divert(-1) dnl This is the sendmail macro config file. If you make changes to this file, dnl you need the sendmail-cf rpm installed and then have to generate a dnl new /etc/sendmail.cf by running the following command: dnl dnl m4 /etc/mail/sendmail.mc > /etc/sendmail.cf dnl include(`/usr/share/sendmail-cf/m4/cf.m4')dnl VERSIONID(`syslang nodns') OSTYPE(`linux') define(`confDEF_USER_ID',``8:12'')dnl undefine(`UUCP_RELAY') undefine(`BITNET_RELAY') define(`confTO_CONNECT', `1m')dnl define(`confTRY_NULL_MX_LIST',true)dnl define(`confDONT_PROBE_INTERFACES',true)dnl define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl FEATURE(`always_add_domain') FEATURE(`use_cw_file') FEATURE(`use_ct_file') FEATURE(`smrsh',`/usr/sbin/smrsh') dnl FEATURE(`nocanonify') define(`confTO_QUEUEWARN', `5m') define(`confSAFE_FILE_ENV', `/var/mailjail')dnl define(`confTO_IDENT', `0') FEATURE(`relay_hosts_only') dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw') dnl define(`LUSER_RELAY', `local:steveo') define(`ALIAS_FILE', `/etc/aliases')dnl define(`STATUS_FILE', `/var/log/mail/statistics')dnl dnl define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl dnl define(`ALIAS_FILE',`/etc/aliases,/usr/local/majordomo/lists/ALIASES/mj-alias-syslang.net')dnl FEATURE(`access_db',`hash -T -o /etc/mail/access.db')dnl FEATURE(`compat_check')dnl FEATURE(`blacklist_recipients')dnl FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl GENERICS_DOMAIN_FILE(`/etc/mail/genericsdomain') dnl FEATURE(`redirect') MASQUERADE_AS(`syslang.net') MASQUERADE_DOMAIN(`syslang.net') FEATURE(`masquerade_entire_domain')dnl FEATURE(`masquerade_envelope')dnl FEATURE(`allmasquerade')dnl FEATURE(`delay_checks') FEATURE(`greet_pause', `1000')dnl FEATURE(`enhdnsbl', `blackholes.easynet.nl', `"550 5.7.1 ACCESS DENIED to <"$&f"> thru "$&{client_name}" by easynet.nl DNSBL (http://blackholes.easynet.nl/errors.html)"', `t')dnl FEATURE(enhdnsbl,`bl.spamcop.net', `"Spam blocked see: http://spamcop.net/bl.shtml?"$&{client_addr}', `t')dnl FEATURE(enhdnsbl,`dnsbl.njabl.org',`Message from $&{client_addr} rejected - see http://njabl.org/', `t')dnl FEATURE(enhdnsbl,`list.dsbl.org',`Message from $&{client_addr} rejected - see http://dsbl.org/', `t')dnl dnl FEATURE(dnsbl, `relays.osirusoft.com')dnl dnl FEATURE(dnsbl,`blackholes.five-ten-sg.com')dnl FEATURE(enhdnsbl,`opm.blitzed.org',`Message from $&{client_addr} rejected - see http://opm.blitzed.org/', `t')dnl dnl FEATURE(dnsbl,`orbs.dorkslayers.com')dnl FEATURE(enhdnsbl,`relays.ordb.org',`Message from $&{client_addr} rejected - see http://relays.ordb.org/', `t')dnl FEATURE(enhdnsbl,`tr.countries.nerd.dk', `SPAM from Turkey:$&{client_addr} rejected',`t')dnl FEATURE(enhdnsbl,`kr.countries.nerd.dk', `SPAM from Korea:$&{client_addr} rejected',`t')dnl FEATURE(enhdnsbl,`cn.countries.nerd.dk', `SPAM from China:$&{client_addr} rejected',`t')dnl dnl FEATURE(enhdnsbl,`nl.countries.nerd.dk', `SPAM from Netherlands:$&{client_addr} rejected',`t')dnl dnl FEATURE(enhdnsbl,`ee.countries.nerd.dk', `SPAM from Estonia:$&{client_addr} rejected',`t')dnl dnl FEATURE(enhdnsbl,`th.countries.nerd.dk', `SPAM from Thailand:$&{client_addr} rejected',`t')dnl dnl FEATURE(enhdnsbl,`br.countries.nerd.dk', `SPAM from Brazil:$&{client_addr} rejected',`t')dnl dnl FEATURE(enhdnsbl,`in.countries.nerd.dk', `SPAM from India:$&{client_addr} rejected',`t')dnl dnl FEATURE(enhdnsbl,`id.countries.nerd.dk', `SPAM from Indonesia:$&{client_addr} rejected',`t')dnl dnl FEATURE(enhdnsbl,`vn.countries.nerd.dk', `SPAM from Viet Nam:$&{client_addr} rejected',`t')dnl dnl FEATURE(enhdnsbl,`es.countries.nerd.dk', `SPAM from Spain:$&{client_addr} rejected',`t')dnl FEATURE(masquerade_entire_domain) FEATURE(masquerade_envelope) FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl EXPOSED_USER(`root')dnl dnl FEATURE(`accept_unresolvable_domains')dnl INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass.sock, F=, T=C:15m;S:4m;R:4m;E:10m')dnl dnl INPUT_MAIL_FILTER(`milter-regex', dnl `S=unix:/var/run/milter-regex/sock, T=S:30s;R:2m')dnl define(`confMILTER_MACROS_CONNECT', `t, b, j, _, {daemon_name}, {if_name}, {if_addr} ')dnl define(`confMILTER_MACROS_ENVRCPT',`r, v, Z')dnl define(`confMILTER_MACROS_HELO', `s, {tls_version}, {cipher}, {cipher_bits}, {cert_subject}, {cert_issuer}')dnl DAEMON_OPTIONS(`Name=MTA') DAEMON_OPTIONS(`address=localhost, Port=24, Name=NCMSA, M=EC') MAILER(local) MAILER(smtp) MAILER(procmail) LOCAL_CONFIG # This regular expression matches some random X-Mailer headers. Krandommailer regex -f -S -aREJECT ^[.0-9A-Za-z]*[0-9][.0-9A-Za-z]*$$ dnl regex map for character sets (not case-sensitive) KCharsetKorean regex -a@MATCH charset=.*(euc-kr|korean|ks.*c) KCharsetRussian regex -a@MATCH charset=.*koi8-r KCharsetChinese regex -a@MATCH charset=.*(big5|Chinese|cn|gb) Kstorage macro LOCAL_RULESETS ################################################################## # Local ruleset - Check Content-Type: # ################################################################## dnl Reject based on Content-Type header HContent-Type: $>CheckContentType D{NoKoreanMsg}Korean not spoken here. D{NoChineseMsg}Chinese not spoken here. D{NoRussianMsg}Russian not spoken here. SCheckContentType R$* $: $(CharsetRussian $&{currHeader} $) R@MATCH $#error $: 550 5.7.0 ${NoRussianMsg} R$* $: $(CharsetKorean $&{currHeader} $) R@MATCH $#error $: 550 5.7.0 ${NoKoreanMsg} R$* $: $(CharsetChinese $&{currHeader} $) R@MATCH $#error $: 550 5.7.0 ${NoChineseMsg} # Reject mail sent by self-identifying spamware. HX-Mailer: $>+CheckXMailer SCheckXMailer R$+ $: $(randommailer $1 $) RDirect Email $+ $: REJECT REmailer Platinum $+ $: REJECT RSent with E-Mail Magnet $+ $: REJECT RGroup Mail $+ $: REJECT REMailing List Pro $+ $: REJECT Rdiffondi $+ $: REJECT RMail Bomber $: REJECT RDynamic Opt-In Emailer $+ $: REJECT RMaxBulk Mailer $+ $: REJECT RFletMail $+ $: REJECT RMailWorkZ $+ $: REJECT RGoldMine $+ $: REJECT RREJECT $#error $@ 5.7.1 $: 553 Spam rejected ### check for the existance of the X-MailScanner Header HX-MailScanner: $>+CheckXMSc D{SobigFPat}Found to be clean D{SobigFMsg}This message may contain the Sobig.F virus. SCheckXMSc ### if it exists, and the defined value is set, record the presence R${SobigFPat} $* $: $(storage {SobigFCheck} $@ SobigF $) $1 R$* $@ OK ### check for the existance of a Message-Id Header HMessage-Id: $>CheckMessageId SCheckMessageId # Record the presence of the header R$* $: $(storage {MessageIdCheck} $@ OK $) $1 R$* $@ OK ### check for the existance of a Received Header HReceived: $>CheckReceived SCheckReceived # Record the presence of any Received header R$* $: $(storage {ReceivedCheck} $@ OK $) $1 R$* $@ OK Scheck_eoh # Check if a Message-Id was found R$* $: < $&{MessageIdCheck} > # If Message-Id was found clear the storage and return with OK R< $+ > $@ $>ClearStorage # Are we the first Hop? R$* $: < $&{ReceivedCheck} > # no? accept it R< $+ > $@ $>ClearStorage # finaly, is there a X-MailScanner? R$* $: < $&{SobigFCheck} > # clear store R$* $: $(storage {SobigFCheck} $) $1 R$* $: $(storage {ReceivedCheck} $) $1 R$* $: $(storage {MessageIdCheck} $) $1 # no msgid, first hop and Header found? -> reject the message R< SobigF > $#error $: 553 ${SobigFMsg} # No Header! Fine, take the message R$* $@ OK SClearStorage R$* $: $(storage {SobigFCheck} $) $1 R$* $: $(storage {ReceivedCheck} $) $1 R$* $: $(storage {MessageIdCheck} $) $1 R$* $@ OK