Public paste
Undefined
By: Guest | Date: Oct 23 2018 12:17 | Format: None | Expires: never | Size: 8.31 KB | Hits: 2043

  1. divert(-1)dnl
  2. dnl #
  3. dnl # This is the sendmail macro config file for m4. If you make changes to
  4. dnl # /etc/mail/sendmail.mc, you will need to regenerate the
  5. dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is
  6. dnl # installed and then performing a
  7. dnl #
  8. dnl #     /etc/mail/make
  9. dnl #
  10. include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
  11. VERSIONID(`setup for linux')dnl
  12. OSTYPE(`linux')dnl
  13. dnl #
  14. dnl # Do not advertize sendmail version.
  15. dnl #
  16. dnl define(`confSMTP_LOGIN_MSG', `$j Sendmail; $b')dnl
  17. dnl #
  18. dnl # default logging level is 9, you might want to set it higher to
  19. dnl # debug the configuration
  20. dnl #
  21. dnl define(`confLOG_LEVEL', `9')dnl
  22. dnl #
  23. dnl # Uncomment and edit the following line if your outgoing mail needs to
  24. dnl # be sent out through an external mail server:
  25. dnl #
  26. dnl define(`SMART_HOST', `smtp.your.provider')dnl
  27. dnl #
  28. define(`confDEF_USER_ID', ``8:12'')dnl
  29. dnl define(`confAUTO_REBUILD')dnl
  30. define(`confTO_CONNECT', `1m')dnl
  31. define(`confTRY_NULL_MX_LIST', `True')dnl
  32. define(`confDONT_PROBE_INTERFACES', `True')dnl
  33. define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl
  34. define(`ALIAS_FILE', `/etc/aliases')dnl
  35. define(`STATUS_FILE', `/var/log/mail/statistics')dnl
  36. define(`UUCP_MAILER_MAX', `2000000')dnl
  37. define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
  38. define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
  39. define(`confAUTH_OPTIONS', `A p')dnl
  40. dnl #
  41. dnl # The following allows relaying if the user authenticates, and disallows
  42. dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
  43. dnl #
  44. dnl define(`confAUTH_OPTIONS', `A p')dnl
  45. dnl #
  46. dnl # PLAIN is the preferred plaintext authentication method and used by
  47. dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do
  48. dnl # use LOGIN. Other mechanisms should be used if the connection is not
  49. dnl # guaranteed secure.
  50. dnl # Please remember that saslauthd needs to be running for AUTH.
  51. dnl #
  52. dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
  53. dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
  54. dnl #
  55. dnl # Rudimentary information on creating certificates for sendmail TLS:
  56. dnl #     cd /etc/pki/tls/certs; make sendmail.pem
  57. dnl # Complete usage:
  58. dnl #     make -C /etc/pki/tls/certs usage
  59. dnl #
  60. dnl define(`confCACERT_PATH', `/etc/pki/tls/certs')dnl
  61. dnl define(`confCACERT', `/etc/pki/tls/certs/avalonia_dk_ca-bundle.crt')dnl
  62. dnl define(`confSERVER_CERT', `/etc/pki/tls/certs/avalonia_dk.pem')dnl
  63. dnl define(`confSERVER_KEY', `/etc/pki/tls/certs/avalonia_dk.pem')dnl
  64. dnl #
  65. dnl # This allows sendmail to use a keyfile that is shared with OpenLDAP's
  66. dnl # slapd, which requires the file to be readble by group ldap
  67. dnl #
  68. dnl define(`confDONT_BLAME_SENDMAIL', `groupreadablekeyfile')dnl
  69. dnl #
  70. dnl define(`confTO_QUEUEWARN', `4h')dnl
  71. dnl define(`confTO_QUEUERETURN', `5d')dnl
  72. dnl define(`confQUEUE_LA', `12')dnl
  73. dnl define(`confREFUSE_LA', `18')dnl
  74. define(`confTO_IDENT', `0')dnl
  75. dnl # If you're operating in a DSCP/RFC-4594 environment with QoS
  76. dnl define(`confINET_QOS', `AF11')dnl
  77. dnl FEATURE(delay_checks)dnl
  78. FEATURE(`no_default_msa', `dnl')dnl
  79. FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
  80. FEATURE(`mailertable', `hash -o /etc/mail/mailertable.db')dnl
  81. FEATURE(`virtusertable', `hash -o /etc/mail/virtusertable.db')dnl
  82. FEATURE(redirect)dnl
  83. FEATURE(always_add_domain)dnl
  84. FEATURE(use_cw_file)dnl
  85. FEATURE(use_ct_file)dnl
  86. dnl #
  87. dnl # The following limits the number of processes sendmail can fork to accept
  88. dnl # incoming messages or process its message queues to 20.) sendmail refuses
  89. dnl # to accept connections once it has reached its quota of child processes.
  90. dnl #
  91. dnl define(`confMAX_DAEMON_CHILDREN', `20')dnl
  92. dnl #
  93. dnl # Limits the number of new connections per second. This caps the overhead
  94. dnl # incurred due to forking new sendmail processes. May be useful against
  95. dnl # DoS attacks or barrages of spam. (As mentioned below, a per-IP address
  96. dnl # limit would be useful but is not available as an option at this writing.)
  97. dnl #
  98. dnl define(`confCONNECTION_RATE_THROTTLE', `3')dnl
  99. dnl #
  100. dnl # The -t option will retry delivery if e.g. the user runs over his quota.
  101. dnl #
  102. FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl
  103. FEATURE(`access_db', `hash -T<TMPF> -o /etc/mail/access.db')dnl
  104. FEATURE(`blacklist_recipients')dnl
  105. EXPOSED_USER(`root')dnl
  106. dnl #
  107. dnl # For using Cyrus-IMAPd as POP3/IMAP server through LMTP delivery uncomment
  108. dnl # the following 2 definitions and activate below in the MAILER section the
  109. dnl # cyrusv2 mailer.
  110. dnl #
  111. dnl define(`confLOCAL_MAILER', `cyrusv2')dnl
  112. dnl define(`CYRUSV2_MAILER_ARGS', `FILE /var/lib/imap/socket/lmtp')dnl
  113. dnl #
  114. dnl # The following causes sendmail to only listen on the IPv4 loopback address
  115. dnl # 127.0.0.1 and not on any other network devices. Remove the loopback
  116. dnl # address restriction to accept email from the internet or intranet.
  117. dnl #
  118. dnl #
  119. dnl # The following causes sendmail to additionally listen to port 587 for
  120. dnl # mail from MUAs that authenticate. Roaming users who can't reach their
  121. dnl # preferred sendmail daemon due to port 25 being blocked or redirected find
  122. dnl # this useful.
  123. dnl #
  124. dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
  125. dnl #
  126. dnl # The following causes sendmail to additionally listen to port 465, but
  127. dnl # starting immediately in TLS mode upon connecting. Port 25 or 587 followed
  128. dnl # by STARTTLS is preferred, but roaming clients using Outlook Express can't
  129. dnl # do STARTTLS on ports other than 25. Mozilla Mail can ONLY use STARTTLS
  130. dnl # and doesn't support the deprecated smtps; Evolution <1.1.1 uses smtps
  131. dnl # when SSL is enabled-- STARTTLS support is available in version 1.1.1.
  132. dnl #
  133. dnl # For this to work your OpenSSL certificates must be configured.
  134. dnl #
  135. dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
  136. #dnl DAEMON_OPTIONS(`Port=smtps, Addr=127.0.0.1, Name=MTA, M=s')dnl
  137. dnl #
  138. dnl # The following causes sendmail to additionally listen on the IPv6 loopback
  139. dnl # device. Remove the loopback address restriction listen to the network.
  140. dnl #
  141. dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6')dnl
  142. dnl #
  143. dnl # enable both ipv6 and ipv4 in sendmail:
  144. dnl #
  145. dnl DAEMON_OPTIONS(`Name=MTA-v4, Family=inet, Name=MTA-v6, Family=inet6')
  146. dnl #
  147. dnl # We strongly recommend not accepting unresolvable domains if you want to
  148. dnl # protect yourself from spam. However, the laptop and users on computers
  149. dnl # that do not have 24x7 DNS do need this.
  150. dnl #
  151. FEATURE(`accept_unresolvable_domains')dnl
  152. dnl #
  153. dnl FEATURE(`relay_based_on_MX')dnl
  154. dnl #
  155. dnl # Also accept email sent to "localhost.localdomain" as local email.
  156. dnl #
  157. LOCAL_DOMAIN(`localhost.localdomain')dnl
  158. dnl #
  159. dnl # The following example makes mail from this host and any additional
  160. dnl # specified domains appear to be sent from mydomain.com
  161. dnl #
  162. dnl MASQUERADE_AS(`mydomain.com')dnl
  163. dnl #
  164. dnl # masquerade not just the headers, but the envelope as well
  165. dnl #
  166. dnl FEATURE(masquerade_envelope)dnl
  167. dnl #
  168. dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well
  169. dnl #
  170. dnl FEATURE(masquerade_entire_domain)dnl
  171. dnl #
  172. dnl MASQUERADE_DOMAIN(localhost)dnl
  173. dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl
  174. dnl MASQUERADE_DOMAIN(mydomainalias.com)dnl
  175. dnl MASQUERADE_DOMAIN(mydomain.lan)dnl
  176. MAILER(smtp)dnl
  177. MAILER(procmail)dnl
  178. dnl MAILER(cyrusv2)dnl
  179. DAEMON_OPTIONS(`Name=MTA')
  180. # KS CUSTOM
  181.  
  182. dnl  #turns off the request for a client certificate during the TLS handshake
  183. define(`confTLS_SRV_OPTIONS',`V')dnl
  184. dnl # OPTIONAL message displayed by   the smtp daemon
  185. define(`confSMTP_LOGIN_MSG',`$j MTA Avalonia.dk ')dnl
  186. dnl # from your sendmail.mc  define(`confAUTH_OPTIONS',`A')  the  A option mean "do not offer AUTH"
  187. dnl # offer authentication only after a secure channel is active
  188. dnl #   Options `A' and `P' suppress SMTP AUTH and PIPELINING, respectively.
  189. dnl #  `c' is the equivalent to AuthOptions=p, i.e.,
  190. dnl #   it doesn't permit mechanisms susceptible to simple
  191. dnl #   passive attack (e.g., PLAIN, LOGIN), unless a security layer is active.
  192. define(`confAUTH_OPTIONS',`A p y')dnl
  193. dnl Type of encryption offered and offered
  194. TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
  195. define(`confAUTH_MECHANISMS',`LOGIN PLAIN')dnl
  196. dnl # OPTIONAL The timeout waiting for a response to an SMTP STARTTLS command
  197. define(`confTO_STARTTLS',`2m')dnl
  198.