3 dnl # This is the sendmail macro config file for m4. If you make changes to
4 dnl # /etc/mail/sendmail.mc, you will need to regenerate the
5 dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is
6 dnl # installed and then performing a
8 dnl # make -C /etc/mail
10 include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
11 VERSIONID(`setup for Red Hat Linux')dnl
14 dnl # default logging level is 9, you might want to set it higher to
15 dnl # debug the configuration
17 dnl define(`confLOG_LEVEL', `9')dnl
19 dnl # Uncomment and edit the following line if your outgoing mail needs to
20 dnl # be sent out through an external mail server:
22 dnl define(`SMART_HOST',`smtp.your.provider')
24 define(`confDEF_USER_ID',``8:12'')dnl
25 dnl define(`confAUTO_REBUILD')dnl
26 define(`confTO_CONNECT', `1m')dnl
27 define(`confTRY_NULL_MX_LIST',true)dnl
28 define(`confDONT_PROBE_INTERFACES',true)dnl
29 define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
30 define(`ALIAS_FILE', `/etc/aliases')dnl
31 define(`STATUS_FILE', `/var/log/mail/statistics')dnl
32 define(`UUCP_MAILER_MAX', `2000000')dnl
33 define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
34 define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
35 define(`confAUTH_OPTIONS', `A')dnl
37 dnl # The following allows relaying if the user authenticates, and disallows
38 dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
40 dnl define(`confAUTH_OPTIONS', `A p')dnl
42 dnl # PLAIN is the preferred plaintext authentication method and used by
43 dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do
44 dnl # use LOGIN. Other mechanisms should be used if the connection is not
45 dnl # guaranteed secure.
46 dnl # Please remember that saslauthd needs to be running for AUTH.
48 dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
49 dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
51 dnl # Rudimentary information on creating certificates for sendmail TLS:
52 dnl # make -C /usr/share/ssl/certs usage
53 dnl # or use the included makecert.sh script
55 define(`CERT_DIR',`/etc/mail/certs')
56 define(`confCACERT_PATH',`CERT_DIR')
57 define(`confCACERT',`CERT_DIR/cacert.pem')
58 define(`confSERVER_CERT',`CERT_DIR/cert.pem')
59 define(`confSERVER_KEY',`CERT_DIR/key.pem')
60 define(`confCLIENT_CERT',`CERT_DIR/cert.pem')
61 define(`confCLIENT_KEY',`CERT_DIR/key.pem')
63 dnl # This allows sendmail to use a keyfile that is shared with OpenLDAP's
64 dnl # slapd, which requires the file to be readble by group ldap
66 dnl define(`confDONT_BLAME_SENDMAIL',`groupreadablekeyfile')dnl
68 dnl define(`confTO_QUEUEWARN', `4h')dnl
69 dnl define(`confTO_QUEUERETURN', `5d')dnl
70 define(`confQUEUE_LA', `60000')dnl
71 define(`confREFUSE_LA', `60000')dnl
72 define(`confTO_IDENT', `0')dnl
73 dnl FEATURE(delay_checks)dnl
74 FEATURE(`no_default_msa',`dnl')dnl
75 FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
76 FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
77 FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
79 FEATURE(always_add_domain)dnl
80 FEATURE(use_cw_file)dnl
81 FEATURE(use_ct_file)dnl
83 dnl # The -t option will retry delivery if e.g. the user runs over his quota.
85 FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
86 FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
87 FEATURE(`blacklist_recipients')dnl
88 dnl EXPOSED_USER(`root')dnl
90 dnl # The following causes sendmail to only listen on the IPv4 loopback address
91 dnl # 127.0.0.1 and not on any other network devices. Remove the loopback
92 dnl # address restriction to accept email from the internet or intranet.
94 DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
96 dnl # The following causes sendmail to additionally listen to port 587 for
97 dnl # mail from MUAs that authenticate. Roaming users who can't reach their
98 dnl # preferred sendmail daemon due to port 25 being blocked or redirected find
101 dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
103 dnl # The following causes sendmail to additionally listen to port 465, but
104 dnl # starting immediately in TLS mode upon connecting. Port 25 or 587 followed
105 dnl # by STARTTLS is preferred, but roaming clients using Outlook Express can't
106 dnl # do STARTTLS on ports other than 25. Mozilla Mail can ONLY use STARTTLS
107 dnl # and doesn't support the deprecated smtps; Evolution <1.1.1 uses smtps
108 dnl # when SSL is enabled-- STARTTLS support is available in version 1.1.1.
110 dnl # For this to work your OpenSSL certificates must be configured.
112 dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
114 dnl # The following causes sendmail to additionally listen on the IPv6 loopback
115 dnl # device. Remove the loopback address restriction listen to the network.
117 dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6')dnl
119 dnl # enable both ipv6 and ipv4 in sendmail:
121 dnl DAEMON_OPTIONS(`Name=MTA-v4, Family=inet, Name=MTA-v6, Family=inet6')
123 dnl # We strongly recommend not accepting unresolvable domains if you want to
124 dnl # protect yourself from spam. However, the laptop and users on computers
125 dnl # that do not have 24x7 DNS do need this.
127 FEATURE(`accept_unresolvable_domains')dnl
129 dnl FEATURE(`relay_based_on_MX')dnl
131 dnl # Also accept email sent to "localhost.localdomain" as local email.
133 LOCAL_DOMAIN(`localhost.localdomain')dnl
135 dnl # The following example makes mail from this host and any additional
136 dnl # specified domains appear to be sent from mydomain.com
138 MASQUERADE_AS(`planet-lab.org')dnl
140 dnl # masquerade not just the headers, but the envelope as well
142 FEATURE(masquerade_envelope)dnl
144 dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well
146 FEATURE(masquerade_entire_domain)dnl
148 MASQUERADE_DOMAIN(localhost)dnl
149 MASQUERADE_DOMAIN(localhost.localdomain)dnl
150 dnl MASQUERADE_DOMAIN(mydomainalias.com)dnl
151 dnl MASQUERADE_DOMAIN(mydomain.lan)dnl