divert(-1)
# Copyright (c) 1997-1999,2000 SuSE GmbH Nuernberg, Germany.
# Author: Florian La Roche
# Werner Fink <feedback@suse.de>
#
# After the `divert(0)' all lines starting with `dnl' are
# comments until the next newline character.
# Putting words into `'-pairs disables macro expansion
#
include(`/usr/share/sendmail/m4/cf.m4')
divert(0)dnl
VERSIONID(`@(#)Setup for SuSE Linux 8.12.3-0.4 (SuSE Linux) 2002/01/14')
dnl
dnl This is the default configuration for SuSE Linux.
dnl See `/usr/share/sendmail/ostype/suse-linux.m4' and take a look
dnl into `/usr/share/sendmail/README' for more information.
dnl
dnl The suse-linux.m4 enables the FEATUREs mailertable, genericstable,
dnl virtusertable, and access_db. Just look to those file for some
dnl examples. They are stored in `/etc/mail/'. If you have changed
dnl one or more files you should run SuSEconfig or generate the
dnl `.db' files by hand (see /sbin/conf.d/SuSEconfig.sendmail).
dnl
dnl NOTE: YOU HAVE TO CHANGE THE CONFIGURATION TO FIT YOUR NEEDS
dnl BEFORE ACTIVTING SOME OF THESE EXAMPLES!
dnl
OSTYPE(`suse-linux')dnl
dnl
dnl By default the MSA (Message Submission Agent) daemon is disabled on
dnl SuSE Linux. If you want to use this service enabled the following.
dnl
dnl DAEMON_OPTIONS(`Port=587,Name=MSA,M=E')dnl
dnl
dnl Do not send MIME error messages
dnl
dnl define(`confMIME_FORMAT_ERRORS', `False')dnl
dnl
dnl If you have a modem and you use dial on demand, specify the time
dnl until you have a working connection. Sendmail will then retry to
dnl establish a connection.
dnl
dnl define(`confDIAL_DELAY', `10s')dnl
dnl
dnl Timeout before a warning message is sent to the sender telling them
dnl that the message has been deferred. The FEATURE(dialup) will
dnl overwrite this.
dnl
dnl define(`confTO_QUEUEWARN', `4h')dnl
dnl
dnl Timeout before a message is returned as undeliverable
dnl
dnl define(`confTO_QUEUERETURN', `5d')dnl
dnl
dnl If you have lots of users, you might want to add "restrictmailq" and
dnl "restrictrunq", but normally they can be left out. "authwarnings"
dnl warns about all people that e.g. use "sendmail -bs" and adds
dnl `X-Authentication-Warning:' headers. Pine users might want to disable this.
dnl "noreceipts" disables DSN (Delivery Status Notification) and ignores all
dnl `Return-Receipt-To:' headers even if `confRRT_IMPLIES_DSN' is `true'.
dnl For service provider using ETRN on port 25 the noetrn could be removed.
dnl
dnl define(`confPRIVACY_FLAGS', `authwarnings,needmailhelo,novrfy,noexpn,noetrn,noverb')dnl
dnl
dnl These users given in `/etc/mail/trusted-users' are allowed to modify
dnl the email sender address.
dnl
dnl FEATURE(`use_ct_file')dnl
dnl
dnl You can specify a smart host either here or in `/etc/mail/mailertable'
dnl
dnl define(`SMART_HOST', `smtp:mail.smarthost.other.domain')dnl
dnl define(`SMART_HOST', `uucp-dom:otheruucphost')dnl
dnl define(`MAIL_HUB', `smtp:host.your.domain')dnl
dnl define(`LOCAL_RELAY', `smtp:host.your.domain')dnl
dnl
dnl Redirect all email to unknown people to Postmaster.
dnl
dnl define(`LUSER_RELAY', `local:postmaster')dnl
dnl
dnl Enable the following SuSE FEATURE, if you have a expensive
dnl dialup connection for SMTP and want to queue all email until
dnl `sendmail -q' is started.
dnl
dnl FEATURE(`expensive')dnl
dnl
dnl This is used for dial-on-demand connections where we don't want to
dnl trigger a connection just for a DNS query.
dnl Sendmail will give all hostnames to your DNS server and replace the
dnl names with the FQDN ones. As nearly all email-programs use the full
dnl hostname and you will probably also just use full hostnames as
dnl destination addresses, you could disable `nocanonify'. With `nodns'
dnl you should declare the local, the mail hub, the smart, and the mail
dnl relay host with their IP addresses and the corresponding Full Qualified
dnl Domain Names (in short FQDN which means hostname.domain) /etc/hosts.
dnl Do NOT use this together with anti-spam FEATUREs.
dnl
dnl FEATURE(`nocanonify')dnl
dnl HACK(`nodns')dnl
dnl
dnl The following FEATURE provides the possibility to avoid further
dnl dialups. The delivery mode is defer (postpone) therefore this
dnl FEATURE should NOT be used in combination with anti-spam FEATUREs.
dnl Note, that this FEATURE needs the FQDN as stored in /etc/HOSTNAME
dnl read into the variable FQHOSTNAME. Therefore replace myhost.newdomain.notused!
dnl
dnl FEATURE(`dialup', `myhost.newdomain.notused')dnl
dnl
dnl This is a NO NO and only suitable in real intranet. This because
dnl it `provides' a mail really for spam mails even if your local host
dnl is connected over a dialup line. To avoid this miss-FEATURE you
dnl should enable FEATURE(`use_cw_file') and declare the hosts to accept
dnl in `/etc/mail/local-host-names'.
dnl Do NEVER use this together with anti-spam FEATUREs or being connected
dnl to the Internet.
dnl
dnl FEATURE(`promiscuous_relay')dnl
dnl
dnl Sendmail only accepts emails as local that use the FQDN. If you want
dnl to accept further hostnames as local email, add them here or put
dnl them into the `/etc/mail/local-host-names' file.
dnl
dnl FEATURE(`use_cw_file')dnl
dnl
dnl This FEATURE enables (open)ldap and requires some arguments. For
dnl information see [url]http://www.stanford.edu/~bbense/ldap/[/url]. Note that this
dnl FEATURE define a map `ldap' and expand the AliasFile with `sequence:ldap'.
dnl We choose an other name for the proposed map name `luser' (see URL) to
dnl avoid conflicts with LUSER_RELAY. The necessary change in rule S5 is
dnl already done and will be enabled by this FEATURE.
dnl
dnl FEATURE(`ldap', `place_here_your_configuration')dnl
dnl
dnl The ldap_routing FEATURE is part of the official sendmail since 8.10.0.
dnl You'll find a description in /usr/share/sendmail/README at `LDAP ROUTING'.
dnl You've to replace example.notused, mailHostdefine, mailRoutingAddressdefine,
dnl You've to replace example.notused, mailHostdefine, mailRoutingAddressdefine,
dnl and bounce argument if not `passthru' with your're own configuration.
dnl
dnl define(`confLDAP_DEFAULT_SPEC', `-h mailHost')dnl
dnl LDAPROUTE_DOMAIN(`example.notused')dnl
dnl FEATURE(`ldap_routing', dnl
dnl `ldap -1 -v mailHost -k (&(objectClass=inetLocalMailRecipient) (mailLocalAddress=%0))', dnl
dnl `ldap -1 -v mailRoutingAddress -k (&(objectClass=inetLocalMailRecipient) (mailLocalAddress=%0))', dnl
dnl `bounce')dnl
dnl
dnl To stop spamming from known domains and known senders you should
dnl not use the FEATURE(dialup) nor FEATURE(promiscuous_relay) nor HACK(nodns).
dnl To turn on the ability to refuse or allow incoming mail for certain
dnl recipient usernames, hostnames, or addresses, you should declare them
dnl in `/etc/mail/access'.
dnl You can provide a black list for the FEATURE below list which is used to
dnl block incoming mail for certain recipient usernames, hostnames, or
dnl addresses.
dnl
dnl FEATURE(`blacklist_recipients')dnl
dnl
dnl The Realtime Blackhole List is a service of rbl.maps.vix.com
dnl (see [url]http://maps.vix.com/rbl/)[/url]. It provides a list of hosts
dnl of known spammers. The FEATURES below are some other server
dnl for rejecting well known spammers
dnl (see [url]http://maps.vix.com/[/url] and [url]http://www.orbs.org/)[/url].
dnl
dnl FEATURE(`dnsbl')dnl
dnl FEATURE(`dnsbl',`dul.maps.vix.com',` Mail from $&{client_addr} rejected - dul; see http://maps.vix.com')dnl
dnl FEATURE(`dnsbl',`relays.orbs.org', ` Mail from $&{client_addr} rejected - open relay; see http://www.orbs.org')dnl
dnl
dnl
dnl Just add the local domain if the email address doesn't have one
dnl
FEATURE(`always_add_domain')dnl
dnl
dnl Specify the sender email address for all outgoing mail from the local
dnl machine. Most people also want to use "masquerade_envelope" to also
dnl change the envelope addresses.
dnl Use "allmasquerade" to also change the recipient address. Don't use
dnl this feature, if you don't have the full /etc/aliases and the full
dnl /etc/passwd on your host.
dnl
dnl MASQUERADE_AS(`newdomain.notused')dnl
dnl FEATURE(`masquerade_envelope')dnl
dnl FEATURE(`allmasquerade')dnl
dnl FEATURE(`no_local_masquerading')dnl
dnl
dnl Normally, any hosts decided as locally are masqueraded. If
dnl the feature limited_masquerade is used, only the hosts listed in
dnl MASQUERADE_DOMAIN() are masqueraded. This is useful if you have
dnl several domains with disjoint namespaces hosted on the same machine.
dnl
dnl MASQUERADE_DOMAIN(`otherdmain.notused')dnl
dnl FEATURE(`limited_masquerade')dnl
dnl
dnl The list will cause certain addresses originating locally (i.e. that
dnl are unqualified) or domains to be looked up in a map and turned into
dnl another ("generic") form, which can change both the domain name and
dnl the user name. These domains can additional to the local domains be
dnl changed in /etc/mail/genericstable
dnl
dnl GENERICS_DOMAIN(`your.domain')dnl
dnl
dnl Foreign package amavis needs libmilter interface
dnl
dnl define(`MILTER')dnl
dnl divert(-1)
dnl INPUT_MAIL_FILTER(`milter-amavis', `S=local:/var/run/amavis/amavis-milter.sock, T=S:10m;R:10m;E:10m')
dnl divert(0)dnl
dnl
dnl
dnl Enable SMTP-AUTH as client (plain, gssapi, digest-md5, and cram-md5)
dnl AUTH_DIR is defined in OSTYPE(`suse-linux') as /etc/mail/auth
dnl Please not that most providers only know about `plain' which means
dnl that the user data will not be encrypted.
dnl
dnl define(`confAUTH_MECHANISMS', `place_here_your_auth_mechanism')dnl
dnl FEATURE(`authinfo', `hash -o 'AUTH_DIR\`/auth-info')dnl
dnl
dnl Enable SMTP-AUTH as server (gssapi, digest-md5, and cram-md5)
dnl for an explanation read
dnl /usr/share/sendmail/README, /usr/share/doc/packages/sendmail/op.txt.bz2,
dnl and [url]http://www.sendmail.org/~ca/email/auth.html[/url].
dnl
dnl define(`confAUTH_OPTIONS', `Apy')dnl
dnl TRUST_AUTH_MECH(`place_here_your_auth_mechanism')dnl
dnl define(`confAUTH_MECHANISMS', `place_here_your_auth_mechanism')dnl
dnl
dnl Enable STARTTLS Certificates, for an explanation read
dnl /usr/share/doc/packages/sendmail/op.txt.bz2 and
dnl [url]http://www.sendmail.org/~ca/email/starttls.html[/url]
dnl The certification and key files are placed at
dnl /etc/mail/certs/ as CA.cert.pem, MYServer.cert.pem,
dnl MYServer.key.pem (for STARTTLS server) and
dnl MYClient.cert.pem, MYClient.key.pem (for STARTTLS client).
dnl CERT_DIR is defined in OSTYPE(`suse-linux') as /etc/mail/certs
dnl
dnl define(`confCACERT', CERT_DIR/`CA.cert.pem')dnl"
dnl define(`confSERVER_CERT', CERT_DIR/`MYServer.cert.pem')dnl"
dnl define(`confSERVER_KEY', CERT_DIR/`MYServer.key.pem')dnl"
dnl define(`confCLIENT_CERT', CERT_DIR/`MYClient.cert.pem')dnl"
dnl define(`confCLIENT_KEY', CERT_DIR/`MYClient.key.pem')dnl"
dnl
dnl We use the generic m4 macro definition. This defines
dnl an extented .forward and redirect mechanism.
dnl
DOMAIN(`generic')dnl
dnl
dnl These mailers are available. per default only smtp is used. You have
dnl to add entries to /etc/mail/mailertable to enable one of the other
dnl mailers.
dnl
MAILER(`local')dnl
MAILER(`smtp')dnl
MAILER(`procmail')dnl
MAILER(`uucp')dnl
MAILER(`bsmtp')dnl
MAILER(`fido')dnl
dnl
dnl Just an other (open)ldap feature is the usage of maill500 as mailer
dnl for a given (open)ldap domain (see manual page mail500).
dnl
dnl MAILER(`mail500', `place_here_your_openldap_domain')dnl
dnl
dnl This line is required for formating the /etc/sendmail.cf
dnl
LOCAL_CONFIG
dnl
dnl The alternate names of this host:
dnl
dnl Cw localhost [url]www.domain.notused[/url]
dnl
: