ed names
R$+ $: $>MasqEnv $1 do masquerading

#
# envelope recipient rewriting --
# also header recipient if not masquerading recipients
#
SEnvToSMTP
R$+ $: $>PseudoToReal $1 sender/recipient common
R$+ $: $>MasqSMTP $1 qualify unqual'ed names
R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2

#
# header sender and masquerading header recipient rewriting
#
SHdrFromSMTP
R$+ $: $>PseudoToReal $1 sender/recipient common
R:; <@> $@ list:; special case

# do special header rewriting
R$* <@> $* $@ $1 <@> $2 pass null host through
R< @ $* > $* $@ < @ $1 > $2 pass route-addr through
R$* $: $>MasqSMTP $1 qualify unqual'ed names
R$+ $: $>MasqHdr $1 do masquerading

#
# relay mailer header masquerading recipient rewriting
#
SMasqRelay
R$+ $: $>MasqSMTP $1
R$+ $: $>MasqHdr $1

Msmtp, P=[IPC], F=mDFMuX, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP/HdrFromSMTP, E=\r\n, L=990,
T=DNS/RFC822/SMTP,
A=TCP $h
Mesmtp, P=[IPC], F=mDFMuXa, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP/HdrFromSMTP, E=\r\n, L=990,
T=DNS/RFC822/SMTP,
A=TCP $h
Msmtp8, P=[IPC], F=mDFMuX8, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP/HdrFromSMTP, E=\r\n, L=990,
T=DNS/RFC822/SMTP,
A=TCP $h
Mdsmtp, P=[IPC], F=mDFMuXa%, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP/HdrFromSMTP, E=\r\n, L=990,
T=DNS/RFC822/SMTP,
A=TCP $h
Mrelay, P=[IPC], F=mDFMuXa8, S=EnvFromSMTP/HdrFromSMTP, R=MasqSMTP/MasqRelay, E=\r\n, L=2040,
T=DNS/RFC822/SMTP,
A=TCP $h

######################*****##############
### PROCMAIL Mailer specification ###
##################*****##################

##### $Sendmail: procmail.m4,v 8.22 2001/11/12 23:11:34 ca Exp $ #####

Mprocmail, P=/usr/local/bin/procmail, F=DFMSPhnu9, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP/HdrFromSMTP,
T=DNS/RFC822/X-Unix,
A=procmail -Y -m $h $f $u

##################################################
### Local and Program Mailer specification ###
##################################################

##### $Sendmail: local.m4,v 8.58 2000/10/26 01:58:29 ca Exp $ #####

#
# Envelope sender rewriting
#
SEnvFromL
R<@> $n errors to mailer-daemon
R@ <@ $*> $n temporarily bypass Sun bogosity
R$+ $: $>AddDomain $1 add local domain if needed
R$* $: $>MasqEnv $1 do masquerading

#
# Envelope recipient rewriting
#
SEnvToL
R$+ < @ $* > $: $1 strip host part
R$+ + $* $: < $&{addr_type} > $1 + $2 mark with addr type
R $+ + $* $: $1 remove +detail for sender
R< $* > $+ $: $2 else remove mark

#
# Header sender rewriting
#
SHdrFromL
R<@> $n errors to mailer-daemon
R@ <@ $*> $n temporarily bypass Sun bogosity
R$+ $: $>AddDomain $1 add local domain if needed
R$* $: $>MasqHdr $1 do masquerading

#
# Header recipient rewriting
#
SHdrToL
R$+ $: $>AddDomain $1 add local domain if needed
R$* $: $>MasqHdr $1 do all-masquerading

#
# Common code to add local domain name (only if always-add-domain)
#
SAddDomain
R$* < @ $* > $* $@ $1 < @ $2 > $3 already fully qualified

R$+ $@ $1 < @ *LOCAL* > add local qualification

Mlocal, P=/usr/local/bin/procmail, F=lsDFMAw5:/|@qSPfhn9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL,
T=DNS/RFC822/X-Unix,
A=procmail -Y -a $h -d $u
Mprog, P=/bin/sh, F=lsDFMoqeu9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, D=$z:/,
T=X-Unix/X-Unix/X-Unix,
A=sh -c $u

NAT-olom a belső hálózatot.
Hogyan kapcsolom ki a HOSTNAMELOOKUP-ot?
köszi, üdv:
menyeet