Apply by doing: cd /usr/src patch -p0 < 028_sendmail.patch And then rebuild, install and restart sendmail: cd gnu/usr.sbin/sendmail make obj make depend make make install kill -HUP `sed 1q /var/run/sendmail.pid` Index: gnu/usr.sbin/sendmail/KNOWNBUGS =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/KNOWNBUGS,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- gnu/usr.sbin/sendmail/KNOWNBUGS 2000/04/02 19:48:09 1.2 +++ gnu/usr.sbin/sendmail/KNOWNBUGS 2001/01/15 21:08:50 1.3 @@ -1,7 +1,6 @@ K N O W N B U G S I N S E N D M A I L - (for 8.9.3) The following are bugs or deficiencies in sendmail that I am aware of @@ -13,7 +12,21 @@ This list is not guaranteed to be complete. +* Delivery to programs that generate too much output may cause problems + (8.10, 8.11) + If e-mail is delivered to a program which generates too much + output, then sendmail may issue an error: + + timeout waiting for input from local during Draining Input + + Make sure that the program does not generate output beyond a + status message (corresponding to the exit status). This may + require a wrapper around the actual program to redirect output + to /dev/null. + + Such a problem has been reported for bulk_mailer. + * Null bytes are not handled properly in headers. Sendmail should handle full binary data. As it stands, it handles @@ -198,4 +211,4 @@ state. This option and it's use is deprecated and will be removed from a future version of sendmail. -$Revision: 1.2 $, Last updated $Date: 2000/04/02 19:48:09 $ +$Revision: 1.3 $, Last updated $Date: 2001/01/15 21:08:50 $ Index: gnu/usr.sbin/sendmail/LICENSE =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/LICENSE,v retrieving revision 1.2 retrieving revision 1.4 diff -u -r1.2 -r1.4 --- gnu/usr.sbin/sendmail/LICENSE 2000/04/02 19:48:09 1.2 +++ gnu/usr.sbin/sendmail/LICENSE 2001/02/28 02:43:48 1.4 @@ -33,7 +33,7 @@ forth as paragraph 6 below, in the documentation and/or other materials provided with the distribution. For the purposes of binary distribution the "Copyright Notice" refers to the following language: - "Copyright (c) 1998-2000 Sendmail, Inc. All rights reserved." + "Copyright (c) 1998-2001 Sendmail, Inc. All rights reserved." 4. Neither the name of Sendmail, Inc. nor the University of California nor the names of their contributors may be used to endorse or promote @@ -76,4 +76,4 @@ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. -$Revision: 1.2 $, Last updated $Date: 2000/04/02 19:48:09 $ +$Revision: 1.4 $, Last updated $Date: 2001/02/28 02:43:48 $ Index: gnu/usr.sbin/sendmail/README =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/README,v retrieving revision 1.3 retrieving revision 1.4 diff -u -r1.3 -r1.4 --- gnu/usr.sbin/sendmail/README 2000/04/07 19:20:25 1.3 +++ gnu/usr.sbin/sendmail/README 2001/01/15 21:08:50 1.4 @@ -47,10 +47,9 @@ You will probably have to tweak this for your environment (for example, some systems put the spool directory into /usr/spool instead of -/var/spool and use /etc/mail for aliases file instead of /etc). If you -set the RunAsUser option in your sendmail.cf, the /var/spool/mqueue -directory will have to be owned by the RunAsUser user. As a general rule, -after you have compiled sendmail, run the command +/var/spool). If you set the RunAsUser option in your sendmail.cf, the +/var/spool/mqueue directory will have to be owned by the RunAsUser user. +As a general rule, after you have compiled sendmail, run the command sendmail -v -bi @@ -90,8 +89,8 @@ delivery. Other files affected by this strengthened security include class -files (i.e. Fw /etc/sendmail.cw), persistent host status files, and -the files specified by the ErrorHeader and HelpFile options. Similar +files (i.e. Fw /etc/mail/local-host-names), persistent host status files, +and the files specified by the ErrorHeader and HelpFile options. Similar DontBlameSendmail flags are available for the class, ErrorHeader, and HelpFile files. @@ -187,6 +186,7 @@ RFC2033 Local Mail Transfer Protocol (LMTP) RFC2034 SMTP Service Extension for Returning Enhanced Error Codes RFC2476 Message Submission + RFC2487 SMTP Service Extension for Secure SMTP over TLS RFC2554 SMTP Service Extension for Authentication Other standards that may be of interest (but which are less directly @@ -200,6 +200,27 @@ RFC1035. ++---------+ +| WARNING | ++---------+ + +Since sendmail 8.11 and later includes hooks to cryptography, the +following information from OpenSSL applies to sendmail as well. + +PLEASE REMEMBER THAT EXPORT/IMPORT AND/OR USE OF STRONG CRYPTOGRAPHY +SOFTWARE, PROVIDING CRYPTOGRAPHY HOOKS OR EVEN JUST COMMUNICATING +TECHNICAL DETAILS ABOUT CRYPTOGRAPHY SOFTWARE IS ILLEGAL IN SOME +PARTS OF THE WORLD. SO, WHEN YOU IMPORT THIS PACKAGE TO YOUR +COUNTRY, RE-DISTRIBUTE IT FROM THERE OR EVEN JUST EMAIL TECHNICAL +SUGGESTIONS OR EVEN SOURCE PATCHES TO THE AUTHOR OR OTHER PEOPLE +YOU ARE STRONGLY ADVISED TO PAY CLOSE ATTENTION TO ANY EXPORT/IMPORT +AND/OR USE LAWS WHICH APPLY TO YOU. THE AUTHORS ARE NOT LIABLE FOR +ANY VIOLATIONS YOU MAKE HERE. SO BE CAREFUL, IT IS YOUR RESPONSIBILITY. + +If you use OpenSSL then make sure you read their README file which +contains information about patents etc. + + +-------------------+ | DATABASE ROUTINES | +-------------------+ @@ -364,4 +385,4 @@ test Some test scripts (currently only for compilation aids). vacation Source for the vacation program. NOT PART OF SENDMAIL! -$Revision: 1.3 $, Last updated $Date: 2000/04/07 19:20:25 $ +$Revision: 1.4 $, Last updated $Date: 2001/01/15 21:08:50 $ Index: gnu/usr.sbin/sendmail/RELEASE_NOTES =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/RELEASE_NOTES,v retrieving revision 1.2 retrieving revision 1.5 diff -u -r1.2 -r1.5 --- gnu/usr.sbin/sendmail/RELEASE_NOTES 2000/04/07 19:20:26 1.2 +++ gnu/usr.sbin/sendmail/RELEASE_NOTES 2001/05/29 01:31:10 1.5 @@ -1,18 +1,628 @@ SENDMAIL RELEASE NOTES - $Sendmail: RELEASE_NOTES,v 8.561 2000/04/06 23:51:49 gshapiro Exp $ + $Sendmail: RELEASE_NOTES,v 8.561.2.5.2.235 2001/05/27 21:39:16 gshapiro Exp $ This listing shows the version of the sendmail binary, the version of the sendmail configuration files, the date of release, and a summary of the changes in that release. +8.11.4/8.11.4 2001/05/28 + Clean up signal handling routines to reduce the chances of heap + corruption and other potential race conditions. + Terminating and restarting the daemon may not be + instantaneous due to this change. Also, non-root users can + no longer send out-of-band signals. Problem reported by + Michal Zalewski of BindView. + If LogLevel is greater than 9 and SASL fails to negotiate an + encryption layer, avoid core dump logging the encryption + strength. Problem noted by Miroslav Zubcic of Crol. + If a server offers "AUTH=" and "AUTH " and the list of mechanisms is + different in those two lines, sendmail might not have + recognized (and used) all of the offered mechanisms. + Fix an IP address lookup problem on Solaris 2.0 - 2.3. Patch + from Kenji Miyake. + This time, really don't use the .. directory when expanding + QueueDirectory wildcards. + If a process is interrupted while closing a map, don't try to close + the same map again while exiting. + Allow local mailers (F=l) to contact remote hosts (e.g., via + LMTP). Problem noted by Norbert Klasen of the University + of Tuebingen. + If Timeout.QueueReturn was set to a value less the time it took + to write a new queue file (e.g., 0 seconds), the bounce + message would be lost. Problem noted by Lorraine L Goff of + Oklahoma State University. + Pass map argument vector into map rewriting engine for the regex + and prog map types. Problem noted by Stephen Gildea of + InTouch Systems, Inc. + When closing an LDAP map due to a temporary error, close all of the + other LDAP maps which share the original map's connection + to the LDAP server. Patch from Victor Duchovni of + Morgan Stanley. + To detect changes of NDBM aliases files check the timestamp of the + .pag file instead of the .dir file. Problem noted by Neil + Rickert of Northern Illinois University. + Don't treat temporary hesiod lookup failures as permanent. Patch + from Werner Wiethege. + If ClientPortOptions is set, make sure to create the outgoing socket + with the family set in that option. Patch from Sean Farley. + Avoid a segmentation fault trying to dereference a NULL pointer + when logging a MaxHopCount exceeded error with an empty + recipient list. Problem noted by Chris Adams of HiWAAY + Internet Services. + Fix DSN for "Too many hops" bounces. Problem noticed by Ulrich + Windl of the Universitaet Regensburg. + Fix DSN for "mail loops back to me" bounces. Problem noticed by + Kari Hurtta of the Finnish Meteorological Institute. + Portability: + OpenBSD has a broken setreuid() implementation. + CONFIG: Undo change from 8.11.1: change 501 SMTP reply code back + to 553 since it is allowed by DRUMS. + CONFIG: Add OSTYPE(freebsd4) for FreeBSD 4.X. + DEVTOOLS: install.sh did not properly handle paths in the source + file name argument. Noted by Kari Hurtta of the Finnish + Meteorological Institute. + DEVTOOLS: Add FAST_PID_RECYCLE to compile time options for OpenBSD + since it generates random process ids. + PRALIASES: Add back adaptive algorithm to deal with different endings + of entries in the database (with/without trailing '\0'). + Patch from John Beck of Sun Microsystems. + New Files: + cf/ostype/freebsd4.m4 + +8.11.3/8.11.3 2001/02/27 + Prevent a segmentation fault when a bogus value was used in the + LDAPDefaultSpec option's -r, -s, or -M flags and if a bogus + option was used. Problem noted by Allan E Johannesen of + Worcester Polytechnic Institute. + Prevent "token too long" message by shortening {currHeader} which + could be too long if the last copied character was a quote. + Problem detected by Jan Krueger of digitalanswers + communications consulting gmbh. + Additional IPv6 check for unspecified addresses. Patch from + Jun-ichiro itojun Hagino of the KAME Project. + Do not ignore the ClientPortOptions setting if DaemonPortOptions + Modifier=b (bind to same interface) is set and the + connection came in from the command line. + Do not bind to the loopback address if DaemonPortOptions + Modifier=b (bind to same interface) is set. Patch from + John Beck of Sun Microsystems. + Properly deal with open failures on non-optional maps used in + check_* rulesets by returning a temporary failure. + Buffered file I/O files were not being properly fsync'ed to disk + when they were committed. + Properly encode '=' for the AUTH= parameter of the MAIL command. + Problem noted by Hadmut Danisch. + Under certain circumstances the macro {server_name} could be set + to the wrong hostname (of a previous connection), which may + cause some rulesets to return wrong results. This would + usually cause mail to be queued up and delivered later on. + Ignore F=z (LMTP) mailer flag if $u is given in the mailer A= + equate. Problem noted by Motonori Nakamura of Kyoto + University. + Work around broken accept() implementations which only partially + fill in the peer address if the socket is closed before + accept() completes. + Return an SMTP "421" temporary failure if the data file can't be + opened where the "354" reply would normally be given. + Prevent a CPU loop in trying to expand a macro which doesn't exist + in a queue run. Problem noted by Gordon Lack of Glaxo + Wellcome. + If delivering via a program and that program exits with EX_TEMPFAIL, + note that fact for the mailq display instead of just showing + "Deferred". Problem noted by Motonori Nakamura of Kyoto + University. + If doing canonification via /etc/hosts, try both the fully + qualified hostname as well as the first portion of the + hostname. Problem noted by David Bremner of the + University of New Brunswick. + Portability: + Fix a compilation problem for mail.local and rmail if SFIO + is in use. Problem noted by Auteria Wally + Winzer Jr. of Champion Nutrition. + IPv6 changes for platforms using KAME. Patch from + Jun-ichiro itojun Hagino of the KAME Project. + OpenBSD 2.7 and higher has srandomdev(3). OpenBSD 2.8 and + higher has BSDI-style login classes. Patch from + Todd C. Miller of Courtesan Consulting. + Unixware 7.1.1 doesn't allow h_errno to be set directly if + sendmail is being compiled with -kthread. Problem + noted by Orion Poplawski of CQG, Inc. + CONTRIB: buildvirtuser: Substitute current domain for $DOMAIN and + current left hand side for $LHS in virtuser files. + DEVTOOLS: Do not pass make targets to recursive Build invocations. + Problem noted by Jeff Bronson of J.D. Bronson, Inc. + MAIL.LOCAL: In LMTP mode, do not return errors regarding problems + storing the temporary message file until after the remote + side has sent the final DATA termination dot. Problem + noted by Allan E Johannesen of Worcester Polytechnic + Institute. + MAIL.LOCAL: If LMTP mode is set, give a temporary error if users + are also specified on the command line. Patch from + Motonori Nakamura of Kyoto University. + PRALIASES: Skip over AliasFile specifications which aren't based on + database files (i.e., only show dbm, hash, and btree). + Renamed Files: + devtools/OS/OSF1.V5.0 => devtools/OS/OSF1.V5.x + +8.11.2/8.11.2 2000/12/29 + Prevent a segmentation fault when trying to set a class in + address test mode due to a negative array index. Audit + other array indexing. This bug is not believed to be + exploitable. Noted by Michal Zalewski of the "Internet for + Schools" project (IdS). + Add an FFR (for future release) to drop privileges when using + address test mode. This will be turned on in 8.12. It can + be enabled by compiling with: + APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_TESTMODE_DROP_PRIVS') + in your devtools/Site/site.config.m4 file. Suggested by + Michal Zalewski of the "Internet for Schools" project (IdS). + Fix potential problem with Cyrus-SASL security layer which may have + caused I/O errors, especially for mechanism DIGEST-MD5. + When QueueSortOrder was set to host, sendmail might not read + enough of the queue file to determine the host, making the + sort sub-optimal. Problem noted by Jeff Earickson of + Colby College. + Don't issue DSNs for addresses which use the NOTIFY parameter (per + RFC 1891) but don't have FAILURE as value. + Initialize Cyrus-SASL library before the SMTP daemon is started. + This implies that every change to SASL related files requires + a restart of the daemon, e.g., Sendmail.conf, new SASL + mechanisms (in form of shared libraries). + Properly set the STARTTLS related macros during a queue run for + a cached connection. Bug reported by Michael Kellen of + NxNetworks, Inc. + Log the server name in relay= for ruleset tls_server instead of the + client name. + Include original length of bad field/header when reporting + MaxMimeHeaderLength problems. Requested by Ulrich Windl of + the Universitat Regensburg. + Fix delivery to set-user-ID files that are expanded from aliases in + DeliveryMode queue. Problem noted by Ric Anderson of the + University of Arizona. + Fix LDAP map -m (match only) flag. Problem noted by Jeff Giuliano + of Collective Technologies. + Avoid using a negative argument for sleep() calls when delaying answers + to EXPN/VRFY commands on systems which respond very slowly. + Problem noted by Mikolaj J. Habryn of Optus Internet + Engineering. + Make sure the F=u flag is set in the default prog mailer + definition. Problem noted by Kari Hurtta of the Finnish + Meteorological Institute. + Fix IPv6 check for unspecified addresses. Patch from + Jun-ichiro itojun Hagino of the KAME Project. + Fix return values for IRIX nsd map. From Kari Hurtta of the Finnish + Meteorological Institute. + Fix parsing of DaemonPortOptions and ClientPortOptions. Read all + of the parameters to find Family= setting before trying to + interpret Addr= and Port=. Problem noted by Valdis + Kletnieks of Virginia Tech. + When delivering to a file directly from an alias, do not call + initgroups(); instead use the DefaultUser group information. + Problem noted by Marc Schaefer of ALPHANET NF. + RunAsUser now overrides the ownership of the control socket, if + created. Otherwise, sendmail can not remove it upon + close. Problem noted by Werner Wiethege. + Fix ConnectionRateThrottle counting as the option is the number of + overall connections, not the number of connections per + socket. A future version may change this to per socket + counting. + Portability: + Clean up libsmdb so it functions properly on platforms + where sizeof(u_int32_t) != sizeof(size_t). Problem + noted by Rein Tollevik of Basefarm AS. + Fix man page formatting for compatibility with Solaris' + whatis. From Stephen Gildea of InTouch Systems, Inc. + UnixWare 7 includes snprintf() support. From Larry + Rosenman. + IPv6 changes for platforms using KAME. Patch from + Jun-ichiro itojun Hagino of the KAME Project. + Avoid a typedef compile conflict with Berkeley DB 3.X and + Solaris 2.5 or earlier. Problem noted by Bob Hughes + of Pacific Access. + Add preliminary support for AIX 5. Contributed by + Valdis Kletnieks of Virginia Tech. + Solaris 9 load average support from Andrew Tucker of Sun + Microsystems. + CONFIG: Reject addresses of the form a!b if FEATURE(`nouucp', `r') + is used. Problem noted by Phil Homewood of Asia Online, + patch from Neil Rickert of Northern Illinois University. + CONFIG: Change the default DNS based blacklist server for + FEATURE(`dnsbl') to blackholes.mail-abuse.org. + CONFIG: Deal correctly with the 'C' flag in {daemon_flags}, i.e., + implicitly assume canonical host names. + CONFIG: Deal with "::" in IPv6 addresses for access_db. Based on + patch by Motonori Nakamura of Kyoto University. + CONFIG: New OSTYPE(`aix5') contributed by Valdis Kletnieks of + Virginia Tech. + CONFIG: Pass the illegal header form through untouched + instead of making it worse. Problem noted by Motonori + Nakamura of Kyoto University. + CONTRIB: Added buildvirtuser (see `perldoc contrib/buildvirtuser`). + CONTRIB: qtool.pl: An empty queue is not an error. Problem noted + by Jan Krueger of digitalanswers communications consulting + gmbh. + CONTRIB: domainmap.m4: Handle domains with '-' in them. From Mark + Roth of the University of Illinois at Urbana-Champaign. + DEVTOOLS: Change the internal devtools OS, REL, and ARCH m4 + variables into bldOS, bldREL, and bldARCH to prevent + namespace collisions. Problem noted by Motonori Nakamura + of Kyoto University. + RMAIL: Undo the 8.11.1 change to use -G when calling sendmail. It + causes some changes in behavior and may break rmail for + installations where sendmail is actually a wrapper to + another MTA. The change will re-appear in a future + version. + SMRSH: Use the vendor supplied directory on HPUX 10.X, HPUX 11.X, + and SunOS 5.8. Requested by Jeff A. Earickson of Colby + College and John Beck of Sun Microsystems. + VACATION: Fix pattern matching for addresses to ignore. + VACATION: Don't reply to addresses of the form owner-* + or *-owner. + New Files: + cf/ostype/aix5.m4 + contrib/buildvirtuser + devtools/OS/AIX.5.0 + +8.11.1/8.11.1 2000/09/27 + Fix SMTP EXPN command output if the address expands to a single + name. Fix from John Beck of Sun Microsystems. + Don't try STARTTLS in the client if the PRNG has not been properly + seeded. This problem only occurs on systems without + /dev/urandom. Problem detected by Jan Krueger of + digitalanswers communications consulting gmbh and + Neil Rickert of Northern Illinois University. + Don't use the . and .. directories when expanding QueueDirectory + wildcards. + Do not try to cache LDAP connections across processes as a parent + process may close the connection before the child process + has completed. Problem noted by Lai Yiu Fai of the Hong + Kong University of Science and Technology and Wolfgang + Hottgenroth of UUNET. + Use Timeout.fileopen to limit the amount of time spent trying to + read the LDAP secret from a file. + Prevent SIGTERM from removing a command line submitted item after + the user submits the message and before the first delivery + attempt completes. Problem noted by Max France of AlphaNet. + Fix from Neil Rickert of Northern Illinois University. + Deal correctly with MaxMessageSize restriction if message size is + greater than 2^31. Problem noted by Tim "Darth Dice" Bosserman + of EarthLink. + Turn off queue checkpointing if CheckpointInterval is set to zero. + Treat an empty home directory (from getpw*() or $HOME) as + non-existent instead of treating it as /. Problem noted by + Todd C. Miller of Courtesan Consulting. + Don't drop duplicate headers when reading a queued item. Problem + noted by Motonori Nakamura of Kyoto University. + Avoid bogus error text when logging the savemail panic "cannot + save rejected email anywhere". Problem noted by Marc G. + Fournier of Acadia University. + If an LDAP search fails because the LDAP server went down, close + the map so subsequent searches reopen the map. If there are + multiple LDAP servers, the down server will be skipped and + one of the others may be able to take over. + Set the ${load_avg} macro to the current load average, not the + previous load average query result. + If a non-optional map used in a check_* ruleset can't be opened, + return a temporary failure to the remote SMTP client + instead of ignoring the map. Problem noted by Allan E + Johannesen of Worcester Polytechnic Institute. + Avoid a race condition when queuing up split envelopes by saving + the split envelopes before the original envelope. + Fix a bug in the PH_MAP code which caused mail to bounce instead of + defer if the PH server could not be contacted. From Mark + Roth of the University of Illinois at Urbana-Champaign. + Prevent QueueSortOrder=Filename from interfering with -qR, -qS, and + ETRN. Problem noted by Erik R. Leo of SoVerNet. + Change error code for unrecognized parameters to the SMTP MAIL and + RCPT commands from 501 to 555 per RFC 1869. Problem + reported to Postfix by Robert Norris of Monash University. + Prevent overwriting the argument of -B on certain OS. Problem + noted by Matteo Gelosa of I.NET S.p.A. + Use the proper routine for freeing memory with Netscape's LDAP + client libraries. Patch from Paul Hilchey of the + University of British Columbia. + Portability: + Move the NETINET6 define to devtools/OS/SunOS.5.{8,9} + instead of defining it in conf.h so users can + override the setting. Suggested by + Henrik Nordstrom of Ericsson. + On HP-UX 10.X and 11.X, use /usr/sbin/sendmail instead of + /usr/lib/sendmail for rmail and vacation. From + Jeff A. Earickson of Colby College. + On HP-UX 11.X, use /usr/sbin instead of /usr/libexec (which + does not exist). From Jeff A. Earickson of Colby + College. + Avoid using the UCB subsystem on NCR MP-RAS 3.x. From + Tom Moore of NCR. + NeXT 3.X and 4.X installs man pages in /usr/man. From + Hisanori Gogota of NTT/InterCommunicationCenter. + Solaris 8 and later include /var/run. The default PID file + location is now /var/run/sendmail.pid. From John + Beck of Sun Microsystems. + SFIO includes snprintf() for those operating systems + which do not. From Todd C. Miller of Courtesan + Consulting. + CONFIG: Use the result of _CERT_REGEX_SUBJECT_ not {cert_subject}. + Problem noted by Kaspar Brand of futureLab AG. + CONFIG: Change 553 SMTP reply code to 501 to avoid problems with + errors in the MAIL address. + CONFIG: Fix FEATURE(nouucp) usage in example .mc files. Problem + noted by Ron Jarrell of Virginia Tech. + CONFIG: Add support for Solaris 8 (and later) as OSTYPE(solaris8). + Contributed by John Beck of Sun Microsystems. + CONFIG: Set confFROM_HEADER such that the mail hub can possibly add + GECOS information for an address. This more closely + matches pre-8.10 nullclient behavior. From Per Hedeland of + Ericsson. + CONFIG: Fix MODIFY_MAILER_FLAGS(): apply the flag modifications for + SMTP to all *smtp* mailers and those for RELAY to the relay + mailer as described in cf/README. + MAIL.LOCAL: Open the mailbox as the recipient not root so quotas + are obeyed. Problem noted by Damian Kuczynski of NIK. + MAKEMAP: Do not change a map's owner to the TrustedUser if using + makemap to 'unmake' the map. + RMAIL: Avoid overflowing the list of recipients being passed to + sendmail. + RMAIL: Invoke sendmail with '-G' to indicate this is a gateway + submission. Problem noted by Kari Hurtta of the Finnish + Meteorological Institute. + VACATION: Read the complete message to avoid "broken pipe" signals. + VACATION: Do not cut off vacation.msg files which have a single + dot as the only character on the line. + New Files: + cf/ostype/solaris8.m4 + +8.11.0/8.11.0 2000/07/19 + SECURITY: If sendmail is installed as a non-root set-user-ID binary + (not the normal case), some operating systems will still + keep a saved-uid of the effective-uid when sendmail tries + to drop all of its privileges. If sendmail needs to drop + these privileges and the operating system doesn't set the + saved-uid as well, exit with an error. Problem noted by + Kari Hurtta of the Finnish Meteorological Institute. + SECURITY: sendmail depends on snprintf() NUL terminating the string + it populates. It is possible that some broken + implementations of snprintf() exist that do not do this. + Systems in this category should compile with + -DSNPRINTF_IS_BROKEN=1. Use test/t_snprintf.c to test your + system and report broken implementations to + sendmail-bugs@sendmail.org and your OS vendor. Problem + noted by Slawomir Piotrowski of TELSAT GP. + Support SMTP Service Extension for Secure SMTP (RFC 2487) (STARTTLS). + Implementation influenced by the example programs of + OpenSSL and the work of Lutz Jaenicke of TU Cottbus. + Add new STARTTLS related options CACERTPath, CACERTFile, + ClientCertFile, ClientKeyFile, DHParameters, RandFile, + ServerCertFile, and ServerKeyFile. These are documented in + cf/README and doc/op/op.*. + New STARTTLS related macros: ${cert_issuer}, ${cert_subject}, + ${tls_version}, ${cipher}, ${cipher_bits}, ${verify}, + ${server_name}, and ${server_addr}. These are documented + in cf/README and doc/op/op.*. + Add support for the Entropy Gathering Daemon (EGD) for better + random data. + New DontBlameSendmail option InsufficientEntropy for systems which + don't properly seed the PRNG for OpenSSL but want to + try to use STARTTLS despite the security problems. + Support the security layer in SMTP AUTH for mechanisms which + support encryption. Based on code contributed by Tim + Martin of CMU. + Add new macro ${auth_ssf} to reflect the SMTP AUTH security + strength factor. + LDAP's -1 (single match only) flag was not honored if the -z + (delimiter) flag was not given. Problem noted by ST Wong of + the Chinese University of Hong Kong. Fix from Mark Adamson + of CMU. + Add more protection from accidentally tripping OpenLDAP 1.X's + ld_errno == LDAP_DECODING_ERROR hack on ldap_next_attribute(). + Suggested by Kurt Zeilenga of OpenLDAP. + Fix the default family selection for DaemonPortOptions. As + documented, unless a family is specified in a + DaemonPortOptions option, "inet" is the default. It is + also the default if no DaemonPortOptions value is set. + Therefore, IPv6 users should configure additional sockets + by adding DaemonPortOptions settings with Family=inet6 if + they wish to also listen on IPv6 interfaces. Problem noted + by Jun-ichiro itojun Hagino of the KAME Project. + Set ${if_family} when setting ${if_addr} and ${if_name} to reflect + the interface information for an outgoing connection. + Not doing so was creating a mismatch between the socket + family and address used in subsequent connections if the + M=b modifier was set in DaemonPortOptions. Problem noted + by John Beck of Sun Microsystems. + If DaemonPortOptions modifier M=b is used, determine the socket + family based on the IP address. ${if_family} is no longer + persistent (i.e., saved in qf files). Patch from John Beck + of Sun Microsystems. + sendmail 8.10 and 8.11 reused the ${if_addr} and ${if_family} + macros for both the incoming interface address/family and + the outgoing interface address/family. In order for M=b + modifier in DaemonPortOptions to work properly, preserve + the incoming information in the queue file for later + delivery attempts. + Use SMTP error code and enhanced status code from check_relay in + responses to commands. Problem noted by Jeff Wasilko of + smoe.org. + Add more vigilance in checking for putc() errors on output streams + to protect from a bug in Solaris 2.6's putc(). Problem + noted by Graeme Hewson of Oracle. + The LDAP map -n option (return attribute names only) wasn't working. + Problem noted by Ajay Matia. + Under certain circumstances, an address could be listed as deferred + but would be bounced back to the sender as failed to be + delivered when it really should have been queued. Problem + noted by Allan E Johannesen of Worcester Polytechnic Institute. + Prevent a segmentation fault in a child SMTP process from getting + the SMTP transaction out of sync. Problem noted by Per + Hedeland of Ericsson. + Turn off RES_DEBUG if SFIO is defined unless SFIO_STDIO_COMPAT + is defined to avoid a core dump due to incompatibilities + between sfio and stdio. Problem noted by Neil Rickert + of Northern Illinois University. + Don't log useless envelope ID on initial connection log. Problem + noted by Kari Hurtta of the Finnish Meteorological Institute. + Convert the free disk space shown in a control socket status query + to kilobyte units. + If TryNullMXList is True and there is a temporary DNS failure + looking up the hostname, requeue the message for a later + attempt. Problem noted by Ari Heikkinen of Pohjois-Savo + Polytechnic. + Under the proper circumstances, failed connections would be recorded + as "Bad file number" instead of "Connection failed" in the + queue file and persistent host status. Problem noted by + Graeme Hewson of Oracle. + Avoid getting into an endless loop if a non-hoststat directory exists + within the hoststatus directory (e.g., lost+found). + Patch from Valdis Kletnieks of Virginia Tech. + Make sure Timeout.queuereturn=now returns a bounce message to the + sender. Problem noted by Per Hedeland of Ericsson. + If a message data file can't be opened at delivery time, panic and + abort the attempt instead of delivering a message that + states "<<< No Message Collected >>>". + Fixup the GID checking code from 8.10.2 as it was overly + restrictive. Problem noted by Mark G. Thomas of Mark + G. Thomas Consulting. + Preserve source port number instead of replacing it with the ident + port number (113). + Document the queue status characters in the mailq man page. + Suggested by Ulrich Windl of the Universitat Regensburg. + Process queued items in which none of the recipient addresses have + host portions (or there are no recipients). Problem noted + by Valdis Kletnieks of Virginia Tech. + If a cached LDAP connection is used for multiple maps, make sure + only the first to open the connection is allowed to close + it so a later map close doesn't break the connection for + other maps. Problem noted by Wolfgang Hottgenroth of UUNET. + Netscape's LDAP libraries do not support Kerberos V4 + authentication. Patch from Rainer Schoepf of the + University of Mainz. + Provide workaround for inconsistent handling of data passed + via callbacks to Cyrus SASL prior to version 1.5.23. + Mention ENHANCEDSTATUSCODES in the SMTP HELP helpfile. Omission + noted by Ulrich Windl of the Universitat Regensburg. + Portability: + Add the ability to read IPv6 interface addresses into class + 'w' under FreeBSD (and possibly others). From Jun + Kuriyama of IMG SRC, Inc. and the FreeBSD Project. + Replace code for finding the number of CPUs on HPUX. + NCRUNIX MP-RAS 3.02 SO_REUSEADDR socket option does not + work properly causing problems if the accept() + fails and the socket needs to be reopened. Patch + from Tom Moore of NCR. + NetBSD uses a .0 extension of formatted man pages. From + Andrew Brown of Crossbar Security. + Return to using the IPv6 AI_DEFAULT flag instead of AI_V4MAPPED + for calls to getipnodebyname(). The Linux + implementation is broken so AI_ADDRCONFIG is stripped + under Linux. From John Beck of Sun Microsystems and + John Kennedy of Cal State University, Chico. + CONFIG: Catch invalid addresses containing a ',' at the wrong place. + Patch from Neil Rickert of Northern Illinois University. + CONFIG: New variables for the new sendmail options: + confCACERT_PATH CACERTPath + confCACERT CACERTFile + confCLIENT_CERT ClientCertFile + confCLIENT_KEY ClientKeyFile + confDH_PARAMETERS DHParameters + confRAND_FILE RandFile + confSERVER_CERT ServerCertFile + confSERVER_KEY ServerKeyFile + CONFIG: Provide basic rulesets for TLS policy control and add new + tags to the access database to support these policies. See + cf/README for more information. + CONFIG: Add TLS information to the Received: header. + CONFIG: Call tls_client ruleset from check_mail in case it wasn't + called due to a STARTTLS command. + CONFIG: If TLS_PERM_ERR is defined, TLS related errors are permanent + instead of temporary. + CONFIG: FEATURE(`relay_hosts_only') didn't work in combination with + the access map and relaying to a domain without using a To: + tag. Problem noted by Mark G. Thomas of Mark G. Thomas + Consulting. + CONFIG: Set confEBINDIR to /usr/sbin to match the devtools entry in + OSTYPE(`linux') and OSTYPE(`mklinux'). From Tim Pierce of + RootsWeb.com. + CONFIG: Make sure FEATURE(`nullclient') doesn't use aliasing and + forwarding to make it as close to the old behavior as + possible. Problem noted by George W. Baltz of the + University of Maryland. + CONFIG: Added OSTYPE(`darwin') for Mac OS X and Darwin users. From + Wilfredo Sanchez of Apple Computer, Inc. + CONFIG: Changed the map names used by FEATURE(`ldap_routing') from + ldap_mailhost and ldap_mailroutingaddress to ldapmh and + ldapmra as underscores in map names cause problems if + underscore is in OperatorChars. Problem noted by Bob Zeitz + of the University of Alberta. + CONFIG: Apply blacklist_recipients also to hosts in class {w}. + Patch from Michael Tratz of Esosoft Corporation. + CONFIG: Use A=TCP ... instead of A=IPC ... in SMTP mailers. + CONTRIB: Add link_hash.sh to create symbolic links to the hash + of X.509 certificates. + CONTRIB: passwd-to-alias.pl: More protection from special characters; + treat special shells as root aliases; skip entries where the + GECOS full name and username match. From Ulrich Windl of the + Universitat Regensburg. + CONTRIB: qtool.pl: Add missing last_modified_time method and fix a + typo. Patch from Graeme Hewson of Oracle. + CONTRIB: re-mqueue.pl: Improve handling of a race between re-mqueue + and sendmail. Patch from Graeme Hewson of Oracle. + CONTRIB: re-mqueue.pl: Don't exit(0) at end so can be called as + subroutine Patch from Graeme Hewson of Oracle. + CONTRIB: Add movemail.pl (move old mail messages between queues by + calling re-mqueue.pl) and movemail.conf (configuration + script for movemail.pl). From Graeme Hewson of Oracle. + CONTRIB: Add cidrexpand (expands CIDR blocks as a preprocessor to + makemap). From Derek J. Balling of Yahoo,Inc. + DEVTOOLS: INSTALL_RAWMAN installation option mistakenly applied any + extension modifications (e.g., MAN8EXT) to the installation + target. Patch from James Ralston of Carnegie Mellon + University. + DEVTOOLS: Add support for SunOS 5.9. + DEVTOOLS: New option confLN contains the command used to create + links. + LIBSMDB: Berkeley DB 2.X and 3.X errors might be lost and not + reported. + MAIL.LOCAL: DG/UX portability. Problem noted by Tim Boyer of + Denman Tire Corporation. + MAIL.LOCAL: Prevent a possible DoS attack when compiled with + -DCONTENTLENGTH. Based on patch from 3APA3A@SECURITY.NNOV.RU. + MAILSTATS: Fix usage statement (-p and -o are optional). + MAKEMAP: Change man page layout as workaround for problem with nroff + and -man on Solaris 7. Patch from Larry Williamson. + RMAIL: AIX 4.3 has snprintf(). Problem noted by David Hayes of + Black Diamond Equipment, Limited. + RMAIL: Prevent a segmentation fault if the incoming message does not + have a From line. + VACATION: Read all of the headers before deciding whether or not + to respond instead of stopping after finding recipient. + Added Files: + cf/ostype/darwin.m4 + contrib/cidrexpand + contrib/link_hash.sh + contrib/movemail.conf + contrib/movemail.pl + devtools/OS/SunOS.5.9 + test/t_snprintf.c + +8.10.2/8.10.2 2000/06/07 + SECURITY: Work around broken Linux setuid() implementation. + On Linux, a normal user process has the ability to subvert + the setuid() call such that it is impossible for a root + process to drop its privileges. Problem noted by Wojciech + Purczynski of elzabsoft.pl. + SECURITY: Add more vigilance around set*uid(), setgid(), setgroups(), + initgroups(), and chroot() calls. + Added Files: + test/t_setuid.c + 8.10.1/8.10.1 2000/04/06 SECURITY: Limit the choice of outgoing (client-side) SMTP Authentication mechanisms to those specified in AuthMechanisms to prevent information leakage. We do not recommend use of PLAIN for outgoing mail as it sends the password in clear text to possibly untrusted servers. See - cf/README's DefAuthInfo section for additional information. + cf/README's DefaultAuthInfo section for additional information. Copy the ident argument for openlog() to avoid problems on some OSs. Based on patch from Rob Bajorek from Webhelp.com. Avoid bogus error message when reporting an alias line as too long. @@ -505,7 +1115,7 @@ "(user=%s)"' and a lookup is done on "*", this would be equivalent to '-k "(user=*)"' -- matching ANY record with a user attribute. Instead, if the LDAP map specification - contains '-k "(user=%0)"' and a lookup is one on "*", this + contains '-k "(user=%0)"' and a lookup is done on "*", this would be equivalent to '-k "(user=\2A)"' -- matching a user with the name "*". New LDAP map flags: "-1" requires a single match to be returned, if @@ -531,7 +1141,7 @@ Ulrich Windl of the Universitat Regensburg. Add new F=% mailer flag to allow for a store and forward configuration. Mailers which have this flag will not attempt - delivery on initial recipient of a message or on queue runs + delivery on initial receipt of a message or on queue runs unless the queued message is selected using one of the -qI/-qR/-qS queue run modifiers or an ETRN request. Code provided by Philip Guenther of Gustavus Adolphus College. @@ -570,9 +1180,8 @@ Macro expand PostmasterCopy and DoubleBounceAddress options. New "ph" map for performing ph queries in rulesets. More information is available at - http://www-wsg.cso.uiuc.edu/sendmail/patches/. - Contributed by Mark Roth of the University of Illinois at - Urbana-Champaign. + http://www-dev.cso.uiuc.edu/sendmail/. Contributed by Mark + Roth of the University of Illinois at Urbana-Champaign. Detect temporary lookup failures in the host map if looking up a bracketed IP address. Problem noted by Kari Hurtta of the Finnish Meteorological Institute. @@ -1251,7 +1860,7 @@ MAILLOCK when compiling. Also requires linking with -lmail. Patch from Neil Rickert of Northern Illinois University. - MAIL.LOCAL: Create a Content-Length; header if CONTENTLENGTH is + MAIL.LOCAL: Create a Content-Length: header if CONTENTLENGTH is defined when compiling. Automatically set for Solaris 2.3 and later. Patch from Neil Rickert of Northern Illinois University. @@ -1266,15 +1875,15 @@ MAIL.LOCAL: Support group writable mail spool files when MAILGID is set to the gid to use (-DMAILGID=6) when compiling. Patch from Neil Rickert of Northern Illinois University. - MAIL.LOCAL: When a mail message includes lines longer than 2046 - characters (in LMTP mode), mail.local will split the - incoming line up into 2046-character output lines - (excluding the newline). If an input line is 2047 - characters long (excluding CR-LF) and the last character is - a '.', mail.local will see it as the end of input, transfer - it to the user mailbox and try to write an `ok' back to - sendmail. If the message was much longer, both sendmail - and mail.local will deadlock waiting for each other to read + MAIL.LOCAL: When a mail message included lines longer than 2046 + characters (in LMTP mode), mail.local split the incoming + line up into 2046-character output lines (excluding the + newline). If an input line was 2047 characters long + (excluding CR-LF) and the last character was a '.', + mail.local saw it as the end of input, transfered it to the + user mailbox and tried to write an `ok' back to sendmail. + If the message was much longer, both sendmail and + mail.local would deadlock waiting for each other to read what they have written. Problem noted by Peter Jeremy of Alcatel Australia Limited. MAIL.LOCAL: New option -b to return a permanent error instead of a @@ -2106,7 +2715,7 @@ CONFIG: new FEATURE(relay_based_on_MX) to allow relaying based on the MX records of the host portion of an incoming recipient. CONFIG: new FEATURE(access_db) which turns on the access database - feature. This database give you the ability to allow + feature. This database gives you the ability to allow or refuse to accept mail from specified domains for administrative reasons. By default, names that are listed as "OK" in the access db are domain names, not host names. @@ -2958,9 +3567,9 @@ first" error message. Problem pointed out by Chris Thomas of UCLA; patch from John Beck of SunSoft. Handle "sendmail -bp -qSfoobar" properly if restrictqrun is set - in PrivacyOptions. The -q shouldn't turn this command off. - Problem noted by Murray Kucherawy of Pacific Bell Internet; - based on a patch from Gregory Neil Shapiro of WPI. + in PrivacyOptions. The -q shouldn't turn this command off. + Problem noted by Murray Kucherawy of Pacific Bell Internet; + based on a patch from Gregory Neil Shapiro of WPI. Don't consider SMTP reply codes 452 or 552 (exceeded storage allocation) in a DATA transaction to be sticky; these can occur because a message is too large, and smaller messages should still go Index: gnu/usr.sbin/sendmail/cf/README =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/cf/README,v retrieving revision 1.3 retrieving revision 1.6 diff -u -r1.3 -r1.6 --- gnu/usr.sbin/sendmail/cf/README 2000/04/07 19:20:28 1.3 +++ gnu/usr.sbin/sendmail/cf/README 2001/05/29 01:31:10 1.6 @@ -6,8 +6,8 @@ 7th Edition version. SunOS's /usr/5bin/m4 or BSD-Net/2's m4 both work. GNU m4 version 1.1 or later also works. Unfortunately, the M4 on BSDI 1.0 doesn't work -- you'll have to use a Net/2 or GNU version. GNU m4 is -available from ftp://ftp.gnu.org/pub/gnu/m4-1.4.tar.gz (check for the -latset version). EXCEPTIONS: DEC's m4 on Digital UNIX 4.x is broken (3.x +available from ftp://ftp.gnu.org/pub/gnu/m4/m4-1.4.tar.gz (check for the +latest version). EXCEPTIONS: DEC's m4 on Digital UNIX 4.x is broken (3.x is fine). Use GNU m4 on this platform. To get started, you may want to look at tcpproto.mc (for TCP-only sites), @@ -54,7 +54,7 @@ divert(-1) # - # Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers. + # Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 @@ -254,12 +254,13 @@ QUEUE_DIR [/var/spool/mqueue] The directory containing queue files. To use multiple queues, supply a value ending with an asterisk. For - example, /var/spool/mqueue/q* will use all of the + example, /var/spool/mqueue/qd* will use all of the directories or symbolic links to directories - beginning with 'q' in /var/spool/mqueue as queue + beginning with 'qd' in /var/spool/mqueue as queue directories. The names 'qf', 'df', and 'xf' are - used as specific subdirectories for the corresponding - queue file types. + reserved as specific subdirectories for the + corresponding queue file types as explained in + doc/op/op.me. STATUS_FILE [/etc/mail/statistics] The file containing status information. LOCAL_MAILER_PATH [/bin/mail] The program used to deliver local mail. @@ -309,13 +310,13 @@ SMTP_MAILER_MAXMSGS [undefined] If defined, the maximum number of messages to deliver in a single connection for the smtp, smtp8, esmtp, or dsmtp mailers. -SMTP_MAILER_ARGS [IPC $h] The arguments passed to the smtp mailer. +SMTP_MAILER_ARGS [TCP $h] The arguments passed to the smtp mailer. About the only reason you would want to change this would be to change the default port. -ESMTP_MAILER_ARGS [IPC $h] The arguments passed to the esmtp mailer. -SMTP8_MAILER_ARGS [IPC $h] The arguments passed to the smtp8 mailer. -DSMTP_MAILER_ARGS [IPC $h] The arguments passed to the dsmtp mailer. -RELAY_MAILER_ARGS [IPC $h] The arguments passed to the relay mailer. +ESMTP_MAILER_ARGS [TCP $h] The arguments passed to the esmtp mailer. +SMTP8_MAILER_ARGS [TCP $h] The arguments passed to the smtp8 mailer. +DSMTP_MAILER_ARGS [TCP $h] The arguments passed to the dsmtp mailer. +RELAY_MAILER_ARGS [TCP $h] The arguments passed to the relay mailer. RELAY_MAILER_MAXMSGS [undefined] If defined, the maximum number of messages to deliver in a single connection for the relay mailer. @@ -426,13 +427,16 @@ of the form node::user will not work. FAX_RELAY The host that will accept mail to the .FAX pseudo-domain. The "fax" mailer overrides this value. -LOCAL_RELAY DEPRECATED. The site that will handle unqualified - names -- that is, names with out an @domain extension. - If not set, they are assumed to belong on this machine. - This allows you to have a central site to store a - company- or department-wide alias database. This - only works at small sites, and only with some user - agents. +LOCAL_RELAY The site that will handle unqualified names -- that + is, names with out an @domain extension. + Normally MAIL_HUB is preferred for this function. + LOCAL_RELAY is mostly useful in conjunction with + FEATURE(stickyhost) -- see the discussion of + stickyhost below. If not set, they are assumed to + belong on this machine. This allows you to have a + central site to store a company- or department-wide + alias database. This only works at small sites, + and only with some user agents. LUSER_RELAY The site that will handle lusers -- that is, apparently local names that aren't local accounts or aliases. To specify a local user instead of a site, set this to @@ -488,7 +492,7 @@ demand delivery, and "relay" for transmission to the RELAY_HOST, LUSER_RELAY, or MAIL_HUB. -uucp The Unix-to-Unix Copy Program mailer. Actually, this +uucp The UNIX-to-UNIX Copy Program mailer. Actually, this defines two mailers, "uucp-old" (a.k.a. "uucp") and "uucp-new" (a.k.a. "suucp"). The latter is for when you know that the UUCP mailer at the other end can handle @@ -513,7 +517,7 @@ fax Facsimile transmission. This is experimental and based on Sam Leffler's HylaFAX software. For more information, - see http://www.vix.com/hylafax/. + see http://www.hylafax.org/. pop Post Office Protocol. @@ -623,8 +627,10 @@ given as parameter. nocanonify Don't pass addresses to $[ ... $] for canonification - by default. It can be changed by setting the - DaemonPortOptions modifiers (M=). That is, + by default, i.e., host/domain names are considered canonical, + except for unqualified names, which must not be used in this + mode (violation of the standard). It can be changed by + setting the DaemonPortOptions modifiers (M=). That is, FEATURE(`nocanonify') will be overridden by setting the 'c' flag. Conversely, if FEATURE(`nocanonify') is not used, it can be emulated by setting the 'C' flag @@ -656,14 +662,22 @@ , will be canonified (and hopefully fully qualified), too. -stickyhost If set, email sent to "user@local.host" are marked - as "sticky" -- that is, the local addresses aren't - matched against UDB and don't go through ruleset 5. - This is used if you want a set up where "user" is - not necessarily the same as "user@local.host", e.g., - to make a distinct domain-wide namespace. Prior to - 8.7 this was the default, and notsticky was used to - turn this off. +stickyhost This feature is sometimes used with LOCAL_RELAY, + although it can be used for a different effect with + MAIL_HUB. + + When used without MAIL_HUB, email sent to + "user@local.host" are marked as "sticky" -- that + is, the local addresses aren't matched against UDB, + don't go through ruleset 5, and are not forwarded to + the LOCAL_RELAY (if defined). + + With MAIL_HUB, mail addressed to "user@local.host" + is forwarded to the mail hub, with the envelope + address still remaining "user@local.host". + Without stickyhost, the envelope would be changed + to "user@mail_hub", in order to protect against + mailing loops. mailertable Include a "mailer table" which can be used to override routing for particular domains (which are not in class {w}, @@ -966,12 +980,13 @@ promiscuous_relay By default, the sendmail configuration files do not permit mail relaying (that is, accepting mail from outside your - domain and sending it to another host outside your domain). - This option sets your site to allow mail relaying from any - site to any site. In general, it is better to control the - relaying more carefully with the access db and class {R}. - Domains can be added to class {R} by the macros RELAY_DOMAIN - or RELAY_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and + local host (class {w}) and sending it to another host than + your local host). This option sets your site to allow + mail relaying from any site to any site. In almost all + cases, it is better to control relaying more carefully + with the access map, class {R}, or authentication. Domains + can be added to class {R} by the macros RELAY_DOMAIN or + RELAY_DOMAIN_FILE (analogously to MASQUERADE_DOMAIN and MASQUERADE_DOMAIN_FILE, see below). relay_entire_domain @@ -1003,11 +1018,15 @@ FEATURE(`loose_relay_check'). relay_mail_from - Allows relaying if the mail sender is listed as RELAY in the - access map. If an optional argument `domain' is given, the - domain portion of the mail sender is checked too. This - should only be used if absolutely necessary as the sender - address can be easily forged. + Allows relaying if the mail sender is listed as RELAY in + the access map. If an optional argument `domain' is given, + the domain portion of the mail sender is checked too. + This should only be used if absolutely necessary as the + sender address can be easily forged. Use of this feature + requires the "From:" tag be prepended to the key in the + access map; see the discussion of tags and + FEATURE(`relay_mail_from') in the section on ANTI-SPAM + CONFIGURATION CONTROL. relay_local_from Allows relaying if the domain portion of the mail sender @@ -1059,6 +1078,12 @@ described in the anti-spam configuration control section later in this document. +delay_checks The rulesets check_mail and check_relay will not be called + when a client connects or issues a MAIL command, respectively. + Instead, those rulesets will be called by the check_rcpt + ruleset; they will be skipped under certain circumstances. + See "Delay all checks" in "ANTI-SPAM CONFIGURATION CONTROL". + rbl This feature is deprecated! Please use dnsbl instead. Turns on rejection of hosts found in the Realtime Blackhole List. If an argument is provided it is used as the domain @@ -1069,13 +1094,13 @@ dnsbl Turns on rejection of hosts found in an DNS based rejection list. If an argument is provided it is used as the domain in which blocked hosts are listed; otherwise it defaults to - rbl.maps.vix.com. An explanation for an DNS based rejection - list can be found http://maps.vix.com/rbl/. A second argument - can be used to change the default error message of - Mail from $&{client_addr} refused by blackhole site SERVER - where SERVER is replaced by the first argument. This feature - can be included several times to query different DNS based - rejection lists. + blackholes.mail-abuse.org. An explanation for an DNS based + rejection list can be found http://mail-abuse.org/rbl/. A + second argument can be used to change the default error + message of Mail from $&{client_addr} refused by blackhole site + SERVER where SERVER is replaced by the first argument. This + feature can be included several times to query different DNS + based rejection lists. loose_relay_check Normally, if % addressing is used for a recipient, e.g. @@ -1118,15 +1143,6 @@ lists of UUCP hosts they speak with directly. This can get a bit more tricky. For an example of a "complex" site, see cf/ucbvax.mc. -If your host is known by several different names, you need to augment -class {w}. This is a list of names by which you are known, and -anything sent to an address using a host name in this list will be -treated as local mail. You can do this in two ways: either create the -file /etc/mail/local-host-names containing a list of your aliases (one per -line), and use ``FEATURE(`use_cw_file')'' in the .mc file, or add -``LOCAL_DOMAIN(`alias.host.name')''. Be sure you use the fully-qualified -name of the host, rather than a short name. - The SITECONFIG macro allows you to indirectly reference site-dependent configuration information stored in the siteconfig subdirectory. For example, the line @@ -1231,7 +1247,7 @@ On host grasp.insa-lyon.fr (UUCP host name "grasp"), the following summarizes the sender rewriting for various mailers. -Mailer sender rewriting in the envelope +Mailer sender rewriting in the envelope ------ ------ ------------------------- uucp-{old,new} wolf grasp!wolf uucp-dom wolf wolf@grasp.insa-lyon.fr @@ -1569,14 +1585,20 @@ * Access database. * Header checks. -Relaying (transmission of messages from a site outside your domain to -another site outside your domain) is denied by default. Note that -this changed in sendmail 8.9; previous versions allowed relaying by -default. If you want to revert to the old behaviour, you will need -to use FEATURE(`promiscuous_relay'). You can allow certain domains to -relay through your server by adding their domain name or IP address to -class {R} using RELAY_DOMAIN() and RELAY_DOMAIN_FILE() or via the -access database (described below). +Relaying (transmission of messages from a site outside your host (class +{w}) to another site except yours) is denied by default. Note that this +changed in sendmail 8.9; previous versions allowed relaying by default. +If you really want to revert to the old behaviour, you will need to use +FEATURE(`promiscuous_relay'). You can allow certain domains to relay +through your server by adding their domain name or IP address to class +{R} using RELAY_DOMAIN() and RELAY_DOMAIN_FILE() or via the access database +(described below). The file consists (like any other file based class) +of entries listed on separate lines, e.g., + + sendmail.org + 128.32 + 1:2:3:4:5:6:7 + host.mydomain.com If you use @@ -1704,15 +1726,14 @@ REJECT Reject the sender or recipient with a general purpose message. DISCARD Discard the message completely using the - $#discard mailer. For sender addresses it - indicates that you should discard anything - received from the indicated domain. If it - is used for recipients, it affects only - the designated recipients, not the whole - message. - ### any text where ### is an RFC 821 compliant error code - and "any text" is a message to return for - the command. + $#discard mailer. If it is used in check_compat, + it affects only the designated recipient, not + the whole message as it does in all other cases. + This should only be used if really necessary. + ### any text where ### is an RFC 821 compliant error code and + "any text" is a message to return for the command. + The string should be quoted to avoid surprises, + e.g., sendmail may remove spaces otherwise. ERROR:### any text as above, but useful to mark error messages as such. ERROR:D.S.N:### any text @@ -1721,7 +1742,7 @@ For example: - cyberspammer.com 550 We don't accept mail from spammers + cyberspammer.com ERROR:"550 We don't accept mail from spammers" okay.cyberspammer.com OK sendmail.org RELAY 128.32 RELAY @@ -1759,7 +1780,7 @@ You can also use the access database to block sender addresses based on the username portion of the address. For example: - FREE.STEALTH.MAILER@ 550 Spam not accepted + FREE.STEALTH.MAILER@ ERROR:550 Spam not accepted Note that you must include the @ after the username to signify that this database entry is for checking only the username portion of the @@ -1772,9 +1793,9 @@ then you can add entries to the map for local users, hosts in your domains, or addresses in your domain which should not receive mail: - badlocaluser@ 550 Mailbox disabled for this username - host.mydomain.com 550 That host does not accept mail - user@otherhost.mydomain.com 550 Mailbox disabled for this recipient + badlocaluser@ ERROR:550 Mailbox disabled for this username + host.mydomain.com ERROR:550 That host does not accept mail + user@otherhost.mydomain.com ERROR:550 Mailbox disabled for this recipient This would prevent a recipient of badlocaluser@mydomain.com, any user at host.mydomain.com, and the single address @@ -1800,12 +1821,15 @@ This will cause sendmail to reject mail from any site in the Realtime Blackhole List database. You can specify an alternative RBL domain to check by specifying an argument to the FEATURE. -A second argument can be used to change the default error message -Mail from $&{client_addr} refused by blackhole site DOMAIN -where DOMAIN is replaced by the first argument. This FEATURE can -be included several times to query different DNS based rejection -lists, e.g., the dial-up user list (see http://maps.vix.com/dul/). +The default error message is + + Mail from $&{client_addr} refused by blackhole site DOMAIN +where DOMAIN is the first argument of the feature. A second argument +can be used to specify a different text. This FEATURE can be +included several times to query different DNS based rejection lists, +e.g., the dial-up user list (see http://maps.vix.com/dul/). + The features described above make use of the check_relay, check_mail, and check_rcpt rulesets. If you wish to include your own checks, you can put your checks in the rulesets Local_check_relay, @@ -1837,8 +1861,8 @@ access map according to their type. Three tags are available: Connect: connection information (${client_addr}, ${client_name}) - From: sender - To: recipient + From: envelope sender + To: envelope recipient If the required item is looked up in a map, it will be tried first with the corresponding tag in front, then (as fallback to enable @@ -1871,10 +1895,32 @@ respectively. Instead, those rulesets will be called by the check_rcpt ruleset; they will be skipped if a sender has been authenticated using a "trusted" mechanism, i.e., one that is defined via TRUST_AUTH_MECH(). -Moreover, an argument can be specified for this option: - - friend: enable spamfriend test - hater: enable spamhater test +If check_mail returns an error then the RCPT TO command will be rejected +with that error. If it returns some other result starting with $# then +check_relay will be skipped. If the sender address (or a part of it) is +listed in the access map and it has a RHS of OK or RELAY, then check_relay +will be skipped. This has an interesting side effect: if your domain is +my.domain and you have + + my.domain RELAY + +in the access map, then all e-mail with a sender address of + gets through, even if check_relay would reject it +(e.g., based on the hostname or IP address). This allows spammers +to get around DNS based blacklist by faking the sender address. To +avoid this problem you have to use tagged entries: + + To:my.domain RELAY + Connect:my.domain RELAY + +if you need those entries at all (class {R} may take care of them). + +FEATURE(`delay_checks') can take an optional argument: + + FEATURE(`delay_checks', `friend') + enables spamfriend test + FEATURE(`delay_checks', `hater') + enables spamhater test If such an argument is given, the recipient will be looked up in the access map (using the tag To:). If the argument is `friend', then the other @@ -1921,6 +1967,11 @@ H*: $>CheckHdr +Notice: All rules act on tokens as explained in doc/op/op.{me,ps,txt}. +That may cause problems with simple header checks due to the +tokenization. It might be simpler to use a regex map and apply it +to $&{currHeader}. + After all of the headers are read, the check_eoh ruleset will be called for any final header-related checks. The ruleset is called with the number of headers and the size of all of the headers in bytes separated by $|. One @@ -1955,10 +2006,144 @@ # Otherwise, reject the mail R$* $#error $: 553 Header Error -+--------------------------------+ -| SMTP AUTHENTICATION | -+--------------------------------+ ++----------+ +| STARTTLS | ++----------+ + +In this text, cert will be used as an abreviation for X.509 certificate, +DN is the distinguished name of a cert, and CA is a certification authority. + +Macros related to STARTTLS are: + +${cert_issuer} holds the DN of the CA (the cert issuer). +${cert_subject} holds the DN of the cert (called the cert subject). +${tls_version} the TLS/SSL version used for the connection, e.g., TLSv1, + SSLv3, SSLv2. +${cipher} the cipher used for the connection, e.g., EDH-DSS-DES-CBC3-SHA, + EDH-RSA-DES-CBC-SHA, DES-CBC-MD5, DES-CBC3-SHA. +${cipher_bits} the keylength (in bits) of the symmetric encryption algorithm + used for the connection. +${verify} holds the result of the verification of the presented cert. Possible + values are: + OK verification succeeded. + NO no cert presented. + FAIL cert presented but could not be verified, e.g., the signing + CA is missing. + NONE STARTTLS has not been performed. + TEMP temporary error occurred. + PROTOCOL some protocol error occurred. + SOFTWARE STARTTLS handshake failed. +${server_name} the name of the server of the current outgoing SMTP + connection. +${server_addr} the address of the server of the current outgoing SMTP + connection. + +Relaying + +SMTP STARTTLS can allow relaying for senders who have successfully +authenticated themselves. This is done in the ruleset RelayAuth. If the +verification of the cert failed (${verify} != OK), relaying is subject to +the usual rules. Otherwise the DN of the issuer is looked up in the access +map using the tag CERTISSUER. If the resulting value is RELAY, relaying is +allowed. If it is SUBJECT, the DN of the cert subject is looked up next in +the access map. using the tag CERTSUBJECT. If the value is RELAY, relaying +is allowed. + +To make things a bit more flexible (or complicated), the values for +${cert_issuer} and ${cert_subject} can be optionally modified by regular +expressions defined in the m4 variables _CERT_REGEX_ISSUER_ and +_CERT_REGEX_SUBJECT_, respectively. To avoid problems with those macros in +rulesets and map lookups, they are modified as follows: each non-printable +character and the characters '<', '>', '(', ')', '"', '+' are replaced by +their HEX value with a leading '+'. For example: + +/C=US/ST=California/O=endmail.org/OU=private/CN=Darth Mail (Cert)/Email= +darth+cert@endmail.org + +is encoded as: + +/C=US/ST=California/O=endmail.org/OU=private/CN= +Darth+20Mail+20+28Cert+29/Email=darth+2Bcert@endmail.org + +(line breaks have been inserted for readability). + +Of course it is also possible to write a simple rulesets that allows +relaying for everyone who can present a cert that can be verified, e.g., + +LOCAL_RULESETS +SLocal_check_rcpt +R$* $: $&{verify} +ROK $# OK + +Allowing Connections + +The rulesets tls_server and tls_client are used to decide whether an SMTP +connection is accepted (or should continue). + +tls_server is called when sendmail acts as client after a STARTTLS command +(should) have been issued. The parameter is the value of ${verify}. + +tls_client is called when sendmail acts as server, after a STARTTLS command +has been issued, and from check_mail. The parameter is the value of +${verify} and STARTTLS or MAIL, respectively. + +Both rulesets behave the same. If no access map is in use, the connection +will be accepted unless ${verify} is SOFTWARE, in which case the connection +is always aborted. Otherwise, ${client_name} (${server_name}) is looked +up in the access map using the tag TLS_Srv (or TLS_Clt), which is done +with the ruleset LookUpDomain. If no entry is found, ${client_addr} +(${server_addr}) is looked up in the access map (same tag, ruleset +LookUpAddr). If this doesn't result in an entry either, just the tag is +looked up in the access map (included the trailing :). The result of the +lookups is then used to call the ruleset tls_connection, which checks the +requirement specified by the RHS in the access map against the actual +parameters of the current TLS connection, esp. ${verify} and +${cipher_bits}. Legal RHSs in the access map are: + +VERIFY verification must have succeeded +VERIFY:bits verification must have succeeded and ${cipher_bits} must + be greater than or equal bits. +ENCR:bits ${cipher_bits} must be greater than or equal bits. +The RHS can optionally be prefixed by TEMP+ or PERM+ to select a temporary +or permanent error. The default is a temporary error code (403 4.7.0) +unless the macro TLS_PERM_ERR is set during generation of the .cf file. + +If a certain level of encryption is required, then it might also be +possible that this level is provided by the security layer from a SASL +algorithm, e.g., DIGEST-MD5. + +Example: e-mail send to secure.example.com should only use an encrypted +connection. e-mail received from hosts within the laptop.example.com domain +should only be accepted if they have been authenticated. +TLS_Srv:secure.example.com ENCR:112 +TLS_Clt:laptop.example.com PERM+VERIFY:112 + +Notice: requiring that e-mail is sent to a server only encrypted, +e.g., via + +TLS_Srv:secure.domain ENCR:112 + +doesn't necessarily mean that e-mail sent to that domain is encrypted. +If the domain has multiple MX servers, e.g., + +secure.domain. IN MX 10 mail.secure.domain. +secure.domain. IN MX 50 mail.other.domain. + +then mail to user@secure.domain may go unencrypted to mail.other.domain. + + +Received: Header + +The Received: header reveals whether STARTTLS has been used. It contains an +extra line: + +(using ${tls_version} with cipher ${cipher} (${cipher_bits} bits) verified ${verify}) + ++---------------------+ +| SMTP AUTHENTICATION | ++---------------------+ + The macros ${auth_authen}, ${auth_author}, and ${auth_type} can be used in anti-relay rulesets to allow relaying for those users that authenticated themselves. A very simple example is: @@ -1989,6 +2174,12 @@ Per default, relaying is allowed for any user who authenticated via a "trusted" mechanism, i.e., one that is defined via TRUST_AUTH_MECH(`list of mechanisms') +For example: +TRUST_AUTH_MECH(`KERBEROS_V4 DIGEST-MD5') + +If the selected mechanism provides a security layer the number of +bits used for the key of the symmetric cipher is stored in the +macro ${auth_ssf}. +--------------------------------+ | ADDING NEW MAILERS OR RULESETS | @@ -2008,9 +2199,9 @@ #if _FFR_MILTER -+---------------------------+ -| ADDING NEW MAILER FILTERS | -+---------------------------+ ++-------------------------+ +| ADDING NEW MAIL FILTERS | ++-------------------------+ Sendmail supports mail filters to filter incoming SMTP messages according to the "Sendmail Mail Filter API" documentation. These filters can be @@ -2115,6 +2306,24 @@ define(`confDOMAIN_NAME', `$w.$m')dnl ++-----------------------------------+ +| ACCEPTING MAIL FOR MULTIPLE NAMES | ++-----------------------------------+ + +If your host is known by several different names, you need to augment +class {w}. This is a list of names by which your host is known, and +anything sent to an address using a host name in this list will be +treated as local mail. You can do this in two ways: either create the +file /etc/mail/local-host-names containing a list of your aliases (one per +line), and use ``FEATURE(`use_cw_file')'' in the .mc file, or add +``LOCAL_DOMAIN(`alias.host.name')''. Be sure you use the fully-qualified +name of the host, rather than a short name. + +If you want to have different address in different domains, take +a look at the virtusertable feature, which is also explained at +http://www.sendmail.org/virtual-hosting.html + + +--------------------+ | USING MAILERTABLES | +--------------------+ @@ -2134,13 +2343,15 @@ The semantics are simple. Any LHS entry that does not begin with a dot matches the full host name indicated. LHS entries beginning -with a dot match anything ending with that domain name -- that is, -they can be thought of as having a leading "*" wildcard. Matching -is done in order of most-to-least qualified -- for example, even -though ".my.domain" is listed first in the above example, an entry -of "uuhost1.my.domain" will match the second entry since it is -more explicit. Note: e-mail to "user@my.domain" does not match -any entry in the above table. You need to have something like: +with a dot match anything ending with that domain name (including +the leading dot) -- that is, they can be thought of as having a +leading ".+" regular expression pattern for a non-empty sequence of +characters. Matching is done in order of most-to-least qualified +-- for example, even though ".my.domain" is listed first in the +above example, an entry of "uuhost1.my.domain" will match the second +entry since it is more explicit. Note: e-mail to "user@my.domain" +does not match any entry in the above table. You need to have +something like: my.domain esmtp:host.my.domain @@ -2190,7 +2401,7 @@ As a general rule, it is an extremely bad idea to using full names as e-mail addresses, since they are not in any sense unique. For -example, the Unix software-development community has at least two +example, the UNIX software-development community has at least two well-known Peter Deutsches, and at one time Bell Labs had two Stephen R. Bournes with offices along the same hallway. Which one will be forced to suffer the indignity of being Stephen_R_Bourne_2? @@ -2587,7 +2798,7 @@ rejected. If not set or <= 0, there is no limit. confMAX_HEADERS_LENGTH MaxHeadersLength - [undefined] Maximum length of the sum + [32768] Maximum length of the sum of all headers. confMAX_MIME_HEADER_LENGTH MaxMimeHeaderLength [undefined] Maximum length of @@ -2788,7 +2999,7 @@ intersection of this list and the list of available mechanisms as determined by the CYRUS SASL library. -confDEF_AUTH_INFO DefaultAuthInfo [undefined] Filename that contains +confDEF_AUTH_INFO DefaultAuthInfo [undefined] Name of file that contains authentication information for outgoing connections. This file must contain the user id, the @@ -2829,6 +3040,33 @@ maps unless they are specified in the individual map specification ('K' command). +confCACERT_PATH CACERTPath [undefined] Path to directory + with certs of CAs. +confCACERT CACERTFile [undefined] File containing one CA + cert. +confSERVER_CERT ServerCertFile [undefined] File containing the + cert of the server, i.e., this cert + is used when sendmail acts as + server. +confSERVER_KEY ServerKeyFile [undefined] File containing the + private key belonging to the server + cert. +confCLIENT_CERT ClientCertFile [undefined] File containing the + cert of the client, i.e., this cert + is used when sendmail acts as + client. +confCLIENT_KEY ClientKeyFile [undefined] File containing the + private key belonging to the client + cert. +confDH_PARAMETERS DHParameters [undefined] File containing the + DH parameters. +confRAND_FILE RandFile [undefined] File containing random + data (use prefix file:) or the + name of the UNIX socket if EGD is + used (use prefix egd:). STARTTLS + requires this option if the compile + flag HASURANDOM is not set (see + sendmail/README). See also the description of OSTYPE for some parameters that can be tweaked (generally pathnames to mailers). @@ -2863,6 +3101,11 @@ Note that if the first of those DAEMON_OPTIONS lines were omitted, then there would be no listener on the standard SMTP port. +Example 3: To listen on both IPv4 and IPv6 interfaces, use + + DAEMON_OPTIONS(`Name=MTA-v4, Family=inet') + DAEMON_OPTIONS(`Name=MTA-v6, Family=inet6') + A "Message Submission Agent" still uses all of the same rulesets for processing the message (and therefore still allows message rejection via the check_* rulesets). In accordance with the RFC, the MSA will ensure @@ -2870,6 +3113,7 @@ relayed to another MTA. It will also enforce the normal address syntax rules and log error messages. Additionally, by using the M=a modifier you can require authentication before messages are accepted by the MSA. +Notice: Do NOT use the 'a' modifier on a public accessible MTA! Finally, the M=E modifier shown above disables ETRN as required by RFC 2476. @@ -2900,7 +3144,7 @@ site dependent; for example, "CS.Berkeley.EDU.m4" describes hosts in the CS.Berkeley.EDU subdomain. -mailer Descriptions of mailers. These are referenced using +mailer Descriptions of mailers. These are referenced using the MAILER macro in the .mc file. sh Shell files used when building the .cf file from the @@ -3034,4 +3278,4 @@ 8 DNS based blacklists 9 special local rulesets (1 and 2) -$Revision: 1.3 $, Last updated $Date: 2000/04/07 19:20:28 $ +$Revision: 1.6 $, Last updated $Date: 2001/05/29 01:31:10 $ Index: gnu/usr.sbin/sendmail/cf/cf/Makefile =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/cf/cf/Makefile,v retrieving revision 1.6 retrieving revision 1.10 diff -u -r1.6 -r1.10 --- gnu/usr.sbin/sendmail/cf/cf/Makefile 2000/06/18 03:13:08 1.6 +++ gnu/usr.sbin/sendmail/cf/cf/Makefile 2001/05/29 01:31:11 1.10 @@ -1,8 +1,8 @@ -# $OpenBSD: Makefile,v 1.6 2000/06/18 03:13:08 itojun Exp $ +# $OpenBSD: Makefile,v 1.10 2001/05/29 01:31:11 millert Exp $ # # Makefile for configuration files. # -# $Sendmail: Makefile,v 8.40 2000/02/01 22:07:15 gshapiro Exp $ +# $Sendmail: Makefile,v 8.40.8.5 2001/04/12 22:39:52 gshapiro Exp $ # # @@ -26,9 +26,8 @@ $(CHMOD) $(ROMODE) $@ ALL= clientproto.cf openbsd-proto.cf courtesan.cf courtesan-nonet.cf \ - courtesan-lists.cf openbsd-lists.cf gandalf.cf saruman.cf alatar.cf \ - nettan.cf waldorf.cf lucifier.cf elbereth.cf corpse.cf knecht.cf \ - openbsd-proto-IPv4only.cf + courtesan-lists.cf openbsd-lists.cf gandalf.cf alatar.cf \ + nettan.cf waldorf.cf lucifier.cf elbereth.cf corpse.cf knecht.cf all: $(ALL) @@ -37,11 +36,9 @@ depend install: -distribution: openbsd-proto.cf openbsd-proto-IPv4only.cf +distribution: openbsd-proto.cf ${INSTALL} ${INSTALL_COPY} -o root -g wheel -m 644 openbsd-proto.cf \ ${DESTDIR}/etc/mail/sendmail.cf - ${INSTALL} ${INSTALL_COPY} -o root -g wheel -m 644 \ - openbsd-proto-IPv4only.cf ${DESTDIR}/etc/mail/sendmail-IPv4only.cf # this is overkill, but.... M4FILES=\ @@ -113,7 +110,6 @@ ${CFDIR}/ostype/aix4.m4 \ ${CFDIR}/ostype/altos.m4 \ ${CFDIR}/ostype/amdahl-uts.m4 \ - ${CFDIR}/ostype/aux.m4 \ ${CFDIR}/ostype/bsd4.3.m4 \ ${CFDIR}/ostype/bsd4.4.m4 \ ${CFDIR}/ostype/bsdi.m4 \ Index: gnu/usr.sbin/sendmail/cf/cf/knecht.mc =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/cf/cf/knecht.mc,v retrieving revision 1.1.1.1 retrieving revision 1.3 diff -u -r1.1.1.1 -r1.3 --- gnu/usr.sbin/sendmail/cf/cf/knecht.mc 2000/04/02 19:05:51 1.1.1.1 +++ gnu/usr.sbin/sendmail/cf/cf/knecht.mc 2001/02/28 02:43:49 1.3 @@ -1,6 +1,6 @@ divert(-1) # -# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998, 1999, 2001 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 @@ -17,8 +17,8 @@ # divert(0)dnl -VERSIONID(`$Sendmail: knecht.mc,v 8.37 1999/11/19 05:18:12 gshapiro Exp $') -OSTYPE(bsdi)dnl +VERSIONID(`$Sendmail: knecht.mc,v 8.37.16.3 2001/02/22 22:38:39 ca Exp $') +OSTYPE(bsd4.4)dnl DOMAIN(generic)dnl define(`confFORWARD_PATH', `$z/.forward.$w:$z/.forward+$h:$z/.forward')dnl define(`confDEF_USER_ID', `mailnull')dnl @@ -28,10 +28,16 @@ define(`confTO_QUEUEWARN', `8h')dnl define(`confTRUSTED_USERS', `www')dnl define(`confPRIVACY_FLAGS', ``authwarnings,noexpn,novrfy'')dnl +define(`CERT_DIR', `MAIL_SETTINGS_DIR`'certs')dnl +define(`confCACERT_PATH', `CERT_DIR')dnl +define(`confCACERT', `CERT_DIR/CAcert.pem')dnl +define(`confSERVER_CERT', `CERT_DIR/MYcert.pem')dnl +define(`confSERVER_KEY', `CERT_DIR/MYkey.pem')dnl +define(`confCLIENT_CERT', `CERT_DIR/MYcert.pem')dnl +define(`confCLIENT_KEY', `CERT_DIR/MYkey.pem')dnl FEATURE(virtusertable)dnl FEATURE(access_db)dnl FEATURE(local_lmtp)dnl -MODIFY_MAILER_FLAGS(`LOCAL', `+P')dnl MAILER(local)dnl MAILER(smtp)dnl @@ -61,7 +67,7 @@ SCheckMessageId R< $+ @ $+ > $@ OK -R$* $#error $: "553 Header error" +R$* $#error $: "554 Header error" LOCAL_RULESETS SLocal_check_mail Index: gnu/usr.sbin/sendmail/cf/cf/openbsd-proto.mc =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/cf/cf/openbsd-proto.mc,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- gnu/usr.sbin/sendmail/cf/cf/openbsd-proto.mc 2000/06/18 00:14:40 1.2 +++ gnu/usr.sbin/sendmail/cf/cf/openbsd-proto.mc 2001/01/16 01:38:37 1.3 @@ -17,13 +17,13 @@ # divert(0)dnl -VERSIONID(`@(#)openbsd-proto.mc $Revision: 1.2 $') +VERSIONID(`@(#)openbsd-proto.mc $Revision: 1.3 $') OSTYPE(openbsd) FEATURE(nouucp, `reject') MAILER(local) MAILER(smtp) DAEMON_OPTIONS(`Family=inet, address=0.0.0.0, Name=MTA')dnl -DAEMON_OPTIONS(`Family=inet6, address=::, Name=MTA6')dnl +DAEMON_OPTIONS(`Family=inet6, address=::, Name=MTA6, M=O')dnl dnl dnl Enforce valid Message-Id to help stop spammers dnl Index: gnu/usr.sbin/sendmail/cf/feature/dnsbl.m4 =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/cf/feature/dnsbl.m4,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- gnu/usr.sbin/sendmail/cf/feature/dnsbl.m4 2000/04/02 19:05:52 1.1.1.1 +++ gnu/usr.sbin/sendmail/cf/feature/dnsbl.m4 2001/01/15 21:08:54 1.2 @@ -11,9 +11,9 @@ divert(0) ifdef(`_DNSBL_R_',`dnl',`dnl -VERSIONID(`$Sendmail: dnsbl.m4,v 8.18 1999/08/03 04:30:56 gshapiro Exp $')') +VERSIONID(`$Sendmail: dnsbl.m4,v 8.18.16.1 2000/11/22 01:13:21 ca Exp $')') divert(-1) -define(`_DNSBL_SRV_', `ifelse(len(X`'_ARG_),`1',`rbl.maps.vix.com',_ARG_)')dnl +define(`_DNSBL_SRV_', `ifelse(len(X`'_ARG_),`1',`blackholes.mail-abuse.org',_ARG_)')dnl define(`_DNSBL_MSG_', `ifelse(len(X`'_ARG2_),`1',`"550 Mail from " $`'&{client_addr} " refused by blackhole site '_DNSBL_SRV_`"',`_ARG2_')')dnl divert(8) # DNS based IP address spam list _DNSBL_SRV_ Index: gnu/usr.sbin/sendmail/cf/feature/ldap_routing.m4 =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/cf/feature/ldap_routing.m4,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- gnu/usr.sbin/sendmail/cf/feature/ldap_routing.m4 2000/04/02 19:05:53 1.1.1.1 +++ gnu/usr.sbin/sendmail/cf/feature/ldap_routing.m4 2001/01/15 21:08:55 1.2 @@ -10,7 +10,7 @@ # divert(0) -VERSIONID(`$Sendmail: ldap_routing.m4,v 8.5 2000/02/26 01:32:03 gshapiro Exp $') +VERSIONID(`$Sendmail: ldap_routing.m4,v 8.5.4.1 2000/07/15 18:05:05 gshapiro Exp $') divert(-1) # Check first two arguments. If they aren't set, may need to warn in proto.m4 @@ -25,10 +25,10 @@ LOCAL_CONFIG # LDAP routing maps -Kldap_mailhost ifelse(len(X`'_ARG1_), `1', - `ldap -1 -v mailHost -k (&(objectClass=inetLocalMailRecipient)(mailLocalAddress=%0))', - `_ARG1_') +Kldapmh ifelse(len(X`'_ARG1_), `1', + `ldap -1 -v mailHost -k (&(objectClass=inetLocalMailRecipient)(mailLocalAddress=%0))', + `_ARG1_') -Kldap_mailroutingaddress ifelse(len(X`'_ARG2_), `1', - `ldap -1 -v mailRoutingAddress -k (&(objectClass=inetLocalMailRecipient)(mailLocalAddress=%0))', - `_ARG2_') +Kldapmra ifelse(len(X`'_ARG2_), `1', + `ldap -1 -v mailRoutingAddress -k (&(objectClass=inetLocalMailRecipient)(mailLocalAddress=%0))', + `_ARG2_') Index: gnu/usr.sbin/sendmail/cf/feature/nullclient.m4 =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/cf/feature/nullclient.m4,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- gnu/usr.sbin/sendmail/cf/feature/nullclient.m4 2000/04/02 19:05:53 1.1.1.1 +++ gnu/usr.sbin/sendmail/cf/feature/nullclient.m4 2001/01/15 21:08:55 1.2 @@ -1,6 +1,6 @@ divert(-1) # -# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 @@ -22,13 +22,15 @@ # divert(0) -VERSIONID(`$Sendmail: nullclient.m4,v 8.21 1999/08/06 01:48:57 gshapiro Exp $') +VERSIONID(`$Sendmail: nullclient.m4,v 8.21.16.3 2000/09/17 17:04:22 gshapiro Exp $') divert(-1) undefine(`ALIAS_FILE') define(`MAIL_HUB', _NULL_CLIENT_) define(`SMART_HOST', _NULL_CLIENT_) define(`confFORWARD_PATH', `') +ifdef(`confFROM_HEADER',, `define(`confFROM_HEADER', `<$g>')') +define(`_DEF_LOCAL_MAILER_FLAGS', `lsDFM5q') MASQUERADE_AS(_NULL_CLIENT_) FEATURE(`allmasquerade') FEATURE(`masquerade_envelope') Index: gnu/usr.sbin/sendmail/cf/m4/cfhead.m4 =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/cf/m4/cfhead.m4,v retrieving revision 1.2 retrieving revision 1.5 diff -u -r1.2 -r1.5 --- gnu/usr.sbin/sendmail/cf/m4/cfhead.m4 2000/04/07 19:20:30 1.2 +++ gnu/usr.sbin/sendmail/cf/m4/cfhead.m4 2001/05/29 01:31:11 1.5 @@ -1,5 +1,5 @@ # -# Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983, 1995 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 @@ -16,10 +16,11 @@ ##### ##### SENDMAIL CONFIGURATION FILE ##### -define(`TEMPFILE', maketemp(/tmp/cfXXXXXX))dnl +ifdef(`unix', `dnl +ifdef(`TEMPFILE', `dnl', `define(`TEMPFILE', maketemp(/tmp/cfXXXXXX))dnl syscmd(sh _CF_DIR_`'sh/makeinfo.sh _CF_DIR_ > TEMPFILE)dnl include(TEMPFILE)dnl -syscmd(rm -f TEMPFILE)dnl +syscmd(rm -f TEMPFILE)dnl')', `dnl') ##### ###################################################################### ###################################################################### @@ -153,26 +154,28 @@ CONCAT(CY, $'1`), CONCAT(C, $3, $'1`))') sinclude(_CF_DIR_`'siteconfig/$1.m4)') -define(`EXPOSED_USER', `PUSHDIVERT(5)CE$1 +define(`EXPOSED_USER', `PUSHDIVERT(5)C{E}$1 POPDIVERT`'dnl`'') -define(`LOCAL_USER', `PUSHDIVERT(5)CL$1 +ifdef(`_FFR_EXPOSED_USER_FILE', `define(`EXPOSED_USER_FILE', `PUSHDIVERT(5)F{E}$1 +POPDIVERT`'dnl`'')', `dnl') +define(`LOCAL_USER', `PUSHDIVERT(5)C{L}$1 POPDIVERT`'dnl`'') define(`MASQUERADE_AS', `define(`MASQUERADE_NAME', $1)') -define(`MASQUERADE_DOMAIN', `PUSHDIVERT(5)CM$1 +define(`MASQUERADE_DOMAIN', `PUSHDIVERT(5)C{M}$1 POPDIVERT`'dnl`'') -define(`MASQUERADE_EXCEPTION', `PUSHDIVERT(5)CN$1 +define(`MASQUERADE_EXCEPTION', `PUSHDIVERT(5)C{N}$1 POPDIVERT`'dnl`'') -define(`MASQUERADE_DOMAIN_FILE', `PUSHDIVERT(5)FM$1 +define(`MASQUERADE_DOMAIN_FILE', `PUSHDIVERT(5)F{M}$1 POPDIVERT`'dnl`'') -define(`LOCAL_DOMAIN', `PUSHDIVERT(5)Cw$1 +define(`LOCAL_DOMAIN', `PUSHDIVERT(5)C{w}$1 POPDIVERT`'dnl`'') define(`CANONIFY_DOMAIN', `PUSHDIVERT(5)C{Canonify}$1 POPDIVERT`'dnl`'') define(`CANONIFY_DOMAIN_FILE', `PUSHDIVERT(5)F{Canonify}$1 POPDIVERT`'dnl`'') -define(`GENERICS_DOMAIN', `PUSHDIVERT(5)CG$1 +define(`GENERICS_DOMAIN', `PUSHDIVERT(5)C{G}$1 POPDIVERT`'dnl`'') -define(`GENERICS_DOMAIN_FILE', `PUSHDIVERT(5)FG$1 +define(`GENERICS_DOMAIN_FILE', `PUSHDIVERT(5)F{G}$1 POPDIVERT`'dnl`'') define(`LDAPROUTE_DOMAIN', `PUSHDIVERT(5)C{LDAPRoute}$1 POPDIVERT`'dnl`'') @@ -184,9 +187,9 @@ define(`VIRTUSER_DOMAIN_FILE', `PUSHDIVERT(5)F{VirtHost}$1 define(`_VIRTHOSTS_') POPDIVERT`'dnl`'') -define(`RELAY_DOMAIN', `PUSHDIVERT(5)CR$1 +define(`RELAY_DOMAIN', `PUSHDIVERT(5)C{R}$1 POPDIVERT`'dnl`'') -define(`RELAY_DOMAIN_FILE', `PUSHDIVERT(5)FR$1 +define(`RELAY_DOMAIN_FILE', `PUSHDIVERT(5)F{R}$1 POPDIVERT`'dnl`'') define(`TRUST_AUTH_MECH', `PUSHDIVERT(5)C{TrustAuthMech}$1 POPDIVERT`'dnl`'') @@ -212,12 +215,14 @@ define(`_REC_HDR_', `$?sfrom $s $.$?_($?s$|from $.$_)') define(`_REC_END_', `for $u; $|; $.$b') +define(`_REC_TLS_', `(using ${tls_version} with cipher ${cipher} (${cipher_bits} bits) verified ${verify})$.$?u') +define(`_REC_BY_', `$.by $j ($v/$Z)$?r with $r$. id $i$?{tls_version}') define(`confRECEIVED_HEADER', `_REC_HDR_ - _REC_AUTH_) - $.by $j ($v/$Z)$?r with $r$. id $i$?u + _REC_AUTH_$?{auth_ssf} (${auth_ssf} bits)$.) + _REC_BY_ + _REC_TLS_ _REC_END_') define(`confSEVEN_BIT_INPUT', `False') -define(`confEIGHT_BIT_HANDLING', `pass8') define(`confALIAS_WAIT', `10') define(`confMIN_FREE_BLOCKS', `100') define(`confBLANK_SUB', `.') @@ -240,9 +245,10 @@ define(`confFORWARD_PATH', `$z/.forward.$w:$z/.forward') define(`confCR_FILE', `-o MAIL_SETTINGS_DIR`'relay-domains') define(`confMILTER_MACROS_CONNECT', ``j, _, {daemon_name}, {if_name}, {if_addr}'') -define(`confMILTER_MACROS_ENVFROM', ``i, {auth_type}, {auth_authen}, {auth_author}, {mail_mailer}, {mail_host}, {mail_addr}'') +define(`confMILTER_MACROS_HELO', ``{tls_version}, {cipher}, {cipher_bits}, {cert_subject}, {cert_issuer}'') +define(`confMILTER_MACROS_ENVFROM', ``i, {auth_type}, {auth_authen}, {auth_ssf}, {auth_author}, {mail_mailer}, {mail_host}, {mail_addr}'') define(`confMILTER_MACROS_ENVRCPT', ``{rcpt_mailer}, {rcpt_host}, {rcpt_addr}'') divert(0)dnl -VERSIONID(`$Sendmail: cfhead.m4,v 8.76 2000/03/21 23:56:59 gshapiro Exp $') +VERSIONID(`$Sendmail: cfhead.m4,v 8.76.4.16 2001/03/06 22:56:36 ca Exp $') Index: gnu/usr.sbin/sendmail/cf/m4/proto.m4 =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/cf/m4/proto.m4,v retrieving revision 1.2 retrieving revision 1.4 diff -u -r1.2 -r1.4 --- gnu/usr.sbin/sendmail/cf/m4/proto.m4 2000/04/07 19:20:30 1.2 +++ gnu/usr.sbin/sendmail/cf/m4/proto.m4 2001/05/29 01:31:11 1.4 @@ -13,7 +13,7 @@ # divert(0) -VERSIONID(`$Sendmail: proto.m4,v 8.446 2000/04/06 06:29:45 gshapiro Exp $') +VERSIONID(`$Sendmail: proto.m4,v 8.446.2.5.2.41 2001/05/23 21:32:16 ca Exp $') MAILER(local)dnl @@ -77,6 +77,7 @@ define(`_U_',ifdef(`_DELAY_CHECKS_',`',`_')) dnl default relaying denied message ifdef(`confRELAY_MSG', `', `define(`confRELAY_MSG', `"550 Relaying denied"')') +define(`CODE553', `553') divert(0)dnl # override file safeties - setting this option compromises system security, @@ -160,11 +161,31 @@ # Resolve map (to check if a host exists in check_mail) Kresolve host -a -T') +ifdef(`_FFR_5_', `# macro storage map +Kmacro macro') + ifdef(`confCR_FILE', `dnl -# Hosts that will permit relaying ($=R) +# Hosts for which relaying is permitted ($=R) FR`'confCR_FILE', `dnl') +define(`TLS_SRV_TAG', `TLS_Srv')dnl +define(`TLS_CLT_TAG', `TLS_Clt')dnl +define(`TLS_TRY_TAG', `Try_TLS')dnl +define(`TLS_OFF_TAG', `Offer_TLS')dnl +dnl this may be useful in other contexts too +ifdef(`_ARITH_MAP_', `', `# arithmetic map +define(`_ARITH_MAP_', `1')dnl +Karith arith') +ifdef(`_ACCESS_TABLE_', `dnl +# possible values for tls_connect in access map +C{tls}VERIFY ENCR', `dnl') +ifdef(`_CERT_REGEX_ISSUER_', `dnl +# extract relevant part from cert issuer +KCERTIssuer regex _CERT_REGEX_ISSUER_', `dnl') +ifdef(`_CERT_REGEX_SUBJECT_', `dnl +# extract relevant part from cert subject +KCERTSubject regex _CERT_REGEX_SUBJECT_', `dnl') # who I send unqualified names to (null means deliver locally) DR`'ifdef(`LOCAL_RELAY', LOCAL_RELAY) @@ -201,7 +222,7 @@ _OPTION(SevenBitInput, `confSEVEN_BIT_INPUT', `False') # 8-bit data handling -_OPTION(EightBitMode, `confEIGHT_BIT_HANDLING', `adaptive') +_OPTION(EightBitMode, `confEIGHT_BIT_HANDLING', `pass8') # wait for alias file rebuild (default units: minutes) _OPTION(AliasWait, `confALIAS_WAIT', `5m') @@ -297,7 +318,9 @@ `errprint(WARNING: `confDAEMON_OPTIONS' is no longer valid. See cf/README for more information. )'dnl `DAEMON_OPTIONS(`confDAEMON_OPTIONS')') -ifelse(defn(`_DPO_'), `', `O DaemonPortOptions=Name=MTA', `_DPO_') +ifelse(defn(`_DPO_'), `', +`ifdef(`_NETINET6_', `O DaemonPortOptions=Name=MTA-IPv4, Family=inet +O DaemonPortOptions=Name=MTA-IPv6, Family=inet6',`O DaemonPortOptions=Name=MTA')', `_DPO_') ifdef(`_NO_MSA_', `dnl', `O DaemonPortOptions=Port=587, Name=MSA, M=E') # SMTP client options @@ -387,7 +410,7 @@ _OPTION(MaxDaemonChildren, `confMAX_DAEMON_CHILDREN', `12') # maximum number of new connections per second -_OPTION(ConnectionRateThrottle, `confCONNECTION_RATE_THROTTLE', `3') +_OPTION(ConnectionRateThrottle, `confCONNECTION_RATE_THROTTLE', `0') # work recipient factor _OPTION(RecipientFactor, `confWORK_RECIPIENT_FACTOR', `30000') @@ -525,6 +548,22 @@ _OPTION(Milter.macros.envfrom, `confMILTER_MACROS_ENVFROM', `') _OPTION(Milter.macros.envrcpt, `confMILTER_MACROS_ENVRCPT', `')') +# CA directory +_OPTION(CACERTPath, `confCACERT_PATH', `') +# CA file +_OPTION(CACERTFile, `confCACERT', `') +# Server Cert +_OPTION(ServerCertFile, `confSERVER_CERT', `') +# Server private key +_OPTION(ServerKeyFile, `confSERVER_KEY', `') +# Client Cert +_OPTION(ClientCertFile, `confCLIENT_CERT', `') +# Client private key +_OPTION(ClientKeyFile, `confCLIENT_KEY', `') +# DHParameters (only required if DSA/DH is used) +_OPTION(DHParameters, `confDH_PARAMETERS', `') +# Random data source (required for systems without /dev/urandom under OpenSSL) +_OPTION(RandFile, `confRAND_FILE', `') ifdef(`confQUEUE_FILE_MODE', `# queue file mode (qf files) @@ -597,6 +636,7 @@ R$* : $* <@> $: $2 strip colon if marked R$* <@> $: $1 unmark R$* ; $1 strip trailing semi +R$* < $+ :; > $* $@ $2 :; <@> catch R$* < $* ; > $1 < $2 > bogus bracketed semi # null input now results from list:; syntax @@ -741,6 +781,9 @@ R$* $| $* < @ $* > $* $: $2 < @ $[ $3 $] > $4', `dnl')', `dnl dnl _NO_CANONIFY_ is not set: canonify unless: dnl {daemon_flags} contains CC (do not canonify) +dnl but add a trailing dot to qualified hostnames so other rules will work +dnl should we do this for every hostname: even unqualified? +R$* CC $* $| $* < @ $+.$+ > $* $: $3 < @ $4.$5 . > $6 R$* CC $* $| $* $: $3 # pass to name server to make hostname canonical R$* $| $* < @ $* > $* $: $2 < @ $[ $3 $] > $4') @@ -768,6 +811,7 @@ ################################################## Sfinal=4 +R$+ :; <@> $@ $1 : handle R$* <@> $@ handle <> and list:; # strip trailing dot off possibly canonical name @@ -824,24 +868,26 @@ SParse0 R<@> $@ <@> special case error msgs -R$* : $* ; <@> $#error $@ 5.1.3 $: "553 List:; syntax illegal for recipient addresses" +R$* : $* ; <@> $#error $@ 5.1.3 $: "CODE553 List:; syntax illegal for recipient addresses" R@ <@ $* > < @ $1 > catch "@@host" bogosity -R<@ $+> $#error $@ 5.1.3 $: "553 User address required" +R<@ $+> $#error $@ 5.1.3 $: "CODE553 User address required" R$* $: <> $1 R<> $* < @ [ $+ ] > $* $1 < @ [ $2 ] > $3 -R<> $* <$* : $* > $* $#error $@ 5.1.3 $: "553 Colon illegal in host name part" +R<> $* <$* : $* > $* $#error $@ 5.1.3 $: "CODE553 Colon illegal in host name part" R<> $* $1 -R$* < @ . $* > $* $#error $@ 5.1.2 $: "553 Invalid host name" -R$* < @ $* .. $* > $* $#error $@ 5.1.2 $: "553 Invalid host name" +R$* < @ . $* > $* $#error $@ 5.1.2 $: "CODE553 Invalid host name" +R$* < @ $* .. $* > $* $#error $@ 5.1.2 $: "CODE553 Invalid host name" +dnl comma only allowed before @; this check is not complete +R$* , $~O $* $#error $@ 5.1.2 $: "CODE553 Invalid route address" # now delete the local info -- note $=O to find characters that cause forwarding R$* < @ > $* $@ $>Parse0 $>canonify $1 user@ => user R< @ $=w . > : $* $@ $>Parse0 $>canonify $2 @here:... -> ... R$- < @ $=w . > $: $(dequote $1 $) < @ $2 . > dequote "foo"@here -R< @ $+ > $#error $@ 5.1.3 $: "553 User address required" +R< @ $+ > $#error $@ 5.1.3 $: "CODE553 User address required" R$* $=O $* < @ $=w . > $@ $>Parse0 $>canonify $1 $2 $3 ...@here -> ... R$- $: $(dequote $1 $) < @ *LOCAL* > dequote "foo" -R< @ *LOCAL* > $#error $@ 5.1.3 $: "553 User address required" +R< @ *LOCAL* > $#error $@ 5.1.3 $: "CODE553 User address required" R$* $=O $* < @ *LOCAL* > $@ $>Parse0 $>canonify $1 $2 $3 ...@*LOCAL* -> ... R$* < @ *LOCAL* > $: $1 @@ -890,12 +936,16 @@ R $+ $: $1 R< error : $-.$-.$- : $+ > $* $#error $@ $1.$2.$3 $: $4 R< error : $- $+ > $* $#error $@ $(dequote $1 $) $: $2 -R< $+ > $+ < @ $+ > $: $>Recurse $1', -`dnl') +ifdef(`_NO_VIRTUSER_RECURSION_', +`R< $+ > $+ < @ $+ > $: $>ParseLocal $>Parse0 $>canonify $1', +`R< $+ > $+ < @ $+ > $: $>Recurse $1') +dnl', `dnl') # short circuit local delivery so forwarded email works ifdef(`_MAILER_usenet_', `dnl R$+ . USENET < @ $=w . > $#usenet $@ usenet $: $1 handle usenet specially', `dnl') + + ifdef(`_STICKY_LOCAL_DOMAIN_', `R$+ < @ $=w . > $: < $H > $1 < @ $2 . > first try hub R< $+ > $+ < $+ > $>MailerToTriple < $1 > $2 < $3 > yep .... @@ -966,7 +1016,7 @@ # deal with other remote names ifdef(`_MAILER_smtp_', `R$* < @$* > $* $#_SMTP_ $@ $2 $: $1 < @ $2 > $3 user@host.domain', -`R$* < @$* > $* $#error $@ 5.1.2 $: "553 Unrecognized host name " $2') +`R$* < @$* > $* $#error $@ 5.1.2 $: "CODE553 Unrecognized host name " $2') # handle locally delivered names R$=L $#_LOCAL_ $: @ $1 special local names @@ -982,31 +1032,44 @@ R$+ $| $#$* $#$2 R$+ $| $* $: $1 -# deal with plussed users so aliases work nicely -R$+ + * $#_LOCAL_ $@ $&h $: $1 -R$+ + $* $#_LOCAL_ $@ + $2 $: $1 + * +ifdef(`_FFR_5_', ` +# Preserve host in a macro +R$+ $: $(macro {LocalAddrHost} $) $1 +R$+ @ $+ $: $(macro {LocalAddrHost} $@ @ $2 $) $1') +ifdef(`_PRESERVE_LOCAL_PLUS_DETAIL_', `', ` +# deal with plussed users so aliases work nicely +R$+ + * $#_LOCAL_ $@ $&h $: $1`'ifdef(`_FFR_5_', ` $&{LocalAddrHost}') +R$+ + $* $#_LOCAL_ $@ + $2 $: $1 + *`'ifdef(`_FFR_5_', ` $&{LocalAddrHost}') +') # prepend an empty "forward host" on the front R$+ $: <> $1 ifdef(`LUSER_RELAY', `dnl # send unrecognized local users to a relay host +ifdef(`_PRESERVE_LOCAL_PLUS_DETAIL_', ` +R< > $+ + $* $: < ? $L > <+ $2> $(user $1 $) look up user+ +R< > $+ $: < ? $L > < > $(user $1 $) look up user +R< ? $* > < $* > $+ <> $: < > $3 $2 found; strip $L +R< ? $* > < $* > $+ $: < $1 > $3 $2 not found', ` R< > $+ $: < $L > $(user $1 $) look up user -R< $* > $+ <> $: < > $2 found; strip $L', +R< $* > $+ <> $: < > $2 found; strip $L')', `dnl') # see if we have a relay or a hub R< > $+ $: < $H > $1 try hub R< > $+ $: < $R > $1 try relay +ifdef(`_PRESERVE_LOCAL_PLUS_DETAIL_', ` +R< > $+ $@ $1', ` R< > $+ $: < > < $1 <> $&h > nope, restore +detail R< > < $+ <> + $* > $: < > < $1 + $2 > check whether +detail R< > < $+ <> $* > $: < > < $1 > else discard R< > < $+ + $* > $* < > < $1 > + $2 $3 find the user part -R< > < $+ > + $* $#_LOCAL_ $@ $2 $: @ $1 strip the extra + +R< > < $+ > + $* $#_LOCAL_ $@ $2 $: @ $1`'ifdef(`_FFR_5_', ` $&{LocalAddrHost}') strip the extra + R< > < $+ > $@ $1 no +detail R$+ $: $1 <> $&h add +detail back in R$+ <> + $* $: $1 + $2 check whether +detail -R$+ <> $* $: $1 else discard +R$+ <> $* $: $1 else discard') R< local : $* > $* $: $>MailerToTriple < local : $1 > $2 no host extension R< error : $* > $* $: $>MailerToTriple < error : $1 > $2 no host extension R< $- : $+ > $+ $: $>MailerToTriple < $1 : $2 > $3 < @ $2 > @@ -1164,8 +1227,7 @@ ifdef(`_LDAP_ROUTING_', `dnl SLDAPExpand # do the LDAP lookups -R<$+><$+> - $: <$(ldap_mailroutingaddress $2 $: $)> <$(ldap_mailhost $2 $: $)> <$1> <$2> +R<$+><$+> $: <$(ldapmra $2 $: $)> <$(ldapmh $2 $: $)> <$1> <$2> # if mailRoutingAddress and local or non-existant mailHost, # return the new mailRoutingAddress @@ -1232,6 +1294,7 @@ dnl lookup IP address (no check is done whether it is an IP number!) R <[$+.$-]> <$+> <$*> <$*> $@ $>LookUpDomain <[$1]> <$3> <$4> <$5> dnl lookup IPv6 address +R <[$+::$-]> <$+> <$*> <$*> $: $>LookUpDomain <[$1]> <$3> <$4> <$5> R <[$+:$-]> <$+> <$*> <$*> $: $>LookUpDomain <[$1]> <$3> <$4> <$5> dnl not found, but subdomain: try again R <$+.$+> <$+> <$*> <$*> $@ $>LookUpDomain <$2> <$3> <$4> <$5> @@ -1261,7 +1324,8 @@ dnl lookup without tag R <$+> <$+> <$*> <+ $+> $: < $(access $1 $: ? $) > <$1> <$2> <$3> <+ $4> dnl no match; IPv6: remove last part -R <$+:$-> <$+> <$*> <$*> $: $>LookUpAddress <$1> <$3> <$4> <$5> +R <$+::$-> <$+> <$*> <$*> $@ $>LookUpAddress <$1> <$3> <$4> <$5> +R <$+:$-> <$+> <$*> <$*> $@ $>LookUpAddress <$1> <$3> <$4> <$5> dnl no match; IPv4: remove last part R <$+.$-> <$+> <$*> <$*> $@ $>LookUpAddress <$1> <$3> <$4> <$5> dnl no match: return default @@ -1366,17 +1430,22 @@ R< $* > $* $: $2 ifdef(`_ACCESS_TABLE_', `dnl +dnl workspace: {client_name} $| {client_addr} R$+ $| $+ $: $>LookUpDomain < $1 > < $2 > <+Connect> +dnl workspace: <{client_addr}> R <$+> $: $>LookUpAddress < $1 > < $1 > <+Connect> no: another lookup +dnl workspace: <{client_addr}> R < $+ > $: $1 found nothing -R<$={Accept}> < $* > $@ $1 +dnl workspace: <{client_addr}> +dnl or {client_addr} +R<$={Accept}> < $* > $@ $1 return value of lookup R $* $#error ifdef(`confREJECT_MSG', `$: "confREJECT_MSG"', `$@ 5.7.1 $: "550 Access denied"') R $* $#discard $: discard dnl error tag -R $* $#error $@ $1.$2.$3 $: $4 -R $* $#error $: $1 +R <$*> $#error $@ $1.$2.$3 $: $4 +R <$*> $#error $: $1 dnl generic error from access map -R<$+> $* $#error $: $1', `dnl') +R<$+> <$*> $#error $: $1', `dnl') ifdef(`_RBL_',`dnl # DNS based IP address spam list @@ -1404,6 +1473,14 @@ R< d > $* $@ deferred R< $* > $* $: $2 +# authenticated? +dnl done first: we can require authentication for every mail transaction +dnl workspace: address as given by MAIL FROM: (sender) +R$* $: $1 $| $>"tls_client" $&{verify} $| MAIL +R$* $| $#$+ $#$2 +dnl undo damage: remove result of tls_client call +R$* $| $* $: $1 + dnl workspace: address as given by MAIL FROM: R<> $@ we MUST accept <> (RFC 1123) ifdef(`_ACCEPT_UNQUALIFIED_SENDERS_',`dnl',`dnl @@ -1448,7 +1525,7 @@ dnl or:
dnl or:
(thanks to u in ${daemon_flags}) R $* $: $2 local client: ok -R <$+> $#error $@ 5.5.4 $: "553 Real domain name required" +R <$+> $#error $@ 5.5.4 $: "CODE553 Real domain name required for sender address" dnl remove (happens only if ${client_name} == "" or u in ${daemon_flags}) R $* $: $1') dnl workspace: address (or
) @@ -1498,13 +1575,13 @@ R$* $| $* $: $2 R $* $: < ? $&{client_name} > $1 R $* $@ ...local unqualed ok -R $* $#error $@ 5.5.4 $: "553 Domain name required" +R $* $#error $@ 5.5.4 $: "CODE553 Domain name required for sender address " $&f ...remote is not') # check results R $* $: @ $1 mark address: nothing known about it R $* $@ R $* $#error $@ 4.1.8 $: "451 Domain of sender address " $&f " does not resolve" -R $* $#error $@ 5.1.8 $: "501 Domain of sender address " $&f " does not exist" +R $* $#error $@ 5.1.8 $: "CODE553 Domain of sender address " $&f " does not exist" ifdef(`_ACCESS_TABLE_', `dnl R<$={Accept}> $* $# $1 R $* $#discard $: discard @@ -1570,7 +1647,7 @@ R$* $: $1 dnl user is now tagged with @ to be consistent with check_mail dnl and to distinguish users from hosts (com would be host, com@ would be user) -R $+ < @ $=w > $: <> <$1 < @ $2 >> $| +R $+ < @ $=w > $: <> <$1 < @ $2 >> $| R $+ < @ $* > $: <> <$1 < @ $2 >> $| R $+ $: <> <$1> $| dnl $| is used as delimiter, otherwise false matches may occur: > @@ -1596,6 +1673,16 @@ R@ $* $1 remove mark', `dnl')', `dnl') ifdef(`_PROMISCUOUS_RELAY_', `divert(-1)') +# authenticated? +dnl do this unconditionally? this requires to manage CAs carefully +dnl just because someone has a CERT signed by a "trusted" CA +dnl does not mean we want to allow relaying for her, +dnl either use a subroutine or provide something more sophisticated +dnl this could for example check the DN (maybe an access map lookup) +R$* $: $1 $| $>RelayAuth $1 $| $&{verify} client authenticated? +R$* $| $# $+ $# $2 error/ok? +R$* $| $* $: $1 no + # authenticated by a trusted mechanism? R$* $: $1 $| $&{auth_type} dnl empty ${auth_type}? @@ -1605,8 +1692,10 @@ R$* $| $={TrustAuthMech} $# RELAYAUTH dnl undo addition of ${auth_type} R$* $| $* $: $1 +dnl workspace: localpart<@domain> | localpart ifelse(defn(`_NO_UUCP_'), `r', -`R$* ! $* < @ $* > $: $2 < @ BANG_PATH >', `dnl') +`R$* ! $* < @ $* > $: $2 < @ BANG_PATH > +R$* ! $* $: $2 < @ BANG_PATH >', `dnl') # anything terminating locally is ok ifdef(`_RELAY_ENTIRE_DOMAIN_', `dnl R$+ < @ $* $=m > $@ RELAYTO', `dnl') @@ -1615,11 +1704,13 @@ `R$+ < @ $=R > $@ RELAYTO ifdef(`_ACCESS_TABLE_', `dnl R$+ < @ $+ > $: <$(access To:$2 $: ? $)> <$1 < @ $2 >> -R$+ < @ $+ > $: <$(access $2 $: ? $)> <$1 < @ $2 >>',`dnl')', +dnl workspace: > +R <$+ < @ $+ >> $: <$(access $2 $: ? $)> <$1 < @ $2 >>',`dnl')', `R$+ < @ $* $=R > $@ RELAYTO ifdef(`_ACCESS_TABLE_', `dnl R$+ < @ $+ > $: $>LookUpDomain <$2> <$1 < @ $2 >> <+To>',`dnl')') ifdef(`_ACCESS_TABLE_', `dnl +dnl workspace: > R $* $@ RELAYTO R<$*> <$*> $: $2',`dnl') @@ -1810,8 +1901,11 @@ ### return: or (not found) ###################################################################### +# class with valid marks for SearchList +dnl if A is activated: add it +C{src}E F H U SSearchList -# if it is H: do lookup? +# mark H: lookup domain R<$+> $| <$*> $: <$1> $| <@> $>LookUpDomain <$2> <$3> <$1> R<$+> $| <@> <$+> <$*> $: <$1> $| <$2> <$3> dnl A: NOT YET REQUIRED @@ -1819,9 +1913,9 @@ dnl R<$+> $| <@> <$+> <$*> $: <$1> $| <$2> <$3> dnl lookup of the item with tag dnl this applies to F: U: E: -R<$- $-> $| <$-:$+> <$*> $: <$1 $2> $| <$(access $2`'_TAG_DELIM_`'$4 $: $3:$4 $)> <$5> +R<$- $-> $| <$={src}:$+> <$*> $: <$1 $2> $| <$(access $2`'_TAG_DELIM_`'$4 $: $3:$4 $)> <$5> dnl no match, try without tag -R<+ $-> $| <$-:$+> <$*> $: <+ $1> $| <$(access $3 $: $2:$3 $)> <$4> +R<+ $-> $| <$={src}:$+> <$*> $: <+ $1> $| <$(access $3 $: $2:$3 $)> <$4> dnl do we really have to distinguish these cases? dnl probably yes, there might be a + in the domain part (is that allowed?) dnl user+detail lookups: should it be: @@ -1832,13 +1926,12 @@ dnl do not remove the @ from the lookup: dnl it is part of the +detail@ which is omitted for the lookup R<$- $-> $| <$*> $: <$1 $2> $| <$(access $2`'_TAG_DELIM_`'$3@ $: U:$3 + $4$)> <$5> +dnl no match, try without tag R<+ $-> $| <$*> $: <+ $1> $| <$(access $2@ $: U:$2 + $3$)> <$4> -dnl special case for ERROR because this matches the input mark:address -R<$+> $| <> $@ dnl no match, try rest of list -R<$+> $| <$-:$+> <$+> $@ $>SearchList <$1> $| <$4> +R<$+> $| <$={src}:$+> <$+> $@ $>SearchList <$1> $| <$4> dnl no match, list empty: return failure -R<$+> $| <$-:$+> <> $@ +R<$+> $| <$={src}:$+> <> $@ dnl got result, return it R<$+> $| <$+> <$*> $@ <$2> dnl return result from recursive invocation @@ -1862,6 +1955,136 @@ dnl empty ruleset definition so it can be called SLocal_trust_auth +ifdef(`_FFR_TLS_O_T', `dnl +Soffer_tls +R$* $: $>LookUpDomain <$&{client_name}> <> +R$* $: $>LookUpAddress <$&{client_addr}> <> +R$* $: <$(access TLS_OFF_TAG: $: ? $)> +R$* $@ OK +R <> $#error $@ 5.7.1 $: "550 do not offer TLS for " $&{client_name} " ["$&{client_addr}"]" + +Stry_tls +R$* $: $>LookUpDomain <$&{server_name}> <> +R$* $: $>LookUpAddress <$&{server_addr}> <> +R$* $: <$(access TLS_TRY_TAG: $: ? $)> +R$* $@ OK +R$* $#error $@ 5.7.1 $: "550 do not try TLS with " $&{server_name} " ["$&{server_addr}"]" +')dnl + +# is connection with client "good" enough? (done in server) +# input: ${verify} $| (MAIL|STARTTLS) +dnl MAIL: called from check_mail +dnl STARTTLS: called from smtp() after STARTTLS has been accepted +Stls_client +ifdef(`_ACCESS_TABLE_', `dnl +dnl ignore second arg for now +dnl maybe use it to distinguish permanent/temporary error? +dnl if MAIL: permanent (STARTTLS has not been offered) +dnl if STARTTLS: temporary (offered but maybe failed) +R$* $| $* $: $1 $| $>LookUpDomain <$&{client_name}> <> +R$* $| $* $: $1 $| $>LookUpAddress <$&{client_addr}> <> +dnl do a default lookup: just TLS_CLT_TAG +R$* $| $* $: $1 $| <$(access TLS_CLT_TAG`'_TAG_DELIM_ $: ? $)> +R$* $@ $>"tls_connection" $1', `dnl +R$* $| $* $@ $>"tls_connection" $1') + +# is connection with server "good" enough? (done in client) +dnl i.e. has the server been authenticated and is encryption active? +dnl called from deliver() after STARTTLS command +# input: ${verify} +Stls_server +ifdef(`_ACCESS_TABLE_', `dnl +R$* $: $1 $| $>LookUpDomain <$&{server_name}> <> +R$* $| $* $: $1 $| $>LookUpAddress <$&{server_addr}> <> +dnl do a default lookup: just TLS_SRV_TAG +R$* $| $* $: $1 $| <$(access TLS_SRV_TAG`'_TAG_DELIM_ $: ? $)> +R$* $@ $>"tls_connection" $1', `dnl +R$* $@ $>"tls_connection" $1') + +Stls_connection +ifdef(`_ACCESS_TABLE_', `dnl +dnl common ruleset for tls_{client|server} +dnl input: $&{verify} $| [<>] +dnl remove optional <> +R$* $| <$*>$* $: $1 $| <$2> +dnl permanent or temporary error? +R$* $| $: $1 $| <503:5.7.0> <$2 $3> +R$* $| $: $1 $| <403:4.7.0> <$2 $3> +dnl default case depends on TLS_PERM_ERR +R$* $| <$={tls} $*> $: $1 $| <$2 $3> +dnl deal with TLS handshake failures: abort +RSOFTWARE $| <$-:$+> $* $#error $@ $2 $: $1 " TLS handshake failed." +dnl no i.e. not requirements in the access map +dnl use default error +RSOFTWARE $| $* $#error $@ ifdef(`TLS_PERM_ERR', `5.7.0', `4.7.0') $: "ifdef(`TLS_PERM_ERR', `503', `403') TLS handshake failed." +R$* $| <$*> $: <$2> $1 +R$* $| <$*> <$={tls}:$->$* $: <$2> <$3:$4> $1 +dnl some other value in access map: accept +dnl this also allows to override the default case (if used) +R$* $| $* $@ OK +# authentication required: give appropriate error +# other side did authenticate (via STARTTLS) +dnl workspace: <{VERIFY,ENCR}[:BITS]> ${verify} +dnl only verification required and it succeeded +R<$*> OK $@ OK +dnl verification required + some level of encryption +R<$*> OK $: <$1> +dnl just some level of encryption required +R<$*> $* $: <$1> +dnl verification required but ${verify} is not set +R<$-:$+> $#error $@ $2 $: $1 " authentication required" +R<$-:$+> FAIL $#error $@ $2 $: $1 " authentication failed" +R<$-:$+> NO $#error $@ $2 $: $1 " not authenticated" +R<$-:$+> NONE $#error $@ $2 $: $1 " other side does not support STARTTLS" +dnl some other value for ${verify} +R<$-:$+> $+ $#error $@ $2 $: $1 " authentication failure " $4 +dnl some level of encryption required: get the maximum level +R<$*> $: <$1> $>max $&{cipher_bits} : $&{auth_ssf} +dnl compare required bits with actual bits +R<$*> $- $: <$1> <$2:$3> $(arith l $@ $3 $@ $2 $) +R<$-:$+><$-:$-> TRUE $#error $@ $2 $: $1 " encryption too weak " $4 " less than " $3 + +Smax +dnl compute the max of two values separated by : +R: $: 0 +R:$- $: $1 +R$-: $: $1 +R$-:$- $: $(arith l $@ $1 $@ $2 $) : $1 : $2 +RTRUE:$-:$- $: $2 +R$-:$-:$- $: $2', +`dnl use default error +dnl deal with TLS handshake failures: abort +RSOFTWARE $#error $@ ifdef(`TLS_PERM_ERR', `5.7.0', `4.7.0') $: "ifdef(`TLS_PERM_ERR', `503', `403') TLS handshake."') + +SRelayAuth +# authenticated? +dnl we do not allow relaying for anyone who can present a cert +dnl signed by a "trusted" CA. For example, even if we put verisigns +dnl CA in CERTPath so we can authenticate users, we do not allow +dnl them to abuse our server (they might be easier to get hold of, +dnl but anyway). +dnl so here is the trick: if the verification succeeded +dnl we look up the cert issuer in the access map +dnl (maybe after extracting a part with a regular expression) +dnl if this returns RELAY we relay without further questions +dnl if it returns SUBJECT we perform a similar check on the +dnl cert subject. +R$* $| OK $: $1 +R$* $| $* $@ NO not authenticated +ifdef(`_ACCESS_TABLE_', `dnl +ifdef(`_CERT_REGEX_ISSUER_', `dnl +R$* $: $1 $| $(CERTIssuer $&{cert_issuer} $)', +`R$* $: $1 $| $&{cert_issuer}') +R$* $| $+ $: $1 $| $(access CERTISSUER:$2 $) +dnl use $# to stop further checks (delay_check) +R$* $| RELAY $# RELAYCERTISSUER +ifdef(`_CERT_REGEX_SUBJECT_', `dnl +R$* $| SUBJECT $: $1 $| <@> $(CERTSubject $&{cert_subject} $)', +`R$* $| SUBJECT $: $1 $| <@> $&{cert_subject}') +R$* $| <@> $+ $: $1 $| <@> $(access CERTSUBJECT:$2 $) +R$* $| <@> RELAY $# RELAYCERTSUBJECT +R$* $| $* $: $1', `dnl') + undivert(9)dnl LOCAL_RULESETS ifdef(`_FFR_MILTER', ` # @@ -1882,3 +2105,4 @@ ###################################################################### ###################################################################### undivert(7)dnl MAILER_DEFINITIONS + Index: gnu/usr.sbin/sendmail/cf/m4/version.m4 =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/cf/m4/version.m4,v retrieving revision 1.2 retrieving revision 1.5 diff -u -r1.2 -r1.5 --- gnu/usr.sbin/sendmail/cf/m4/version.m4 2000/04/07 19:20:30 1.2 +++ gnu/usr.sbin/sendmail/cf/m4/version.m4 2001/05/29 01:31:11 1.5 @@ -1,6 +1,6 @@ divert(-1) # -# Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2001 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 @@ -11,8 +11,8 @@ # the sendmail distribution. # # -VERSIONID(`$Sendmail: version.m4,v 8.39 2000/04/06 20:30:53 gshapiro Exp $') +VERSIONID(`$Sendmail: version.m4,v 8.39.4.29 2001/05/27 21:39:20 gshapiro Exp $') # divert(0) # Configuration version number -DZ8.10.1`'ifdef(`confCF_VERSION', `/confCF_VERSION') +DZ8.11.4`'ifdef(`confCF_VERSION', `/confCF_VERSION') Index: gnu/usr.sbin/sendmail/cf/mailer/local.m4 =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/cf/mailer/local.m4,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- gnu/usr.sbin/sendmail/cf/mailer/local.m4 2000/04/02 19:05:56 1.1.1.1 +++ gnu/usr.sbin/sendmail/cf/mailer/local.m4 2001/01/15 21:08:57 1.2 @@ -1,6 +1,6 @@ PUSHDIVERT(-1) # -# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 @@ -27,7 +27,7 @@ ### Local and Program Mailer specification ### ################################################## -VERSIONID(`$Sendmail: local.m4,v 8.50 1999/11/21 19:02:08 ca Exp $') +VERSIONID(`$Sendmail: local.m4,v 8.50.16.2 2000/09/17 17:04:22 gshapiro Exp $') # # Envelope sender rewriting @@ -78,7 +78,7 @@ `dnl') Mlocal, P=LOCAL_MAILER_PATH, F=_MODMF_(CONCAT(_DEF_LOCAL_MAILER_FLAGS, LOCAL_MAILER_FLAGS), `LOCAL'), S=EnvFromL/HdrFromL, R=EnvToL/HdrToL,_OPTINS(`LOCAL_MAILER_EOL', ` E=', `, ') - _OPTINS(`LOCAL_MAILER_MAX', `M=', `, ')_OPTINS(`LOCAL_MAILER_MAXMSGS', `m=', `, ')_OPTINS(`LOCAL_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/LOCAL_MAILER_DSN_DIAGNOSTIC_CODE, + _OPTINS(`LOCAL_MAILER_MAX', `M=', `, ')_OPTINS(`LOCAL_MAILER_MAXMSGS', `m=', `, ')_OPTINS(`LOCAL_MAILER_MAXRCPTS', `r=', `, ')_OPTINS(`LOCAL_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/LOCAL_MAILER_DSN_DIAGNOSTIC_CODE, A=LOCAL_MAILER_ARGS Mprog, P=LOCAL_SHELL_PATH, F=CONCAT(_DEF_LOCAL_SHELL_FLAGS, LOCAL_SHELL_FLAGS), S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, D=LOCAL_SHELL_DIR, _OPTINS(`LOCAL_MAILER_MAX', `M=', `, ')T=X-Unix/X-Unix/X-Unix, Index: gnu/usr.sbin/sendmail/cf/mailer/smtp.m4 =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/cf/mailer/smtp.m4,v retrieving revision 1.2 retrieving revision 1.3 diff -u -r1.2 -r1.3 --- gnu/usr.sbin/sendmail/cf/mailer/smtp.m4 2000/04/07 19:20:31 1.2 +++ gnu/usr.sbin/sendmail/cf/mailer/smtp.m4 2001/01/15 21:08:57 1.3 @@ -1,6 +1,6 @@ PUSHDIVERT(-1) # -# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers. +# Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers. # All rights reserved. # Copyright (c) 1983 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 @@ -14,17 +14,17 @@ _DEFIFNOT(`_DEF_SMTP_MAILER_FLAGS', `mDFMuX') _DEFIFNOT(`SMTP_MAILER_FLAGS',`') _DEFIFNOT(`RELAY_MAILER_FLAGS', `SMTP_MAILER_FLAGS') -ifdef(`SMTP_MAILER_ARGS',, `define(`SMTP_MAILER_ARGS', `IPC $h')') -ifdef(`ESMTP_MAILER_ARGS',, `define(`ESMTP_MAILER_ARGS', `IPC $h')') -ifdef(`SMTP8_MAILER_ARGS',, `define(`SMTP8_MAILER_ARGS', `IPC $h')') -ifdef(`DSMTP_MAILER_ARGS',, `define(`DSMTP_MAILER_ARGS', `IPC $h')') -ifdef(`RELAY_MAILER_ARGS',, `define(`RELAY_MAILER_ARGS', `IPC $h')') +ifdef(`SMTP_MAILER_ARGS',, `define(`SMTP_MAILER_ARGS', `TCP $h')') +ifdef(`ESMTP_MAILER_ARGS',, `define(`ESMTP_MAILER_ARGS', `TCP $h')') +ifdef(`SMTP8_MAILER_ARGS',, `define(`SMTP8_MAILER_ARGS', `TCP $h')') +ifdef(`DSMTP_MAILER_ARGS',, `define(`DSMTP_MAILER_ARGS', `TCP $h')') +ifdef(`RELAY_MAILER_ARGS',, `define(`RELAY_MAILER_ARGS', `TCP $h')') POPDIVERT ##################################### ### SMTP Mailer specification ### ##################################### -VERSIONID(`$Sendmail: smtp.m4,v 8.56 2000/04/03 20:54:55 ca Exp $') +VERSIONID(`$Sendmail: smtp.m4,v 8.56.2.1.2.3 2000/09/25 13:53:27 ca Exp $') # # common sender and masquerading recipient rewriting @@ -101,17 +101,17 @@ R$+ $: $>MasqHdr $1 Msmtp, P=[IPC], F=_MODMF_(CONCAT(_DEF_SMTP_MAILER_FLAGS, SMTP_MAILER_FLAGS), `SMTP'), S=EnvFromSMTP/HdrFromSMTP, R=ifdef(`_ALL_MASQUERADE_', `EnvToSMTP/HdrFromSMTP', `EnvToSMTP'), E=\r\n, L=990, - _OPTINS(`SMTP_MAILER_MAX', `M=', `, ')_OPTINS(`SMTP_MAILER_MAXMSGS', `m=', `, ')_OPTINS(`SMTP_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/SMTP, + _OPTINS(`SMTP_MAILER_MAX', `M=', `, ')_OPTINS(`SMTP_MAILER_MAXMSGS', `m=', `, ')_OPTINS(`SMTP_MAILER_MAXRCPTS', `r=', `, ')_OPTINS(`SMTP_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/SMTP, A=SMTP_MAILER_ARGS -Mesmtp, P=[IPC], F=CONCAT(_DEF_SMTP_MAILER_FLAGS, `a', SMTP_MAILER_FLAGS), S=EnvFromSMTP/HdrFromSMTP, R=ifdef(`_ALL_MASQUERADE_', `EnvToSMTP/HdrFromSMTP', `EnvToSMTP'), E=\r\n, L=990, - _OPTINS(`SMTP_MAILER_MAX', `M=', `, ')_OPTINS(`SMTP_MAILER_MAXMSGS', `m=', `, ')_OPTINS(`SMTP_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/SMTP, +Mesmtp, P=[IPC], F=_MODMF_(CONCAT(_DEF_SMTP_MAILER_FLAGS, `a', SMTP_MAILER_FLAGS), `SMTP'), S=EnvFromSMTP/HdrFromSMTP, R=ifdef(`_ALL_MASQUERADE_', `EnvToSMTP/HdrFromSMTP', `EnvToSMTP'), E=\r\n, L=990, + _OPTINS(`SMTP_MAILER_MAX', `M=', `, ')_OPTINS(`SMTP_MAILER_MAXMSGS', `m=', `, ')_OPTINS(`SMTP_MAILER_MAXRCPTS', `r=', `, ')_OPTINS(`SMTP_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/SMTP, A=ESMTP_MAILER_ARGS -Msmtp8, P=[IPC], F=CONCAT(_DEF_SMTP_MAILER_FLAGS, `8', SMTP_MAILER_FLAGS), S=EnvFromSMTP/HdrFromSMTP, R=ifdef(`_ALL_MASQUERADE_', `EnvToSMTP/HdrFromSMTP', `EnvToSMTP'), E=\r\n, L=990, - _OPTINS(`SMTP_MAILER_MAX', `M=', `, ')_OPTINS(`SMTP_MAILER_MAXMSGS', `m=', `, ')_OPTINS(`SMTP_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/SMTP, +Msmtp8, P=[IPC], F=_MODMF_(CONCAT(_DEF_SMTP_MAILER_FLAGS, `8', SMTP_MAILER_FLAGS), `SMTP'), S=EnvFromSMTP/HdrFromSMTP, R=ifdef(`_ALL_MASQUERADE_', `EnvToSMTP/HdrFromSMTP', `EnvToSMTP'), E=\r\n, L=990, + _OPTINS(`SMTP_MAILER_MAX', `M=', `, ')_OPTINS(`SMTP_MAILER_MAXMSGS', `m=', `, ')_OPTINS(`SMTP_MAILER_MAXRCPTS', `r=', `, ')_OPTINS(`SMTP_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/SMTP, A=SMTP8_MAILER_ARGS -Mdsmtp, P=[IPC], F=CONCAT(_DEF_SMTP_MAILER_FLAGS, `a%', SMTP_MAILER_FLAGS), S=EnvFromSMTP/HdrFromSMTP, R=ifdef(`_ALL_MASQUERADE_', `EnvToSMTP/HdrFromSMTP', `EnvToSMTP'), E=\r\n, L=990, - _OPTINS(`SMTP_MAILER_MAX', `M=', `, ')_OPTINS(`SMTP_MAILER_MAXMSGS', `m=', `, ')_OPTINS(`SMTP_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/SMTP, +Mdsmtp, P=[IPC], F=_MODMF_(CONCAT(_DEF_SMTP_MAILER_FLAGS, `a%', SMTP_MAILER_FLAGS), `SMTP'), S=EnvFromSMTP/HdrFromSMTP, R=ifdef(`_ALL_MASQUERADE_', `EnvToSMTP/HdrFromSMTP', `EnvToSMTP'), E=\r\n, L=990, + _OPTINS(`SMTP_MAILER_MAX', `M=', `, ')_OPTINS(`SMTP_MAILER_MAXMSGS', `m=', `, ')_OPTINS(`SMTP_MAILER_MAXRCPTS', `r=', `, ')_OPTINS(`SMTP_MAILER_CHARSET', `C=', `, ')T=DNS/RFC822/SMTP, A=DSMTP_MAILER_ARGS -Mrelay, P=[IPC], F=CONCAT(_DEF_SMTP_MAILER_FLAGS, `a8', RELAY_MAILER_FLAGS), S=EnvFromSMTP/HdrFromSMTP, R=ifdef(`_ALL_MASQUERADE_', `MasqSMTP/MasqRelay', `MasqSMTP'), E=\r\n, L=2040, - _OPTINS(`RELAY_MAILER_CHARSET', `C=', `, ')_OPTINS(`RELAY_MAILER_MAXMSGS', `m=', `, ')T=DNS/RFC822/SMTP, +Mrelay, P=[IPC], F=_MODMF_(CONCAT(_DEF_SMTP_MAILER_FLAGS, `a8', RELAY_MAILER_FLAGS), `RELAY'), S=EnvFromSMTP/HdrFromSMTP, R=ifdef(`_ALL_MASQUERADE_', `MasqSMTP/MasqRelay', `MasqSMTP'), E=\r\n, L=2040, + _OPTINS(`RELAY_MAILER_CHARSET', `C=', `, ')_OPTINS(`RELAY_MAILER_MAXMSGS', `m=', `, ')_OPTINS(`SMTP_MAILER_MAXRCPTS', `r=', `, ')T=DNS/RFC822/SMTP, A=RELAY_MAILER_ARGS Index: gnu/usr.sbin/sendmail/contrib/bitdomain.c =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/contrib/bitdomain.c,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.2 diff -u -r1.1.1.1 -r1.1.1.2 --- gnu/usr.sbin/sendmail/contrib/bitdomain.c 2000/04/02 19:05:57 1.1.1.1 +++ gnu/usr.sbin/sendmail/contrib/bitdomain.c 2001/01/15 20:52:40 1.1.1.2 @@ -51,7 +51,7 @@ { int opt; - while ((opt = getopt(argc, argv, "o:")) != EOF) { + while ((opt = getopt(argc, argv, "o:")) != -1) { switch (opt) { case 'o': if (!freopen(optarg, "w", stdout)) { @@ -187,7 +187,7 @@ case NO_DATA: err = "registered in DNS, but not mailable"; break; - + default: err = "unknown nameserver error"; break; @@ -210,7 +210,7 @@ int hbsize; { register u_char *eom, *ap; - register int n; + register int n; HEADER *hp; querybuf answer; int ancount, qdcount; @@ -406,4 +406,4 @@ } } } - + Index: gnu/usr.sbin/sendmail/contrib/domainmap.m4 =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/contrib/domainmap.m4,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.2 diff -u -r1.1.1.1 -r1.1.1.2 --- gnu/usr.sbin/sendmail/contrib/domainmap.m4 2000/04/02 19:05:57 1.1.1.1 +++ gnu/usr.sbin/sendmail/contrib/domainmap.m4 2001/01/15 20:52:40 1.1.1.2 @@ -58,7 +58,7 @@ ifdef(`_DOMAIN_MAP_',`',`dnl LOCAL_RULE_0 # do mapping for domains where applicable -R$* $=O $* <@ $={MappedDomain} .> $@ $>97 $1 $2 $3 Strip extraneous routing +R$* $=O $* <@ $={MappedDomain} .> $@ $>Recurse $1 $2 $3 Strip extraneous routing R$+ <@ $={MappedDomain} .> $>DomainMapLookup $1 <@ $2 .> domain mapping LOCAL_RULESETS @@ -69,22 +69,35 @@ SDomainMapLookup R $=L <@ $=w .> $@ $1 <@ $2 .> weed out local users, in case # Cw contains a mapped domain -R $+ <@ $+ .> $1 <@ $2 > strip trailing dot -R $+ <@ $+ . $+ > $1 <@ $(dequote $2 "_" $3 $) > +ifdef(`DOMAINMAP_NO_REGEX',`dnl +R $+ <@ $+> $: $1 <@ $2> <$2> find domain +R $+ <$+> <$+ . $+> $1 <$2> < $(dequote $3 "_" $4 $) > # change "." to "_" -R $+ <@ $+ > $: $1 <@ $(dequote "domain_" $2 $) > +R $+ <$+> <$+ .> $: $1 <$2> < $(dequote "domain_" $3 $) > # prepend "domain_" -R $+ + $+ <@ $*> $1 <@ $3 > <+> $2 handle user+list syntax -R $+ <@ $* > $* $( $2 $1 $: $) $3 +dnl',`dnl +R $+ <@ $+> $: $1 <@ $2> <$2 :NOTDONE:> find domain +R $+ <$+> <$+ . :NOTDONE:> $1 <$2> < $(domainmap_regex $3 $: $3 $) > +# change "." and "-" to "_" +R $+ <$+> <$+> $: $1 <$2> < $(dequote "domain_" $3 $) > +# prepend "domain_" +dnl') +R $+ <$+> <$+> $: $1 <$2> <$3> $1 find user name +R $+ <$+> <$+> $+ + $* $: $1 <$2> <$3> $4 handle user+detail syntax +R $+ <$+> <$+> $+ $: $1 <$2> $( $3 $4 $: $) # do actual domain map lookup -R $* $#error $@ 5.1.1 $: "550 email address lookup in domain map failed" -R $* $* $#error $@ 4.3.0 $: "450 domain map temporarily unavailable" -R $+ @ $+ <+> $+ $1 + $3 @ $2 reset original user+list -R $+ <+> $* $1 paranoid check - remove <+> -R $+ @ $+ . $1 @ $2 strip trailing dot -R $+ @ $+ $@ $>97 $1 @ $2 recanonify -define(`_DOMAIN_MAP_',`1')') +R $+ <$+> $#error $@ 5.1.1 $: "550 email address lookup in domain map failed" +R $+ <@ $+> $* $* $#dsmtp $@ localhost $: $1 @ $2 +# queue it up for later delivery +R $+ + $* <$+> $+ @ $+ $: $1 + $2 <$3> $4 + $2 @ $5 +# reset original user+detail +R $+ <$+> $+ $@ $>Recurse $3 recanonify + +ifdef(`DOMAINMAP_NO_REGEX',`',`dnl +LOCAL_CONFIG +K domainmap_regex regex -a.:NOTDONE: -s1,2 -d_ (.*)[-\.]([^-\.]*)$ +')define(`_DOMAIN_MAP_',`1')') LOCAL_CONFIG C{MappedDomain} _ARG_ -K `domain_'translit(_ARG_, `.', `_') _ARG2_ -T +K `domain_'translit(_ARG_, `.-', `__') _ARG2_ -T Index: gnu/usr.sbin/sendmail/contrib/passwd-to-alias.pl =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/contrib/passwd-to-alias.pl,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.2 diff -u -r1.1.1.1 -r1.1.1.2 --- gnu/usr.sbin/sendmail/contrib/passwd-to-alias.pl 2000/04/02 19:05:57 1.1.1.1 +++ gnu/usr.sbin/sendmail/contrib/passwd-to-alias.pl 2001/01/15 20:52:41 1.1.1.2 @@ -8,22 +8,23 @@ print "# Generated from passwd by $0\n"; +$wordpat = '([a-zA-Z]+?[a-zA-Z0-9-]*)?[a-zA-Z0-9]'; # 'DB2' while (@a = getpwent) { ($name,$passwd,$uid,$gid,$quota,$comment,$gcos,$dir,$shell) = @a; ($fullname = $gcos) =~ s/,.*$//; - if (!-d $dir || !-x $shell) { - print "$name: root\n"; + if (!-d $dir || !-x $shell || $shell =~ m!/bin/(false|true)$!) { + print "$name: root\n"; # handle pseudo user } $fullname =~ s/\.*[ _]+\.*/./g; - $fullname =~ tr [åäöÅÄÖé] [aaoAAOe]; # 1997-06-15 - if ($fullname =~ /^[a-zA-Z][a-zA-Z-]+(\.[a-zA-Z][a-zA-Z-]+)+$/) { -# if ($fullname =~ /^[a-zA-Z]+(\.[a-zA-Z]+)+$/) { # Kari E. Hurtta + $fullname =~ tr [åäéöüÅÄÖÜ] [aaeouAAOU]; # 1997-06-15 + next if (!$fullname || lc($fullname) eq $name); # avoid nonsense + if ($fullname =~ /^$wordpat(\.$wordpat)*$/o) { # Ulrich Windl print "$fullname: $name\n"; } else { - print "# $fullname: $name\n"; + print "# $fullname: $name\n"; # avoid strange names } }; Index: gnu/usr.sbin/sendmail/contrib/qtool.8 =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/contrib/qtool.8,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- gnu/usr.sbin/sendmail/contrib/qtool.8 2000/04/02 19:05:57 1.1.1.1 +++ gnu/usr.sbin/sendmail/contrib/qtool.8 2001/01/15 21:09:00 1.2 @@ -6,11 +6,11 @@ .\" the sendmail distribution. .\" .\" -.\" $Sendmail: qtool.8,v 8.9 1999/08/26 00:04:10 cying Exp $ +.\" $Sendmail: qtool.8,v 8.9.16.2 2000/12/15 19:50:41 gshapiro Exp $ .\" -.TH QTOOL 8 "July 12, 1999" +.TH QTOOL 8 "$Date: 2001/01/15 21:09:00 $" .SH NAME -.B qtool +qtool \- manipulate sendmail queues .SH SYNOPSIS .B qtool.pl Index: gnu/usr.sbin/sendmail/contrib/qtool.pl =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/contrib/qtool.pl,v retrieving revision 1.1.1.1 retrieving revision 1.2 diff -u -r1.1.1.1 -r1.2 --- gnu/usr.sbin/sendmail/contrib/qtool.pl 2000/04/02 19:05:57 1.1.1.1 +++ gnu/usr.sbin/sendmail/contrib/qtool.pl 2001/01/15 21:09:00 1.2 @@ -1,9 +1,9 @@ #!/usr/bin/env perl ## -## Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers. +## Copyright (c) 1998-2000 Sendmail, Inc. and its suppliers. ## All rights reserved. ## -## $Sendmail: qtool.pl,v 8.15 1999/08/30 19:18:37 peterh Exp $ +## $Sendmail: qtool.pl,v 8.15.16.4 2000/11/30 07:14:01 gshapiro Exp $ ## use strict; use File::Basename; @@ -133,13 +133,12 @@ if ($result) { print("$result.\n"); + exit; } } if (keys(%sources) == 0) { - print("You must at least specify at least one source.\n"); - usage(); exit; } @@ -164,7 +163,7 @@ print(" -b Bounce the messages specified by source.\n"); print(" -d Delete the messages specified by source.\n"); print(" -e [perl expression] Move only messages for which perl expression returns true.\n"); - print(" -s [seconds] Move only messages older than seconds.\n"); + print(" -s [seconds] Move only messages whose qf file is older than seconds.\n"); } ## @@ -705,6 +704,14 @@ } } +sub last_modified_time +{ + my $self = shift; + my @result; + @result = stat($self->{data_file}->{file_name}); + return $result[9]; +} + sub TIEHASH { my $this = shift; @@ -914,7 +921,7 @@ } @control_files = grep { /^qf.*/ && -f "$control_dir/$_" } readdir(QUEUE_DIR); - closedir(DIR); + closedir(QUEUE_DIR); foreach $file_name (@control_files) { $id = substr($file_name, 2); Index: gnu/usr.sbin/sendmail/contrib/re-mqueue.pl =================================================================== RCS file: /cvs/src/gnu/usr.sbin/sendmail/contrib/re-mqueue.pl,v retrieving revision 1.1.1.1 retrieving revision 1.1.1.2 diff -u -r1.1.1.1 -r1.1.1.2 --- gnu/usr.sbin/sendmail/contrib/re-mqueue.pl 2000/04/02 19:05:58 1.1.1.1 +++ gnu/usr.sbin/sendmail/contrib/re-mqueue.pl 2001/01/15 20:52:41 1.1.1.2 @@ -93,6 +93,17 @@ # Allow zero-length df files (empty message body) # Preserve $! for error messages # +# Updated by Graeme Hewson April 2000 +# +# Improve handling of race between re-mqueue and sendmail +# +# Updated by Graeme Hewson June 2000 +# +# Don't exit(0) at end so can be called as subroutine +# +# NB This program can't handle separate qf/df/xf subdirectories +# as introduced in sendmail 8.10.0. +# use Sys::Syslog; @@ -136,18 +147,17 @@ ($qfile = $dfile) =~ s/^d/q/; ($xfile = $dfile) =~ s/^d/x/; ($mfile = $dfile) =~ s/^df//; - if (! -e $dfile) { - print "$dfile is gone - skipping\n" if ($debug); - next; - } if (! -e $qfile || -z $qfile) { print "$qfile is gone or zero bytes - skipping\n" if ($debug); next; } - $mtime = $now; ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size, $atime,$mtime,$ctime,$blksize,$blocks) = stat($dfile); + if (! defined $mtime) { + print "$dfile is gone - skipping\n" if ($debug); + next; + } # Compare timestamps if (($mtime + $age) > $now) { @@ -182,6 +192,17 @@ } print "$qfile now flock()ed\n" if ($debug); + # Check df* file again in case sendmail got in + if (! -e $dfile) { + print "$mfile sent - skipping\n" if ($debug); + # qf* file created by ourselves at open? (Almost certainly) + if (-z $qfile) { + unlink($qfile); + } + close(QF); + next; + } + # Show time! Do the link()s if (link("$dfile", "$queueB/$dfile") == 0) { $bang = $!; @@ -235,4 +256,3 @@ &syslog('info', '%s moved to %s', $mfile, $queueB); print "Done with $dfile $qfile\n\n" if ($debug); } -exit 0; Index: gnu/usr.sbin/sendmail/contrib/smcontrol.pl ======