The sendmail distribution comes with several sample configuration files. Chapter 10 provides an example of how the tcpproto.mc file is modified to produce a configuration file suitable for a Linux system. The prototype files are m4 macro configuration files that produce usable sendmail.cf files as output. The prototype files are located in the sendmail/cf/cf directory of the sendmail distribution. Use those prototypes as examples of reasonable sendmail configurations.
All of the sendmail configuration files are composed of the following m4 macros: [E]
[E] By convention, m4 macros are shown in uppercase, and built-in m4 commands are shown in lowercase.
Directs the output of the m4 process.
Deletes all characters up to the next newline.
Defines the version number of the .mc source file. RCS or SCCS version numbers are commonly used. This command is optional.
Points to the m4 source file that contains the operating system-specific information for this configuration. This is required.
Points to the m4 source file that contains configuration information specific to this domain. This is optional.
Defines the hostname aliases for the server.
Defines domains that should be converted to canonical format even if the nocanonify feature is set.
Identifies a file that contains the list of domains that should be converted to canonical format even if the nocanonify feature is set.
Defines domain names that should be processed through the genericstable database.
Identifies a file that contains the list of domains that should be processed through the genericstable database.
Defines domains that should be routed according to directions found in the LDAP directory.
Identifies a file that lists the domains that should be routed according to directions found in the LDAP directory.
Defines the domains for which this server should relay mail.
Identifies a file that lists the domains for which this server should relay mail.
Defines the virtual domains that should be processed through the virtusertable.
Identifies a file that lists the virtual domains that should be processed through the virtusertable.
Points to an m4 source file that defines an optional sendmail feature. This is not required for m4 to process the .mc source file, but many configurations have multiple FEATURE entries.
Defines the domain name used to masquerade outgoing mail.
Defines domains that should be masqueraded.
Identifies a file that lists the domains that should be masqueraded.
Defines a host that should not be masqueraded even if the domain is being masqueraded.
Defines usernames that prevent masquerading. If the user portion of the address contains one of these names, the host portion of the address is not masqueraded.
Points to an m4 source file that contains site-specific configuration information. This is a temporary configuration used to fix a temporary problem. The use of HACK is discouraged.
Identifies a locally connected UUCP host.
Points to a source file that contains m4 SITE commands that define the UUCP sites connected to this host. The format of the command is: SITECONFIG(file, local-hostname, class), which reads the UUCP hostnames from file into class.
Maps a UUCP hostname to an Internet hostname.
Defines a local value. Most "defines" are done in the m4 source files that are called by the .mc file, not in the .mc file itself. It can define a value for a sendmail.cf macro, option, or other command.
Clears the value set for a configuration parameter.
Points to an m4 source file that contains the configuration commands that define a sendmail mailer. At least one MAILER command must appear in the configuration file. Generally more than one MAILER command is used.
Heads a section of sendmail.cf commands that define a custom mailer.
Overrides the flags defined for a mailer.
Defines a mail filter.
Defines a mail filter and the variables necessary to call the filter.
Defines runtime options for the sendmail daemon.
Defines a list of trusted authorization mechanisms.
Heads a section of code to be added to ruleset n, where n is 0, 1, 2, or 3. The code that follows the LOCAL_RULE_n command is composed of standard sendmail.cf rewrite rules.[E] The LOCAL_RULE_n command is rarely used.
[E] The one exception to this is the UUCPSMTP macro that can be used in the local rule.
Heads a section of code that defines a custom ruleset.
Defines usernames that should be exempted from relaying even when local mail is being relayed.
Heads a section of sendmail.cf code that defines how mail destined for the local host is processed.
Heads a section of code to be added to the sendmail.cf file after the local information section and before the rewrite rules. The section of code contains standard sendmail.cf configuration commands. This macro is rarely used.
The built-in m4 commands shown abovethose listed in lowercase charactersare divided between those that control the flow of output and those that set macro values. The two commands that control the flow of output are dnl and divert. Text following the dnl command is not sent to the output file. Thus it is used at the beginning of a line on a comment. The divert(-1) command sends output to the "bit-bucket" and marks the start of a block of comments. The divert(0) command directs output to standard m4 processing. In addition to -1 and 0, the divert command accepts nine other numeric arguments: the values 1 to 9. These other values are used in the m4 macro source code to direct data to various parts of the sendmail.cf file. You will not use these values in your own configuration. Instead you will use other commands to direct data to specific parts of the sendmail.cf file.
The commands LOCAL_CONFIG, LOCAL_USER, LOCAL_RULESETS, MAILER_DEFINITION, LOCAL_NET_CONFIG, and LOCAL_RULE allow you to send data to various parts of the sendmail.cf file without using the various divert values directly. Commands such as LOCAL_CONFIG and MAILER_DEFINITION mark the start of raw sendmail.cf code that should be included in some part of the output file. These commands make it possible for you to customize the sendmail.cf file in any possible way.
The built-in m4 commands define and undefine set macro values. define sets a variable to a value and undefine resets it to its default value. More configuration parameters can be controlled through the define command than through any other, and, correspondingly, more of this appendix is dedicated to define parameters than to anything else.
Almost half of the m4 macros act like the define command and simply set a parameter to a value. MASQUERADE_AS, MASQUERADE_DOMAIN, RELAY_DOMAIN, and VIRTUSER_DOMAIN_FILE are all examples of commands used to set variables.
The TRUST_AUTH_MECH macro is a good example of a macro that complements a define. As you'll see in Section E.3.1 of this appendix, the parameter confAUTH_MECHANISMS can be used to define the trusted authentication mechanisms your server advertises to other servers. The TRUST_AUTH_MECH macro is the inverse of this. It identifies the mechanism that your server accepts from other servers. The same list of keywords used to configure the confAUTH_MECHANISMS parameter in Section E.3.1 can be used to configure TRUST_AUTH_MECHANISMS.
The macro names OSTYPE, DOMAIN, FEATURE, MAILER, HACK, and SITECONFIG are all names of subdirectories within the cf directory. The value passed to each of these macros is the name of a file within the specified directory. For example, the command FEATURE(nouucp) tells m4 to load the file nouucp.m4 from the ostype directory and process the m4 source code found there. The .m4 source files pointed to by the OSTYPE, DOMAIN, FEATURE, and MAILER commands are built primarily from define and FEATURE commands.
Two of the macros that are also directory names, SITECONFIG and HACK, are rarely used. SITECONFIG points to a source file that contains SITE macros that define the UUCP sites connected to the local host. You create the file containing the SITE macros yourself and then invoke it with the SITECONFIG command. These commands, along with UUCPSMTP, are obsolete and maintained only for backward compatibility.
The HACK macro points to an m4 source file that contains a temporary site-specific fix to a sendmail problem. You create the file in the hack directory and then use the HACK command to add that file to the configuration. The use of hacks is discouraged and is generally unnecessary.
The following section provides additional information about the OSTYPE, DOMAIN, FEATURE, and MAILER macros and details of the various commands used to build the m4 source files they call. Chapter 10 provides an example of building a custom DOMAIN macro source file. The source files can contain any of the macros we have already mentioned as well as the additional ones documented below. The macro configuration (.mc) file also can contain any of the commands documented below. In fact, pretty much any macro can appear in any file.
To bring some order out of this chaos, the commands are organized according to the files they are most likely to appear in, which is similar to the organization found in the documentation that comes with the sendmail distribution. Just remember, actual implementation files may have a different organization. We start by examining the define macros and the FEATURE macros that are the primary building blocks of all the other files.
The syntax of the define macro is:
define( `parameter ', `value ')
where parameter is the keyword name of a sendmail configuration parameter and value is the value assigned to that configuration parameter. The parameter and the value are normally enclosed in single quotes to prevent inappropriate macro expansion. These are not balanced quotes. The opening quote is a grave sign (`), and the closing quote is an apostrophe (').
Many of the configuration parameters that can be set using the define command are shown below. Most of the parameters correspond to sendmail options, macros, or classes. The name of the option, macro, or class set by the parameter is listed in the parameter description enclosed in square brackets (). Macro names begin with a dollar sign ($j), class names begin with a dollar sign and an equals sign ($=w), and options are shown with long option names (SingleThreadDelivery). To find out more about these parameters, see the descriptions of the macros, options, and classes they represent that are provided later in this appendix.
Because many define parameters are equivalent to options, macros, and classes, the command:
placed in an m4 source file has the same effect as:
placed directly in the sendmail.cf file. If you compile and install a new version of sendmail, build your configuration with m4 and set values for macros, classes, and options with the m4 define macro.
The list of define parameters is quite long. However, because most of the parameters default to a reasonable value, they do not have to be explicitly set in the m4 source file. The default value of each parameter is shown in the listingunless there is no default.
Default is MAILER-DAEMON. The sender name used on error messages. [$n]
The full hostname. [$j]
The configuration file's version number. [$Z]
Default is $?x$x <$g>$|$g$. . The From: header format.
Default is $?sfrom $s $.$?_($?s$|from $.$_) $.by $j ($v/$Z)$?r with $r$. id $i$?u for $u$.; $b . The Received: header format.
Default is /etc/sendmail.cw. The file of local host aliases. [$=w]
Default is /etc/sendmail.ct. The file of trusted usernames. [$=t]
Trusted usernames to add to root, uucp, and daemon.
Default is esmtp. The mailer used for SMTP connections; must be smtp, smtp8, or esmtp.
Default is uucp-old. The default UUCP mailer.
Default is local. The mailer used for local connections.
Default is relay. The default mailer name for relaying.
Default is False. Forces input to seven bits. [SevenBitInput]
Default is pass8. Defines how 8-bit data is handled. [EightBitMode]
Default is 10m. The amount of time to wait for alias file rebuild. [AliasWait]
Default is 100. The minimum number of free blocks on the queue filesystem that must be available to accept SMTP mail. [MinFreeBlocks]
Default is infinite. The maximum message size. [MaxMessageSize]
The character used to replace unquoted blank characters in email addresses. [BlankSub]
Default is False. Tells system to hold mail bound for mailers that have the e flag set until the next queue run. [HoldExpensive]
Default is 10. Tells system to checkpoint the queue files after this number of queued items are processed. [CheckpointInterval]
Default is background. Sets the default delivery mode. [DeliveryMode]
Default is False. Automatically rebuilds alias file. [AutoRebuildAliases]
Default is print. Defines how errors are handled. [ErrorMode]
Points to a file containing a message that is prepended to error messages. [ErrorHeader]
Tells system not to discard Unix From: lines. They are discarded if this is not set. [SaveFromLine]
Default is 0600. File mode for temporary files. [TempFileMode]
Tells system to match the email username to the GECOS field. This match is not done if this is not set. [MatchGECOS]
Default is 25. The counter used to determine mail loops. [MaxHopCount]
Default is False. Tells system to ignore dots in incoming messages. [IgnoreDots]
Default is undefined. Sets options for DNS resolver. [ResolverOptions]
Default is True. Tells system to send MIME-encapsulated error messages. [SendMimeErrors]
Default is $z/.forward.$w:$z/.forward. Places to search for .forward files. [ForwardPath]
Default is 2. The number of open connections that can be cached. [ConnectionCacheSize]
Default is 5m. The amount of time inactive open connections are held in the cache. [ConnectionCacheTimeout]
Directory in which host status is saved. [HostStatusDirectory]
Default is False. Delivers errors using the Errors-To: header. [UseErrorsTo]
Default is 9. Level of detail for the log file. [LogLevel]
Default is False. Sends a copy to the sender. [MeToo]
Default is False. Looks up every alias during alias file build. [CheckAliases]
Default is True. Treats headers without special characters as old style. [OldStyleHeaders]
SMTP daemon options. [DaemonPortOptions]
Default is authwarnings. These flags restrict the use of some mail commands. [PrivacyOptions]
Address to receive copies of error messages. [PostmasterCopy]
Default is 600000. Used to calculate when a loaded system should queue mail instead of attempting delivery. [QueueFactor]
Default is False. Don't prune route-addresses to the minimum possible. [DontPruneRoutes]
Create a queue file, then attempt delivery. This is not done unless this parameter is specified. [SuperSafe]
Default is 5m. Maximum time to wait for the initial connect response. [Timeout.initial]
Default is 0. Maximum time to wait for a connect to complete. [Timeout.connect]
Maximum time to wait for the very first connect attempt to a host. [Timeout.iconnect]
Default is 5m. Maximum time to wait for a HELO or EHLO response. [Timeout.helo]
Default is 10m. Maximum time to wait for a MAIL command response. [Timeout.mail]
Default is 1h. Maximum time to wait for a RCPT command response. [Timeout.rcpt]
Default is 5m. Maximum time to wait for a DATA command response. [Timeout.datainit]
Default is 1h. Maximum time to wait for a block during DATA phase. [Timeout.datablock]
Default is 1h. Maximum time to wait for a response to the terminating ".". [Timeout.datafinal]
Default is 5m. Maximum time to wait for a RSET command response. [Timeout.rset]
Default is 2m. Maximum time to wait for a QUIT command response. [Timeout.quit]
Default is 2m. Maximum time to wait for other SMTP command responses. [Timeout.misc]
Default is 1h. Maximum time to wait for a command to be issued. [Timeout.command]
Default is 30s. Maximum time to wait for an IDENT query response. [Timeout.ident]
Default is 60s. Maximum time to wait for a file open. [Timeout.fileopen]
Default is 5d. Time until a message is returned from the queue as undeliverable. [Timeout.queuereturn]
"Undeliverable" timeout for normal priority messages. [Timeout.queuereturn.normal]
"Undeliverable" timeout for urgent priority messages. [Timeout.queuereturn.urgent]
"Undeliverable" timeout for low priority messages. [Timeout.queuereturn.non-urgent]
Default is 4h. Time until a "still queued" warning is sent about a message. [Timeout.queuewarn]
Time until a "still queued" warning is sent for normal priority messages. [Timeout.queuewarn.normal]
Time until a "still queued" warning is sent for urgent priority messages. [Timeout.queuewarn.urgent]
Time until a "still queued" warning is sent for low priority messages. [Timeout.queuewarn.non-urgent]
Default is 30m. Time for stale host status information. [Timeout.hoststatus]
Default is USE_SYSTEM. Sets time zone from the system (USE_SYSTEM) or the TZ variable (USE_TZ). [TimeZoneSpec]
Default is 1:1. Default user ID and group ID. [DefaultUser]
Path of the user database file. [UserDatabaseSpec]
Backup MX host. [FallbackMXhost]
Default is False. Instructs system to connect to the remote host directly if the MX points to the local host. [TryNullMXList]
Default is 8. Sends mail directly to the queue when this load average is reached. [QueueLA]
Default is 12. Refuses incoming SMTP connections at this load average. [RefuseLA]
If set, refuses connection when this number of children is reached. [MaxDaemonChildren]
Maximum number of connections permitted per second, if set. [ConnectionRateThrottle]
Default is 30000. Factor used to lower the priority of a job for each additional recipient. [RecipientFactor]
Default is False. Delivers messages with separate processes. [ForkEachJob]
Default is 1800. The factor used to favor a high-priority job. [ClassFactor]
Default is 90000. Factor used to lower the priority of a job for each delivery attempt. [RetryFactor]
Default is Priority. Sorts queue by Priority or Host order. [QueueSortOrder]
Default is 0. Minimum time a job must be queued. [MinQueueAge]
Default is unknown-8bit. Default character set for unlabeled 8-bit MIME data. [DefaultCharSet]
Default is /etc/service.switch. The path to the service switch file. [ServiceSwitchFile]
Default is /etc/hosts. The path to the hostnames file. [HostsFile]
Default is 0s. Amount of time to delay before retrying a "dial on demand" connection. 0s means "don't retry." [DialDelay]
Default is none. Handling for mail with no recipient headers: do nothing (none); add To: header (add-to); add Apparently-To: header (add-apparently-to); add a Bcc: header (add-bcc); add "To: undisclosed-recipients" header (add-to-undisclosed). [NoRecipientAction]
Default is undefined. chroot( ) to this directory before writing files. [SafeFileEnvironment]
Default is True. Treats colons as regular characters in addresses. [ColonOkInAddr]
Default is 0. Limits the number of entries processed in a queue run. means no limit. [MaxQueueRunSize]
Default is False. If true, don't convert nicknames to canonical names. False means to convert. [DontExpandCnames]
Default is From $g $d. The format of the Unix From: line. [UnixFromLine]
Default is .:%@!^/+. Address operator characters. [OperatorChars]
Default is $j sendmail $v/$Z; $b. The SMTP greeting message. [SmtpGreetingMessage]
Default is False. If true, disable the initgroups(3) routine. False means to use the initgroups(3) routine. [DontInitGroups]
Default is False. If true, don't reference programs or files from group-writable :include: and .forward files. [UnsafeGroupWrites]
Default is postmaster. When errors occur sending an error message, send the second error message to this address. [DoubleBounceAddress]
Default is undefined. Run as this user to read and deliver mail. [RunAsUser]
Default is False. Force single-threaded mail delivery when set with HostStatusDirectory. [SingleThreadDelivery]
Defines normally illegal special characters that will be allowed in the DNS hostname on a HELO or EHLO command line. [AllowBogusHELO]
Defines a space-separated list of authentication mechanisms that will be advertised by this server. Possible values are GSSAPI, KERBEROS_V4, DIGEST-MD5, and CRAM-MD5. [AuthMechanisms]
The AUTH= argument is added to the MAIL FROM header only when authentication succeeds if this is set to A. [AuthOptions]
Identifies a file containing a cryptographic certificate from a certificate authority. [CACERTFile]
Defines the path to the directory that contains the cryptographic certificates. [CACERTPath]
Identifies the file containing the cryptographic certificate sendmail uses when it acts as client. [ClientCertFile]
Identifies the file containing the private key associated with the certificate used when sendmail acts as a client. [ClientKeyFile]
Defines the port options used for outbound SMTP client connections. [ClientPortOptions]
Limits connectivity. Used for testing by the sendmail developers. This is not used in production environments. [ConnectOnlyTo]
Defines a socket used for managing the sendmail daemon. [ControlSocketName]
Points to the file that lists the hosts for which this server will relay mail. Defaults to /etc/mail/relay-domains. [$=R]
Defines the file where failed messages that could not be returned to the sender or sent to the postmaster are saved. [DeadLetterDrop]
Identifies the file that contains the authentication information used for outbound connections. [DefaultAuthInfo]
Defines the maximum amount of buffer memory that will be used before a disk file is used. [DataFileBufferSize]
Identifies the file that contains the DH parameters for the DSA/DH digital signature algorithm. [DHParameters]
Tells sendmail to perform certain file security checks. By default, all checks are performed. This option weakens the security of your server. See the DontBlameSendmail option later in this appendix for a full list of the values that can be used with this parameter. [DontBlameSendmail]
Tells sendmail not to automatically accept the addresses of the server's network interfaces as valid addresses if set to true. Defaults to false. [DontProbeInterface]
Defines the directory where executables for FEATURE(`local_lmtp') and FEATURE(`smrsh') are stored. The default directory is /usr/libexec.
Defines the defaults used for LDAP databases unless specifically overridden by a K command for an individual map. [LDAPDefaultSpec]
Aliases can refer to other aliases. This sets the maximum depth that alias references can be nested. The default is 10. [MaxAliasRecursion]
Defines the maximum length of the sum of all headers in bytes. [MaxHeadersLength]
Defines the maximum length of MIME headers. [MaxMimeHeaderLength]
Defines the maximum number of recipients allowed for a piece of mail. [MaxRecipientsPerMessage]
Adds characters to the list of characters that must be quoted when they are included in the user's full name ($x). The characters @,;:\( ) are always quoted. By default . and ` are added to the list. [MustQuoteChars]
Specifies the path of the PID file. [PidFile]
Identifies the string used on this system as the prefix for the process title in ps listings. [ProcessTitlePrefix]
Identifies the file that contains random data needed by STARTTLS if sendmail was not compiled with the HASURANDOM flag. [RandFile]
Defines the message displayed when mail is rejected because of the access control database. Defaults to "550 Access denied".
True tells sendmail to interpret a Return-Receipt-To: header as a request for delivery status notification (DSN). The default is false. [RrtImpliesDsn]
Identifies the file that contains the cryptographic certificate used when this system acts as server. [ServerCertFile]
Identifies the file that contains the private key associated with the cryptographic certificate used when this system acts as server. [ServerKeyFile]
True forces a multiline From: line to a single line. The default is false. [SingleLineFromHeader]
Defines, in seconds, the retransmission timer for all resolver lookups. [Timeout.resolver.retrans]
Defines, in seconds, the retransmission timer for the resolver lookup for the first attempt to deliver a message. [Timeout.resolver.retrans.first]
Defines, in seconds, the retransmission timer for all resolver lookups after the first attempt to deliver a message. [Timeout.resolver.retrans.normal]
Defines the total number of times to retry a resolver query. [Timeout.resolver.retry]
Defines the number of times the resolver query for the first delivery attempt is retried. [Timeout.resolver.retry.first]
Defines the number of times to retry resolver queries after the first delivery attempt. [Timeout.resolver.retry.normal]
Defines the user who controls the sendmail daemon and owns the files created by sendmail. Do not confuse this option with confTRUSTED_USERS. [TrustedUser]
Defines the maximum amount of buffer memory that can be used for a transcript file before the file must be written to disk. The default is 4096 bytes. [XScriptFileBufferSize]
define macros are the most common macros in the m4 source files. The next most commonly used macro is the FEATURE macro.
The FEATURE macro processes m4 source code from the cf/feature directory. Source files in that directory define optional sendmail features that you may wish to include in your configuration. The syntax of the FEATURE macro is:
The FEATURE source file can be called with or without an optional argument. If an argument is passed to the source file, the argument is used by the source file to generate code for the sendmail.cf file. For example:
FEATURE(`mailertable', `hash /etc/mail/mailertable')
generates the code for accessing the mailertable and defines that table as being a hash database located in the file /etc/mail/mailertable.
There are several features available in sendmail V8. They are all listed in Table E-3. The table provides the name of each feature and its purpose.
Load $=w from /etc/mail/local-host-names.
Load $=t from /etc/mail/trusted-users.
Relay mail for any site whose MX points to this server.
Relay mail for any host in your domain.
Only relay mail for hosts listed in the access database.
Relay mail if the source is a local host.
Relay mail if the sender is listed as RELAY in the access database.
Relay mail from any site to any site.
The obsolete Realtime Blackhole List feature has been replaced by dnsbl.
Reject mail from hosts listed in a DNS-based rejection list. Replaces rbl.
Filter incoming mail based on values set in the access database.
Delay the check_mail and check_relay rulesets until check_rcpt is called.
Disable validity checks for addresses that use the % hack.
Support the .REDIRECT pseudo-domain.
Allow the default configuration of the Message Submission Agent to be overridden by the DAEMON_OPTIONS macro.
Don't include UUCP address processing.
Don't convert names with $[name$] syntax.
Treat "user" differently than "email@example.com".[E]
Mail routing using a mailer table.