Server sendmail: Add missing submit.cf

author: Sven Göthel <[email protected]> 2024-03-03 05:48:03 +0100
committer: Sven Göthel <[email protected]> 2024-03-03 05:48:03 +0100
commit: ebed7c30d137467ec28e857afc6fa5f07ad5ba7a (patch)
tree: 93d4194df75cad1c22dc886a059e39ce11a68740
parent: a0577e13b8c65a8d728e4095bbb2c027d84311fe (diff)
1 files changed, 1550 insertions, 0 deletions
diff --git a/server/setup/05-service-settings/etc/mail/submit.cf b/server/setup/05-service-settings/etc/mail/submit.cf
new file mode 100644
index 0000000..7951f5e
--- /dev/null
+++ b/server/setup/05-service-settings/etc/mail/submit.cf
@@ -0,0 +1,1550 @@
+#
+#   Copyright (c) 2000-2002 Richard Nelson.  All Rights Reserved.
+#
+#  This file is used to configure Sendmail for use with Debian systems.
+#
+#
+# Copyright (c) 1998-2004, 2009, 2010 Proofpoint, Inc. and its suppliers.
+#	All rights reserved.
+# Copyright (c) 1983, 1995 Eric P. Allman.  All rights reserved.
+# Copyright (c) 1988, 1993
+#	The Regents of the University of California.  All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+#
+
+######################################################################
+######################################################################
+#####
+#####		SENDMAIL CONFIGURATION FILE
+#####
+##### built by [email protected] on Sun 16 Oct 2022 06:37:18 AM CEST
+##### in /
+##### using /usr/share/sendmail/cf/ as configuration include directory
+#####
+######################################################################
+#####
+#####	DO NOT EDIT THIS FILE!  Only edit the source .mc file.
+#####
+######################################################################
+######################################################################
+
+#####  $Id: cfhead.m4,v 8.122 2013-11-22 20:51:13 ca Exp $  #####
+#####  $Id: cf.m4,v 8.33 2013-11-22 20:51:13 ca Exp $  #####
+#####  $Id: submit.mc, v 8.14.4-4 2013-02-11 11:12:33 cowboy Exp $  #####
+#####  $Id: autoconf.m4, v 8.15.2-22 2021-03-16 16:04:16 cowboy Exp $  #####
+#####  $Id: debian.m4, v 8.15.2-22 2021-03-16 16:04:16 cowboy Exp $  #####
+#
+#-------------------------------------------------------------------------
+#
+# Undocumented features are available in Debian Sendmail 8.15.2-22.
+#	* none
+#
+# _FFR_ features are available in Debian Sendmail 8.15.2-22.
+#	* milter
+#	*  -D_FFR_QUEUE_SCHED_DBG -D_FFR_SKIP_DOMAINS -D_FFR_NO_PIPE -D_FFR_SHM_STATUS -D_FFR_RHS -D_FFR_MAIL_MACRO -D_FFR_QUEUEDELAY=1 -D_FFR_BADRCPT_SHUTDOWN -D_FFR_RESET_MACRO_GLOBALS -D_FFR_TLS_EC
+#-------------------------------------------------------------------------
+#
+# These _FFR_ features are for sendmail.mc processing
+#
+ 
+#-------------------------------------------------------------------------
+#####  $Id: debian-msp.m4, v 8.15.2-22 2021-03-16 16:04:16 cowboy Exp $  #####
+
+#####  $Id: no_default_msa.m4,v 8.3 2013-11-22 20:51:11 ca Exp $  #####
+
+
+#####  $Id: use_ct_file.m4,v 8.12 2013-11-22 20:51:11 ca Exp $  #####
+
+#####  $Id: msp.m4,v 1.34 2013-11-22 20:51:11 ca Exp $  #####
+
+#####  $Id: no_default_msa.m4,v 8.3 2013-11-22 20:51:11 ca Exp $  #####
+#####  $Id: starttls.m4,v 8.15.2-22 2021-03-16 16:04:16 cowboy Exp $  #####
+
+
+#####  $Id: proto.m4,v 8.762 2013-11-22 20:51:13 ca Exp $  #####
+
+# level 10 config file format
+V10/Berkeley
+
+# override file safeties - setting this option compromises system security,
+# addressing the actual file configuration problem is preferred
+# need to set this before any file actions are encountered in the cf file
+O DontBlameSendmail=	,GroupReadableKeyFile
+
+# default LDAP map specification
+# need to set this now before any LDAP maps are defined
+#O LDAPDefaultSpec=-h localhost
+
+##################
+#   local info   #
+##################
+
+# my LDAP cluster
+# need to set this before any LDAP lookups are done (including classes)
+#D{sendmailMTACluster}$m
+
+Cwlocalhost
+
+# my official domain name
+# ... define this only if sendmail cannot automatically determine your domain
+#Dj$w.Foo.COM
+
+# host/domain names ending with a token in class P are canonical
+CP.
+
+# "Smart" relay host (may be null)
+DS
+
+
+# operators that cannot be in local usernames (i.e., network indicators)
+CO @ % !
+
+# a class with just dot (for identifying canonical names)
+C..
+
+# a class with just a left bracket (for identifying domain literals)
+C[[
+
+
+# Resolve map (to check if a host exists in check_mail)
+Kresolve host -a<OKR> -T<TEMP>
+C{ResOk}OKR
+
+
+# Hosts for which relaying is permitted ($=R)
+FR-o /etc/mail/relay-domains %[^\#]
+
+# arithmetic map
+Karith arith
+
+
+
+
+
+# dequoting map
+Kdequote dequote
+
+# class E: names that should be exposed as from this host, even if we masquerade
+# class L: names that should be delivered locally, even if we have a relay
+# class M: domains that should be converted to $M
+# class N: domains that should not be converted to $M
+#CL root
+
+
+
+# my name for error messages
+DnMAILER-DAEMON
+
+
+D{MTAHost}[127.0.0.1]
+
+
+# Configuration version number
+DZ8.15.2/Submit
+
+
+###############
+#   Options   #
+###############
+
+# strip message body to 7 bits on input?
+O SevenBitInput=False
+
+# 8-bit data handling
+#O EightBitMode=pass8
+
+# wait for alias file rebuild (default units: minutes)
+O AliasWait=10
+
+# location of alias file
+#O AliasFile=/etc/mail/aliases
+
+# minimum number of free blocks on filesystem
+O MinFreeBlocks=100
+
+# maximum message size
+#O MaxMessageSize=0
+
+# substitution for space (blank) characters
+O BlankSub=.
+
+# avoid connecting to "expensive" mailers on initial submission?
+O HoldExpensive=False
+
+# checkpoint queue runs after every N successful deliveries
+#O CheckpointInterval=10
+
+# default delivery mode
+O DeliveryMode=i
+
+# error message header/file
+#O ErrorHeader=/etc/mail/error-header
+
+# error mode
+#O ErrorMode=print
+
+# save Unix-style "From_" lines at top of header?
+#O SaveFromLine=False
+
+# queue file mode (qf files)
+O QueueFileMode=0660
+
+# temporary file mode
+O TempFileMode=0640
+
+# match recipients against GECOS field?
+#O MatchGECOS=False
+
+# maximum hop count
+#O MaxHopCount=25
+
+# location of help file
+O HelpFile=/etc/mail/helpfile
+
+# ignore dots as terminators in incoming messages?
+#O IgnoreDots=False
+
+# name resolver options
+O ResolverOptions=+WorkAroundBrokenAAAA
+
+# deliver MIME-encapsulated error messages?
+O SendMimeErrors=True
+
+# Forward file search path
+O ForwardPath
+
+# open connection cache size
+O ConnectionCacheSize=2
+
+# open connection cache timeout
+O ConnectionCacheTimeout=5m
+
+# persistent host status directory
+O HostStatusDirectory
+
+# single thread deliveries (requires HostStatusDirectory)?
+#O SingleThreadDelivery=False
+
+# use Errors-To: header?
+O UseErrorsTo=False
+
+# use compressed IPv6 address format?
+#O UseCompressedIPv6Addresses
+
+# log level
+O LogLevel=9
+
+# send to me too, even in an alias expansion?
+O MeToo=True
+
+# verify RHS in newaliases?
+O CheckAliases=False
+
+# default messages to old style headers if no special punctuation?
+O OldStyleHeaders=True
+
+# SMTP daemon options
+
+O DaemonPortOptions=Name=NoMTA, Addr=127.0.0.1, M=E
+
+# SMTP client options
+#O ClientPortOptions=Family=inet, Address=0.0.0.0
+
+# Modifiers to define {daemon_flags} for direct submissions
+#O DirectSubmissionModifiers
+
+# Use as mail submission program? See sendmail/SECURITY
+O UseMSP=True
+
+# privacy flags
+O PrivacyOptions=goaway,noetrn,restrictqrun
+
+# who (if anyone) should get extra copies of error messages
+#O PostmasterCopy=Postmaster
+
+# slope of queue-only function
+#O QueueFactor=600000
+
+# limit on number of concurrent queue runners
+#O MaxQueueChildren
+
+# maximum number of queue-runners per queue-grouping with multiple queues
+#O MaxRunnersPerQueue=1
+
+# priority of queue runners (nice(3))
+#O NiceQueueRun
+
+# shall we sort the queue by hostname first?
+#O QueueSortOrder=priority
+
+# minimum time in queue before retry
+#O MinQueueAge=30m
+
+# maximum time in queue before retry (if > 0; only for exponential delay)
+#O MaxQueueAge
+
+# how many jobs can you process in the queue?
+#O MaxQueueRunSize=0
+
+# perform initial split of envelope without checking MX records
+#O FastSplit=1
+
+# queue directory
+O QueueDirectory=/var/spool/mqueue-client
+
+# key for shared memory; 0 to turn off, -1 to auto-select
+#O SharedMemoryKey=0
+
+# file to store auto-selected key for shared memory (SharedMemoryKey = -1)
+#O SharedMemoryKeyFile
+
+# timeouts (many of these)
+#O Timeout.initial=5m
+#O Timeout.connect=5m
+#O Timeout.aconnect=0s
+O Timeout.iconnect=2s
+#O Timeout.helo=5m
+O Timeout.mail=2m
+#O Timeout.rcpt=1h
+O Timeout.datainit=2m
+#O Timeout.datablock=1h
+#O Timeout.datafinal=1h
+O Timeout.rset=1m
+O Timeout.quit=2m
+#O Timeout.misc=2m
+O Timeout.command=5m
+O Timeout.ident=5s
+#O Timeout.fileopen=60s
+#O Timeout.control=2m
+O Timeout.queuereturn=5d
+#O Timeout.queuereturn.normal=5d
+#O Timeout.queuereturn.urgent=2d
+#O Timeout.queuereturn.non-urgent=7d
+#O Timeout.queuereturn.dsn=5d
+O Timeout.queuewarn=4h
+#O Timeout.queuewarn.normal=4h
+#O Timeout.queuewarn.urgent=1h
+#O Timeout.queuewarn.non-urgent=12h
+#O Timeout.queuewarn.dsn=4h
+O Timeout.hoststatus=0
+#O Timeout.resolver.retrans=5s
+#O Timeout.resolver.retrans.first=5s
+#O Timeout.resolver.retrans.normal=5s
+#O Timeout.resolver.retry=4
+#O Timeout.resolver.retry.first=4
+#O Timeout.resolver.retry.normal=4
+#O Timeout.lhlo=2m
+#O Timeout.auth=10m
+O Timeout.starttls=2m
+
+# time for DeliverBy; extension disabled if less than 0
+#O DeliverByMin=0
+
+# should we not prune routes in route-addr syntax addresses?
+#O DontPruneRoutes=False
+
+# queue up everything before forking?
+O SuperSafe=True
+
+# status file
+O StatusFile=/var/lib/sendmail/sm-client.st
+
+# time zone handling:
+#  if undefined, use system default
+#  if defined but null, use TZ envariable passed in
+#  if defined and non-null, use that info
+#O TimeZoneSpec=
+
+# default UID (can be username or userid:groupid)
+O DefaultUser=mail:mail
+
+# list of locations of user database file (null means no lookup)
+#O UserDatabaseSpec=/etc/mail/userdb
+
+# fallback MX host
+#O FallbackMXhost=fall.back.host.net
+
+# fallback smart host
+#O FallbackSmartHost=fall.back.host.net
+
+# if we are the best MX host for a site, try it directly instead of config err
+#O TryNullMXList=False
+
+# load average at which we just queue messages
+#O QueueLA=8
+
+# load average at which we refuse connections
+#O RefuseLA=12
+
+# log interval when refusing connections for this long
+#O RejectLogInterval=3h
+
+# load average at which we delay connections; 0 means no limit
+#O DelayLA=0
+
+# maximum number of children we allow at one time
+#O MaxDaemonChildren=0
+
+# maximum number of new connections per second
+#O ConnectionRateThrottle=0
+
+# Width of the window 
+#O ConnectionRateWindowSize=60s
+
+# work recipient factor
+#O RecipientFactor=30000
+
+# deliver each queued job in a separate process?
+#O ForkEachJob=False
+
+# work class factor
+#O ClassFactor=1800
+
+# work time factor
+#O RetryFactor=90000
+
+# default character set
+#O DefaultCharSet=unknown-8bit
+
+# service switch file (name hardwired on Solaris, Ultrix, OSF/1, others)
+#O ServiceSwitchFile=/etc/mail/service.switch
+
+# hosts file (normally /etc/hosts)
+#O HostsFile=/etc/hosts
+
+# dialup line delay on connection failure
+#O DialDelay=0s
+
+# action to take if there are no recipients in the message
+#O NoRecipientAction=none
+
+# chrooted environment for writing to files
+O SafeFileEnvironment=/
+
+# are colons OK in addresses?
+#O ColonOkInAddr=True
+
+# shall I avoid expanding CNAMEs (violates protocols)?
+#O DontExpandCnames=False
+
+# SMTP initial login message (old $e macro)
+O SmtpGreetingMessage=$j Sendmail $v/$Z; $b; (No UCE/UBE) $?{client_addr}logging access from: ${client_name}(${client_resolve})-$_$.
+
+# UNIX initial From header format (old $l macro)
+O UnixFromLine=From $g $d
+
+# From: lines that have embedded newlines are unwrapped onto one line
+#O SingleLineFromHeader=False
+
+# Allow HELO SMTP command that does not include a host name
+#O AllowBogusHELO=False
+
+# Characters to be quoted in a full name phrase (@,;:\()[] are automatic)
+O MustQuoteChars=.'
+
+# delimiter (operator) characters (old $o macro)
+O OperatorChars=.:%@!^/[]+
+
+# shall I avoid calling initgroups(3) because of high NIS costs?
+#O DontInitGroups=False
+
+# are group-writable :include: and .forward files (un)trustworthy?
+# True (the default) means they are not trustworthy.
+#O UnsafeGroupWrites=True
+
+
+# where do errors that occur when sending errors get sent?
+#O DoubleBounceAddress=postmaster
+
+# issue temporary errors (4xy) instead of permanent errors (5xy)?
+#O SoftBounce=False
+
+# where to save bounces if all else fails
+O DeadLetterDrop=/var/lib/sendmail/dead.letter
+
+# what user id do we assume for the majority of the processing?
+O RunAsUser=smmsp
+
+# maximum number of recipients per SMTP envelope
+#O MaxRecipientsPerMessage=0
+
+# limit the rate recipients per SMTP envelope are accepted
+# once the threshold number of recipients have been rejected
+#O BadRcptThrottle=0
+
+
+# shall we get local names from our installed interfaces?
+O DontProbeInterfaces=True
+
+# Return-Receipt-To: header implies DSN request
+O RrtImpliesDsn=False
+
+# override connection address (for testing)
+#O ConnectOnlyTo=0.0.0.0
+
+# Trusted user for file ownership and starting the daemon
+O TrustedUser=smmsp
+
+# Control socket for daemon management
+O ControlSocketName=/var/run/sendmail/msp/smcontrol
+
+# Maximum MIME header length to protect MUAs
+#O MaxMimeHeaderLength=0/0
+
+# Maximum length of the sum of all headers
+#O MaxHeadersLength=32768
+
+# Maximum depth of alias recursion
+#O MaxAliasRecursion=10
+
+# location of pid file
+O PidFile=/var/run/sendmail/msp/sendmail.pid
+
+# Prefix string for the process title shown on 'ps' listings
+O ProcessTitlePrefix=MSP
+
+# Data file (df) memory-buffer file maximum size
+#O DataFileBufferSize=4096
+
+# Transcript file (xf) memory-buffer file maximum size
+#O XscriptFileBufferSize=4096
+
+# lookup type to find information about local mailboxes
+#O MailboxDatabase=pw
+
+# override compile time flag REQUIRES_DIR_FSYNC
+#O RequiresDirfsync=true
+
+# list of authentication mechanisms
+#O AuthMechanisms=EXTERNAL GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5
+
+# Authentication realm
+#O AuthRealm
+
+# default authentication information for outgoing connections
+#O DefaultAuthInfo=/etc/mail/default-auth-info
+
+# SMTP AUTH flags
+#O AuthOptions
+
+# SMTP AUTH maximum encryption strength
+#O AuthMaxBits
+
+# SMTP STARTTLS server options
+O TLSSrvOptions=V
+
+# SSL cipherlist
+#O CipherList
+# server side SSL options
+#O ServerSSLOptions
+# client side SSL options
+#O ClientSSLOptions
+
+# Input mail filters
+#O InputMailFilters
+
+
+# CA directory
+O CACertPath=/etc/ssl/certs
+# CA file
+# O CACertFile=/etc/ssl/local/thawte-ca-cert5-20181102.pem
+# Server Cert
+O ServerCertFile=/etc/ssl/local/jogamp2025a.org.crt.pem
+# Server private key
+O ServerKeyFile=/etc/ssl/local/jogamp2025a.org.key.mail.pem
+# Client Cert
+O ClientCertFile=/etc/ssl/local/jogamp2025a.org.crt.pem
+# Client private key
+O ClientKeyFile=/etc/ssl/local/jogamp2025a.org.key.mail.pem
+# File containing certificate revocation lists 
+#O CRLFile
+# DHParameters (only required if DSA/DH is used)
+O DHParameters=/etc/mail/tls/sendmail-common.prm
+# Random data source (required for systems without /dev/urandom under OpenSSL)
+#O RandFile
+# fingerprint algorithm (digest) to use for the presented cert
+#O CertFingerprintAlgorithm
+
+# Maximum number of "useless" commands before slowing down
+#O MaxNOOPCommands=20
+
+# Name to use for EHLO (defaults to $j)
+#O HeloName
+
+
+
+############################
+# QUEUE GROUP DEFINITIONS  #
+############################
+
+
+###########################
+#   Message precedences   #
+###########################
+
+Pfirst-class=0
+Pspecial-delivery=100
+Plist=-30
+Pbulk=-60
+Pjunk=-100
+
+#####################
+#   Trusted users   #
+#####################
+
+# this is equivalent to setting class "t"
+Ft/etc/mail/trusted-users %[^\#]
+Troot
+Tdaemon
+Tuucp
+
+#########################
+#   Format of headers   #
+#########################
+
+H?P?Return-Path: <$g>
+HReceived: $?sfrom $s $.$?_($?s$|from $.$_)
+	$.$?{auth_type}(authenticated$?{auth_ssf} bits=${auth_ssf}$.)
+	$.by $j ($v/$Z)$?r with $r$. id $i$?{tls_version}
+	(version=${tls_version} cipher=${cipher} bits=${cipher_bits} verify=${verify})$.$?u
+	for $u; $|;
+	$.$b
+H?D?Resent-Date: $a
+H?D?Date: $a
+H?F?Resent-From: $?x$x <$g>$|$g$.
+H?F?From: $?x$x <$g>$|$g$.
+H?x?Full-Name: $x
+# HPosted-Date: $a
+# H?l?Received-Date: $b
+H?M?Resent-Message-Id: <$t.$i@$j>
+H?M?Message-Id: <$t.$i@$j>
+
+#
+######################################################################
+######################################################################
+#####
+#####			REWRITING RULES
+#####
+######################################################################
+######################################################################
+
+############################################
+###  Ruleset 3 -- Name Canonicalization  ###
+############################################
+Scanonify=3
+
+# handle null input (translate to <@> special case)
+R$@			$@ <@>
+
+# strip group: syntax (not inside angle brackets!) and trailing semicolon
+R$*			$: $1 <@>			mark addresses
+R$* < $* > $* <@>	$: $1 < $2 > $3			unmark <addr>
+R@ $* <@>		$: @ $1				unmark @host:...
+R$* [ IPv6 : $+ ] <@>	$: $1 [ IPv6 : $2 ]		unmark IPv6 addr
+R$* :: $* <@>		$: $1 :: $2			unmark node::addr
+R:include: $* <@>	$: :include: $1			unmark :include:...
+R$* : $* [ $* ]		$: $1 : $2 [ $3 ] <@>		remark if leading colon
+R$* : $* <@>		$: $2				strip colon if marked
+R$* <@>			$: $1				unmark
+R$* ;			   $1				strip trailing semi
+R$* < $+ :; > $*	$@ $2 :; <@>			catch <list:;>
+R$* < $* ; >		   $1 < $2 >			bogus bracketed semi
+
+# null input now results from list:; syntax
+R$@			$@ :; <@>
+
+# strip angle brackets -- note RFC733 heuristic to get innermost item
+R$*			$: < $1 >			housekeeping <>
+R$+ < $* >		   < $2 >			strip excess on left
+R< $* > $+		   < $1 >			strip excess on right
+R<>			$@ < @ >			MAIL FROM:<> case
+R< $+ >			$: $1				remove housekeeping <>
+
+# strip route address <@a,@b,@c:user@d> -> <user@d>
+R@ $+ , $+		$2
+R@ [ $* ] : $+		$2
+R@ $+ : $+		$2
+
+# find focus for list syntax
+R $+ : $* ; @ $+	$@ $>Canonify2 $1 : $2 ; < @ $3 >	list syntax
+R $+ : $* ;		$@ $1 : $2;			list syntax
+
+# find focus for @ syntax addresses
+R$+ @ $+		$: $1 < @ $2 >			focus on domain
+R$+ < $+ @ $+ >		$1 $2 < @ $3 >			move gaze right
+R$+ < @ $+ >		$@ $>Canonify2 $1 < @ $2 >	already canonical
+
+
+# convert old-style addresses to a domain-based address
+R$- ! $+		$@ $>Canonify2 $2 < @ $1 .UUCP >	resolve uucp names
+R$+ . $- ! $+		$@ $>Canonify2 $3 < @ $1 . $2 >		domain uucps
+R$+ ! $+		$@ $>Canonify2 $2 < @ $1 .UUCP >	uucp subdomains
+
+# if we have % signs, take the rightmost one
+R$* % $*		$1 @ $2				First make them all @s.
+R$* @ $* @ $*		$1 % $2 @ $3			Undo all but the last.
+
+R$* @ $*		$@ $>Canonify2 $1 < @ $2 >	Insert < > and finish
+
+# else we must be a local name
+R$*			$@ $>Canonify2 $1
+
+
+################################################
+###  Ruleset 96 -- bottom half of ruleset 3  ###
+################################################
+
+SCanonify2=96
+
+# handle special cases for local names
+R$* < @ localhost > $*		$: $1 < @ $j . > $2		no domain at all
+R$* < @ localhost . $m > $*	$: $1 < @ $j . > $2		local domain
+R$* < @ localhost . UUCP > $*	$: $1 < @ $j . > $2		.UUCP domain
+
+# check for IPv4/IPv6 domain literal
+R$* < @ [ $+ ] > $*		$: $1 < @@ [ $2 ] > $3		mark [addr]
+R$* < @@ $=w > $*		$: $1 < @ $j . > $3		self-literal
+R$* < @@ $+ > $*		$@ $1 < @ $2 > $3		canon IP addr
+
+
+
+
+
+# if really UUCP, handle it immediately
+
+# try UUCP traffic as a local address
+R$* < @ $+ . UUCP > $*		$: $1 < @ $[ $2 $] . UUCP . > $3
+R$* < @ $+ . . UUCP . > $*	$@ $1 < @ $2 . > $3
+
+# hostnames ending in class P are always canonical
+R$* < @ $* $=P > $*		$: $1 < @ $2 $3 . > $4
+R$* < @ $* $~P > $*		$: $&{daemon_flags} $| $1 < @ $2 $3 > $4
+R$* CC $* $| $* < @ $+.$+ > $*	$: $3 < @ $4.$5 . > $6
+R$* CC $* $| $*			$: $3
+# pass to name server to make hostname canonical
+R$* $| $* < @ $* > $*		$: $2 < @ $[ $3 $] > $4
+R$* $| $*			$: $2
+
+# local host aliases and pseudo-domains are always canonical
+R$* < @ $=w > $*		$: $1 < @ $2 . > $3
+R$* < @ $=M > $*		$: $1 < @ $2 . > $3
+R$* < @ $* . . > $*		$1 < @ $2 . > $3
+
+
+##################################################
+###  Ruleset 4 -- Final Output Post-rewriting  ###
+##################################################
+Sfinal=4
+
+R$+ :; <@>		$@ $1 :				handle <list:;>
+R$* <@>			$@				handle <> and list:;
+
+# strip trailing dot off possibly canonical name
+R$* < @ $+ . > $*	$1 < @ $2 > $3
+
+# eliminate internal code
+R$* < @ *LOCAL* > $*	$1 < @ $j > $2
+
+# externalize local domain info
+R$* < $+ > $*		$1 $2 $3			defocus
+R@ $+ : @ $+ : $+	@ $1 , @ $2 : $3		<route-addr> canonical
+R@ $*			$@ @ $1				... and exit
+
+# UUCP must always be presented in old form
+R$+ @ $- . UUCP		$2!$1				[email protected] => h!u
+
+# delete duplicate local names
+R$+ % $=w @ $=w		$1 @ $2				u%host@host => u@host
+
+
+
+##############################################################
+###   Ruleset 97 -- recanonicalize and call ruleset zero   ###
+###		   (used for recursive calls)		   ###
+##############################################################
+
+SRecurse=97
+R$*			$: $>canonify $1
+R$*			$@ $>parse $1
+
+
+######################################
+###   Ruleset 0 -- Parse Address   ###
+######################################
+
+Sparse=0
+
+R$*			$: $>Parse0 $1		initial parsing
+R<@>			$#local $: <@>		special case error msgs
+R$*			$: $>ParseLocal $1	handle local hacks
+R$*			$: $>Parse1 $1		final parsing
+
+#
+#  Parse0 -- do initial syntax checking and eliminate local addresses.
+#	This should either return with the (possibly modified) input
+#	or return with a #error mailer.  It should not return with a
+#	#mailer other than the #error mailer.
+#
+
+SParse0
+R<@>			$@ <@>			special case error msgs
+R$* : $* ; <@>		$#error $@ 5.1.3 $: "553 List:; syntax illegal for recipient addresses"
+R@ <@ $* >		< @ $1 >		catch "@@host" bogosity
+R<@ $+>			$#error $@ 5.1.3 $: "553 User address required"
+R$+ <@>			$#error $@ 5.1.3 $: "553 Hostname required"
+R$*			$: <> $1
+R<> $* < @ [ $* ] : $+ > $*	$1 < @ [ $2 ] : $3 > $4
+R<> $* < @ [ $* ] , $+ > $*	$1 < @ [ $2 ] , $3 > $4
+R<> $* < @ [ $* ] $+ > $*	$#error $@ 5.1.2 $: "553 Invalid address"
+R<> $* < @ [ $+ ] > $*		$1 < @ [ $2 ] > $3
+R<> $* <$* : $* > $*	$#error $@ 5.1.3 $: "553 Colon illegal in host name part"
+R<> $*			$1
+R$* < @ . $* > $*	$#error $@ 5.1.2 $: "553 Invalid host name"
+R$* < @ $* .. $* > $*	$#error $@ 5.1.2 $: "553 Invalid host name"
+R$* < @ $* @ > $*	$#error $@ 5.1.2 $: "553 Invalid route address"
+R$* @ $* < @ $* > $*	$#error $@ 5.1.3 $: "553 Invalid route address"
+R$* , $~O $*		$#error $@ 5.1.3 $: "553 Invalid route address"
+
+
+# now delete the local info -- note $=O to find characters that cause forwarding
+R$* < @ > $*		$@ $>Parse0 $>canonify $1	user@ => user
+R< @ $=w . > : $*	$@ $>Parse0 $>canonify $2	@here:... -> ...
+R$- < @ $=w . >		$: $(dequote $1 $) < @ $2 . >	dequote "foo"@here
+R< @ $+ >		$#error $@ 5.1.3 $: "553 User address required"
+R$* $=O $* < @ $=w . >	$@ $>Parse0 $>canonify $1 $2 $3	...@here -> ...
+R$- 			$: $(dequote $1 $) < @ *LOCAL* >	dequote "foo"
+R< @ *LOCAL* >		$#error $@ 5.1.3 $: "553 User address required"
+R$* $=O $* < @ *LOCAL* >
+			$@ $>Parse0 $>canonify $1 $2 $3	...@*LOCAL* -> ...
+R$* < @ *LOCAL* >	$: $1
+
+
+#
+#  Parse1 -- the bottom half of ruleset 0.
+#
+
+SParse1
+
+# handle numeric address spec
+R$* < @ [ $+ ] > $*	$: $>ParseLocal $1 < @ [ $2 ] > $3	numeric internet spec
+R$* < @ [ $+ ] > $*	$: $1 < @ [ $2 ] : $S > $3	Add smart host to path
+R$* < @ [ $+ ] : > $*		$#esmtp $@ [$2] $: $1 < @ [$2] > $3	no smarthost: send
+R$* < @ [ $+ ] : $- : $*> $*	$#$3 $@ $4 $: $1 < @ [$2] > $5	smarthost with mailer
+R$* < @ [ $+ ] : $+ > $*	$#esmtp $@ $3 $: $1 < @ [$2] > $4	smarthost without mailer
+
+
+# short circuit local delivery so forwarded email works
+
+
+R$=L < @ $=w . >	$#local $: @ $1			special local names
+R$+ < @ $=w . >		$#local $: $1			regular local name
+
+
+# resolve remotely connected UUCP links (if any)
+
+# resolve fake top level domains by forwarding to other hosts
+
+
+
+# pass names that still have a host to a smarthost (if defined)
+R$* < @ $* > $*		$: $>MailerToTriple < $S > $1 < @ $2 > $3	glue on smarthost name
+
+# deal with other remote names
+R$* < @$* > $*		$#esmtp $@ $2 $: $1 < @ $2 > $3	[email protected]
+
+# handle locally delivered names
+R$=L			$#local $: @ $1		special local names
+R$+			$#local $: $1			regular local names
+
+
+
+###########################################################################
+###   Ruleset 5 -- special rewriting after aliases have been expanded   ###
+###########################################################################
+
+SLocal_localaddr
+Slocaladdr=5
+R$+			$: $1 $| $>"Local_localaddr" $1
+R$+ $| $#ok		$@ $1			no change
+R$+ $| $#$*		$#$2
+R$+ $| $*		$: $1
+
+
+
+
+# deal with plussed users so aliases work nicely
+R$+ + *			$#local $@ $&h $: $1
+R$+ + $*		$#local $@ + $2 $: $1 + *
+
+# prepend an empty "forward host" on the front
+R$+			$: <> $1
+
+
+
+R< > $+			$: < > < $1 <> $&h >		nope, restore +detail
+
+R< > < $+ <> + $* >	$: < > < $1 + $2 >		check whether +detail
+R< > < $+ <> $* >	$: < > < $1 >			else discard
+R< > < $+ + $* > $*	   < > < $1 > + $2 $3		find the user part
+R< > < $+ > + $*	$#local $@ $2 $: @ $1		strip the extra +
+R< > < $+ >		$@ $1				no +detail
+R$+			$: $1 <> $&h			add +detail back in
+
+R$+ <> + $*		$: $1 + $2			check whether +detail
+R$+ <> $*		$: $1				else discard
+R< local : $* > $*	$: $>MailerToTriple < local : $1 > $2	no host extension
+R< error : $* > $*	$: $>MailerToTriple < error : $1 > $2	no host extension
+
+R< $~[ : $+ > $+	$: $>MailerToTriple < $1 : $2 > $3 < @ $2 >
+
+R< $+ > $+		$@ $>MailerToTriple < $1 > $2 < @ $1 >
+
+
+###################################################################
+###  Ruleset 95 -- canonify mailer:[user@]host syntax to triple	###
+###################################################################
+
+SMailerToTriple=95
+R< > $*				$@ $1			strip off null relay
+R< error : $-.$-.$- : $+ > $* 	$#error $@ $1.$2.$3 $: $4
+R< error : $- : $+ > $*		$#error $@ $(dequote $1 $) $: $2
+R< error : $+ > $*		$#error $: $1
+R< local : $* > $*		$>CanonLocal < $1 > $2
+R< $~[ : $+ @ $+ > $*<$*>$*	$# $1 $@ $3 $: $2<@$3>	use literal user
+R< $~[ : $+ > $*		$# $1 $@ $2 $: $3	try qualified mailer
+R< $=w > $*			$@ $2			delete local host
+R< $+ > $*			$#relay $@ $1 $: $2	use unqualified mailer
+
+###################################################################
+###  Ruleset CanonLocal -- canonify local: syntax		###
+###################################################################
+
+SCanonLocal
+# strip local host from routed addresses
+R< $* > < @ $+ > : $+		$@ $>Recurse $3
+R< $* > $+ $=O $+ < @ $+ >	$@ $>Recurse $2 $3 $4
+
+# strip trailing dot from any host name that may appear
+R< $* > $* < @ $* . >		$: < $1 > $2 < @ $3 >
+
+# handle local: syntax -- use old user, either with or without host
+R< > $* < @ $* > $*		$#local $@ $1@$2 $: $1
+R< > $+				$#local $@ $1    $: $1
+
+# handle local:user@host syntax -- ignore host part
+R< $+ @ $+ > $* < @ $* >	$: < $1 > $3 < @ $4 >
+
+# handle local:user syntax
+R< $+ > $* <@ $* > $*		$#local $@ $2@$3 $: $1
+R< $+ > $* 			$#local $@ $2    $: $1
+
+###################################################################
+###  Ruleset 93 -- convert header names to masqueraded form	###
+###################################################################
+
+SMasqHdr=93
+
+
+# do not masquerade anything in class N
+R$* < @ $* $=N . >	$@ $1 < @ $2 $3 . >
+
+R$* < @ *LOCAL* >	$@ $1 < @ $j . >
+
+###################################################################
+###  Ruleset 94 -- convert envelope names to masqueraded form	###
+###################################################################
+
+SMasqEnv=94
+R$* < @ *LOCAL* > $*	$: $1 < @ $j . > $2
+
+###################################################################
+###  Ruleset 98 -- local part of ruleset zero (can be null)	###
+###################################################################
+
+SParseLocal=98
+
+
+
+
+
+
+######################################################################
+###  CanonAddr --	Convert an address into a standard form for
+###			relay checking.  Route address syntax is
+###			crudely converted into a %-hack address.
+###
+###	Parameters:
+###		$1 -- full recipient address
+###
+###	Returns:
+###		parsed address, not in source route form
+######################################################################
+
+SCanonAddr
+R$*			$: $>Parse0 $>canonify $1	make domain canonical
+
+
+######################################################################
+###  ParseRecipient --	Strip off hosts in $=R as well as possibly
+###			$* $=m or the access database.
+###			Check user portion for host separators.
+###
+###	Parameters:
+###		$1 -- full recipient address
+###
+###	Returns:
+###		parsed, non-local-relaying address
+######################################################################
+
+SParseRecipient
+R$*				$: <?> $>CanonAddr $1
+R<?> $* < @ $* . >		<?> $1 < @ $2 >			strip trailing dots
+R<?> $- < @ $* >		$: <?> $(dequote $1 $) < @ $2 >	dequote local part
+
+# if no $=O character, no host in the user portion, we are done
+R<?> $* $=O $* < @ $* >		$: <NO> $1 $2 $3 < @ $4>
+R<?> $*				$@ $1
+
+
+R<NO> $* < @ $* $=R >		$: <RELAY> $1 < @ $2 $3 >
+
+
+
+R<RELAY> $* < @ $* >		$@ $>ParseRecipient $1
+R<$+> $*			$@ $2
+
+
+######################################################################
+###  check_relay -- check hostname/address on SMTP startup
+######################################################################
+
+
+
+SLocal_check_relay
+Scheck_relay
+R$*			$: $1 $| $>"Local_check_relay" $1
+R$* $| $* $| $#$*	$#$3
+R$* $| $* $| $*		$@ $>"Basic_check_relay" $1 $| $2
+
+SBasic_check_relay
+# check for deferred delivery mode
+R$*			$: < $&{deliveryMode} > $1
+R< d > $*		$@ deferred
+R< $* > $*		$: $2
+
+
+
+######################################################################
+###  check_mail -- check SMTP `MAIL FROM:' command argument
+######################################################################
+
+SLocal_check_mail
+Scheck_mail
+R$*			$: $1 $| $>"Local_check_mail" $1
+R$* $| $#$*		$#$2
+R$* $| $*		$@ $>"Basic_check_mail" $1
+
+SBasic_check_mail
+# check for deferred delivery mode
+R$*			$: < $&{deliveryMode} > $1
+R< d > $*		$@ deferred
+R< $* > $*		$: $2
+
+# authenticated?
+R$*			$: $1 $| $>"tls_client" $&{verify} $| MAIL
+R$* $| $#$+		$#$2
+R$* $| $*		$: $1
+
+R<>			$@ <OK>			we MUST accept <> (RFC 1123)
+R$+			$: <?> $1
+R<?><$+>		$: <@> <$1>
+R<?>$+			$: <@> <$1>
+R$*			$: $&{daemon_flags} $| $1
+R$* f $* $| <@> < $* @ $- >	$: < ? $&{client_name} > < $3 @ $4 >
+R$* u $* $| <@> < $* >	$: <?> < $3 >
+R$* $| $*		$: $2
+# handle case of @localhost on address
+R<@> < $* @ localhost >	$: < ? $&{client_name} > < $1 @ localhost >
+R<@> < $* @ [127.0.0.1] >
+			$: < ? $&{client_name} > < $1 @ [127.0.0.1] >
+R<@> < $* @ [IPv6:0:0:0:0:0:0:0:1] >
+			$: < ? $&{client_name} > < $1 @ [IPv6:0:0:0:0:0:0:0:1] >
+R<@> < $* @ [IPv6:::1] >
+			$: < ? $&{client_name} > < $1 @ [IPv6:::1] >
+R<@> < $* @ localhost.$m >
+			$: < ? $&{client_name} > < $1 @ localhost.$m >
+R<@> < $* @ localhost.UUCP >
+			$: < ? $&{client_name} > < $1 @ localhost.UUCP >
+R<@> $*			$: $1			no localhost as domain
+R<? $=w> $*		$: $2			local client: ok
+R<? $+> <$+>		$#error $@ 5.5.4 $: "553 Real domain name required for sender address"
+R<?> $*			$: $1
+R$*			$: <?> $>CanonAddr $1		canonify sender address and mark it
+R<?> $* < @ $+ . >	<?> $1 < @ $2 >			strip trailing dots
+# handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc)
+R<?> $* < @ $* $=P >	$: <OKR> $1 < @ $2 $3 >
+R<?> $* < @ $j >	$: <OKR> $1 < @ $j >
+R<?> $* < @ $+ >	$: <? $(resolve $2 $: $2 <PERM> $) > $1 < @ $2 >
+R<? $* <$->> $* < @ $+ >
+			$: <$2> $3 < @ $4 >
+
+
+# handle case of no @domain on address
+R<?> $*			$: $&{daemon_flags} $| <?> $1
+R$* u $* $| <?> $*	$: <OKR> $3
+R$* $| $*		$: $2
+R<?> $*			$: < ? $&{client_addr} > $1
+R<?> $*			$@ <OKR>			...local unqualed ok
+R<? $+> $*		$#error $@ 5.5.4 $: "553 Domain name required for sender address " $&f
+							...remote is not
+# check results
+R<?> $*			$: @ $1		mark address: nothing known about it
+R<$={ResOk}> $*		$: @ $2		domain ok
+R<TEMP> $*		$#error $@ 4.1.8 $: "451 Domain of sender address " $&f " does not resolve"
+R<PERM> $*		$#error $@ 5.1.8 $: "553 Domain of sender address " $&f " does not exist"
+
+
+
+######################################################################
+###  check_rcpt -- check SMTP `RCPT TO:' command argument
+######################################################################
+
+SLocal_check_rcpt
+Scheck_rcpt
+R$*			$: $1 $| $>"Local_check_rcpt" $1
+R$* $| $#$*		$#$2
+R$* $| $*		$@ $>"Basic_check_rcpt" $1
+
+SBasic_check_rcpt
+# empty address?
+R<>			$#error $@ nouser $: "553 User address required"
+R$@			$#error $@ nouser $: "553 User address required"
+# check for deferred delivery mode
+R$*			$: < $&{deliveryMode} > $1
+R< d > $*		$@ deferred
+R< $* > $*		$: $2
+
+
+######################################################################
+R$*			$: $1 $| @ $>"Rcpt_ok" $1
+R$* $| @ $#TEMP $+	$: $1 $| T $2
+R$* $| @ $#$*		$#$2
+R$* $| @ RELAY		$@ RELAY
+R$* $| @ $*		$: O $| $>"Relay_ok" $1
+R$* $| T $+		$: T $2 $| $>"Relay_ok" $1
+R$* $| $#TEMP $+	$#error $2
+R$* $| $#$*		$#$2
+R$* $| RELAY		$@ RELAY
+R T $+ $| $*		$#error $1
+# anything else is bogus
+R$*			$#error $@ 5.7.1 $: "550 Relaying denied"
+
+
+######################################################################
+### Rcpt_ok: is the recipient ok?
+######################################################################
+SRcpt_ok
+R$*			$: $>ParseRecipient $1		strip relayable hosts
+
+
+
+
+# authenticated via TLS?
+R$*			$: $1 $| $>RelayTLS	client authenticated?
+R$* $| $# $+		$# $2			error/ok?
+R$* $| $*		$: $1			no
+
+R$*			$: $1 $| $>"Local_Relay_Auth" $&{auth_type}
+R$* $| $# $*		$# $2
+R$* $| NO		$: $1
+R$* $| $*		$: $1 $| $&{auth_type}
+R$* $|			$: $1
+R$* $| $={TrustAuthMech}	$# RELAY
+R$* $| $*		$: $1
+# anything terminating locally is ok
+R$+ < @ $=w >		$@ RELAY
+R$+ < @ $* $=R >	$@ RELAY
+
+
+
+
+# check for local user (i.e. unqualified address)
+R$*			$: <?> $1
+R<?> $* < @ $+ >	$: <REMOTE> $1 < @ $2 >
+# local user is ok
+R<?> $+			$@ RELAY
+R<$+> $*		$: $2
+
+######################################################################
+### Relay_ok: is the relay/sender ok?
+######################################################################
+SRelay_ok
+# anything originating locally is ok
+# check IP address
+R$*			$: $&{client_addr}
+R$@			$@ RELAY		originated locally
+R0			$@ RELAY		originated locally
+R127.0.0.1		$@ RELAY		originated locally
+RIPv6:0:0:0:0:0:0:0:1	$@ RELAY		originated locally
+RIPv6:::1		$@ RELAY		originated locally
+R$=R $*			$@ RELAY		relayable IP address
+R$*			$: [ $1 ]		put brackets around it...
+R$=w			$@ RELAY		... and see if it is local
+
+
+# check client name: first: did it resolve?
+R$*			$: < $&{client_resolve} >
+R<TEMP>			$#TEMP $@ 4.4.0 $: "450 Relaying temporarily denied. Cannot resolve PTR record for " $&{client_addr}
+R<FORGED>		$#error $@ 5.7.1 $: "550 Relaying denied. IP name possibly forged " $&{client_name}
+R<FAIL>			$#error $@ 5.7.1 $: "550 Relaying denied. IP name lookup failed " $&{client_name}
+R$*			$: <@> $&{client_name}
+# pass to name server to make hostname canonical
+R<@> $* $=P 		$:<?>  $1 $2
+R<@> $+			$:<?>  $[ $1 $]
+R$* .			$1			strip trailing dots
+R<?> $=w		$@ RELAY
+R<?> $* $=R			$@ RELAY
+
+
+
+
+
+######################################################################
+###  trust_auth: is user trusted to authenticate as someone else?
+###
+###	Parameters:
+###		$1: AUTH= parameter from MAIL command
+######################################################################
+
+SLocal_trust_auth
+Strust_auth
+R$*			$: $&{auth_type} $| $1
+# required by RFC 2554 section 4.
+R$@ $| $*		$#error $@ 5.7.1 $: "550 not authenticated"
+R$* $| $&{auth_authen}		$@ identical
+R$* $| <$&{auth_authen}>	$@ identical
+R$* $| $*		$: $1 $| $>"Local_trust_auth" $2
+R$* $| $#$*		$#$2
+R$*			$#error $@ 5.7.1 $: "550 " $&{auth_authen} " not allowed to act as " $&{auth_author}
+
+######################################################################
+###  Relay_Auth: allow relaying based on authentication?
+###
+###	Parameters:
+###		$1: ${auth_type}
+######################################################################
+SLocal_Relay_Auth
+
+######################################################################
+###  srv_features: which features to offer to a client?
+###	(done in server)
+######################################################################
+Ssrv_features
+
+
+######################################################################
+###  try_tls: try to use STARTTLS?
+###	(done in client)
+######################################################################
+Stry_tls
+
+
+######################################################################
+###  tls_rcpt: is connection with server "good" enough?
+###	(done in client, per recipient)
+###
+###	Parameters:
+###		$1: recipient
+######################################################################
+Stls_rcpt
+
+
+######################################################################
+###  tls_client: is connection with client "good" enough?
+###	(done in server)
+###
+###	Parameters:
+###		${verify} $| (MAIL|STARTTLS)
+######################################################################
+Stls_client
+R$* $| $*	$@ $>"TLS_connection" $1
+
+######################################################################
+###  tls_server: is connection with server "good" enough?
+###	(done in client)
+###
+###	Parameter:
+###		${verify}
+######################################################################
+Stls_server
+R$*		$@ $>"TLS_connection" $1
+
+######################################################################
+###  TLS_connection: is TLS connection "good" enough?
+###
+###	Parameters:
+###		${verify}
+###		Requirement: RHS from access map, may be ? for none.
+######################################################################
+STLS_connection
+RSOFTWARE	$#error $@ 4.7.0 $: "403 TLS handshake."
+
+
+
+
+######################################################################
+###  RelayTLS: allow relaying based on TLS authentication
+###
+###	Parameters:
+###		none
+######################################################################
+SRelayTLS
+# authenticated?
+
+######################################################################
+###  authinfo: lookup authinfo in the access map
+###
+###	Parameters:
+###		$1: {server_name}
+###		$2: {server_addr}
+######################################################################
+Sauthinfo
+
+
+
+
+
+
+
+
+SLocal_localaddr
+R$+			$: $>ParseRecipient $1
+R$* < @ $+ > $*		$#relay $@ ${MTAHost} $: $1 < @ $2 > $3
+R$*			$#relay $@ ${MTAHost} $: $1 < @ $j >
+#
+######################################################################
+######################################################################
+#####
+#####			MAIL FILTER DEFINITIONS
+#####
+######################################################################
+######################################################################
+
+#
+######################################################################
+######################################################################
+#####
+#####			MAILER DEFINITIONS
+#####
+######################################################################
+######################################################################
+
+
+##################################################
+###   Local and Program Mailer specification   ###
+##################################################
+
+#####  $Id: local.m4,v 8.60 2013-11-22 20:51:14 ca Exp $  #####
+
+#
+#  Envelope sender rewriting
+#
+SEnvFromL
+R<@>			$n			errors to mailer-daemon
+R@ <@ $*>		$n			temporarily bypass Sun bogosity
+R$+			$: $>AddDomain $1	add local domain if needed
+R$*			$: $>MasqEnv $1		do masquerading
+
+#
+#  Envelope recipient rewriting
+#
+SEnvToL
+R$+ < @ $* >		$: $1			strip host part
+R$+ + $*		$: < $&{addr_type} > $1 + $2	mark with addr type
+R<e s> $+ + $*		$: $1			remove +detail for sender
+R< $* > $+		$: $2			else remove mark
+
+#
+#  Header sender rewriting
+#
+SHdrFromL
+R<@>			$n			errors to mailer-daemon
+R@ <@ $*>		$n			temporarily bypass Sun bogosity
+R$+			$: $>AddDomain $1	add local domain if needed
+R$*			$: $>MasqHdr $1		do masquerading
+
+#
+#  Header recipient rewriting
+#
+SHdrToL
+R$+			$: $>AddDomain $1	add local domain if needed
+R$* < @ *LOCAL* > $*	$: $1 < @ $j . > $2
+
+#
+#  Common code to add local domain name (only if always-add-domain)
+#
+SAddDomain
+
+Mlocal,		P=[IPC], F=lDFMuXkw5S, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL,
+		T=DNS/RFC822/SMTP,
+		A=TCP $h
+Mprog,		P=[IPC], F=lmDFMuXk5, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, D=$z:/,
+		T=X-Unix/X-Unix/X-Unix,
+		A=TCP $h
+
+#####################################
+###   SMTP Mailer specification   ###
+#####################################
+
+#####  $Id: smtp.m4,v 8.66 2013-11-22 20:51:14 ca Exp $  #####
+
+#
+#  common sender and masquerading recipient rewriting
+#
+SMasqSMTP
+R$* < @ $* > $*		$@ $1 < @ $2 > $3		already fully qualified
+R$+			$@ $1 < @ *LOCAL* >		add local qualification
+
+#
+#  convert pseudo-domain addresses to real domain addresses
+#
+SPseudoToReal
+
+# pass <route-addr>s through
+R< @ $+ > $*		$@ < @ $1 > $2			resolve <route-addr>
+
+# output fake domains as user%fake@relay
+
+# do UUCP heuristics; note that these are shared with UUCP mailers
+R$+ < @ $+ .UUCP. >	$: < $2 ! > $1			convert to UUCP form
+R$+ < @ $* > $*		$@ $1 < @ $2 > $3		not UUCP form
+
+# leave these in .UUCP form to avoid further tampering
+R< $&h ! > $- ! $+	$@ $2 < @ $1 .UUCP. >
+R< $&h ! > $-.$+ ! $+	$@ $3 < @ $1.$2 >
+R< $&h ! > $+		$@ $1 < @ $&h .UUCP. >
+R< $+ ! > $+		$: $1 ! $2 < @ $Y >		use UUCP_RELAY
+R$+ < @ $~[ $* : $+ >	$@ $1 < @ $4 >			strip mailer: part
+R$+ < @ >		$: $1 < @ *LOCAL* >		if no UUCP_RELAY
+
+
+#
+#  envelope sender rewriting
+#
+SEnvFromSMTP
+R$+			$: $>PseudoToReal $1		sender/recipient common
+R$* :; <@>		$@				list:; special case
+R$*			$: $>MasqSMTP $1		qualify unqual'ed names
+R$+			$: $>MasqEnv $1			do masquerading
+
+
+#
+#  envelope recipient rewriting --
+#  also header recipient if not masquerading recipients
+#
+SEnvToSMTP
+R$+			$: $>PseudoToReal $1		sender/recipient common
+R$+			$: $>MasqSMTP $1		qualify unqual'ed names
+R$* < @ *LOCAL* > $*	$: $1 < @ $j . > $2
+
+#
+#  header sender and masquerading header recipient rewriting
+#
+SHdrFromSMTP
+R$+			$: $>PseudoToReal $1		sender/recipient common
+R:; <@>			$@				list:; special case
+
+# do special header rewriting
+R$* <@> $*		$@ $1 <@> $2			pass null host through
+R< @ $* > $*		$@ < @ $1 > $2			pass route-addr through
+R$*			$: $>MasqSMTP $1		qualify unqual'ed names
+R$+			$: $>MasqHdr $1			do masquerading
+
+
+#
+#  relay mailer header masquerading recipient rewriting
+#
+SMasqRelay
+R$+			$: $>MasqSMTP $1
+R$+			$: $>MasqHdr $1
+
+Msmtp,		P=[IPC], F=mDFMuXk5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,
+		T=DNS/RFC822/SMTP,
+		A=TCP $h
+Mesmtp,		P=[IPC], F=mDFMuXak5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,
+		T=DNS/RFC822/SMTP,
+		A=TCP $h
+Msmtp8,		P=[IPC], F=mDFMuX8k5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,
+		T=DNS/RFC822/SMTP,
+		A=TCP $h
+Mdsmtp,		P=[IPC], F=mDFMuXa%k5, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,
+		T=DNS/RFC822/SMTP,
+		A=TCP $h
+Mrelay,		P=[IPC], F=mDFMuXa8k, S=EnvFromSMTP/HdrFromSMTP, R=MasqSMTP, E=\r\n, L=2040,
+		T=DNS/RFC822/SMTP,
+		A=TCP $h
+
+### /etc/mail/submit.mc ###
+# divert(-1)dnl
+# #-----------------------------------------------------------------------------
+# # $Sendmail: submit.mc,v 8.14.4 2013-02-11 11:12:33 cowboy Exp $
+# #
+# # Copyright (c) 2000-2010 Richard Nelson.  All Rights Reserved.
+# #
+# # cf/debian/submit.mc.  Generated from submit.mc.in by configure.
+# #
+# # submit.mc prototype config file for building Sendmail 8.14.4
+# #
+# # Note: the .in file supports 8.7.6 - 9.0.0, but the generated
+# #	file is customized to the version noted above.
+# #
+# # This file is used to configure Sendmail for use with Debian systems.
+# #
+# # If you modify this file, you will have to regenerate /etc/mail/submit.cf
+# # by running this file through the m4 preprocessor via one of the following:
+# #	* make  (or make -C /etc/mail)
+# #	* sendmailconfig
+# #	* m4 /etc/mail/submit.mc > /etc/mail/submit.cf
+# # The first two options are preferred as they will also update other files
+# # that depend upon the contents of this file.
+# #
+# # The best documentation for this .mc file is:
+# # /usr/share/doc/sendmail-doc/cf.README.gz
+# #
+# #-----------------------------------------------------------------------------
+# divert(0)dnl
+# #
+# #   Copyright (c) 2000-2002 Richard Nelson.  All Rights Reserved.
+# #
+# #  This file is used to configure Sendmail for use with Debian systems.
+# #
+# define(`_USE_ETC_MAIL_')dnl
+# include(`/usr/share/sendmail/cf/m4/cf.m4')dnl
+# VERSIONID(`$Id: submit.mc, v 8.14.4-4 2013-02-11 11:12:33 cowboy Exp $')
+# OSTYPE(`debian')dnl
+# DOMAIN(`debian-msp')dnl
+# dnl #
+# dnl #---------------------------------------------------------------------
+# dnl # Masquerading information, if needed, should go here
+# dnl # You likely will not need this, as the MTA will do it
+# dnl #---------------------------------------------------------------------
+# dnl MASQUERADE_AS()dnl
+# dnl FEATURE(`masquerade_envelope')dnl
+# dnl #
+# FEATURE(`use_ct_file')dnl
+# dnl #---------------------------------------------------------------------
+# dnl # The real reason we're here: the FEATURE(msp)
+# dnl # NOTE WELL:  MSA (587) should have M=Ea, so we need to use stock 25
+# dnl #---------------------------------------------------------------------
+# FEATURE(`msp', `[127.0.0.1]', `25')dnl
+# dnl #
+# dnl #---------------------------------------------------------------------
+# dnl # Some minor cleanup from FEATURE(msp)
+# dnl #---------------------------------------------------------------------
+# dnl #
+# dnl #---------------------------------------------------------------------
+# include(`/etc/mail/tls/starttls.m4')dnl
author	Sven Göthel <[email protected]>	2024-03-03 05:48:03 +0100
committer	Sven Göthel <[email protected]>	2024-03-03 05:48:03 +0100
commit	ebed7c30d137467ec28e857afc6fa5f07ad5ba7a (patch)
tree	93d4194df75cad1c22dc886a059e39ce11a68740
parent	a0577e13b8c65a8d728e4095bbb2c027d84311fe (diff)