mirror of
https://github.com/opnsense/src.git
synced 2026-04-29 18:32:49 -04:00
58ae50f31e
Merge vendor sendmail 8.18.1 into HEAD (cherry picked from commit d39bd2c1388b520fcba9abed1932acacead60fba) Add new source file for sendmail 8.18.1 (cherry picked from commit 19d4fb85bf17579780e8f0c3cbae8a5e92a6922e) New sendmail 8.18.1 cf file (cherry picked from commit 1b6a5580c1f999fb1ba5f9860cf63a8aefc55b3c) Minor change to update these files so new freebsd*.cf files are generated (cherry picked from commit 2c191ba6b0b5d1b3729a5ac428d51cfc5d5f3d2e) Belatedly update version and date for sendmail 8.18.1 upgrade (cherry picked from commit 31fbc98c949bfca30ab55afef04b4396a61b7e92) Add a note about sendmail 8.18.1's stricter SMTP protocol enforcement (akin to commit 21c1f1deb6a3ac6a60e4516261e5264a28e0b7a6 in main) Update import date for stable/14 Relnotes: Yes Security: CVE-2023-51765
103 lines
4.3 KiB
MonkeyC
103 lines
4.3 KiB
MonkeyC
divert(-1)
|
|
#
|
|
# Copyright (c) 1983 Eric P. Allman
|
|
# Copyright (c) 1988, 1993
|
|
# The Regents of the University of California. All rights reserved.
|
|
#
|
|
# Redistribution and use in source and binary forms, with or without
|
|
# modification, are permitted provided that the following conditions
|
|
# are met:
|
|
# 1. Redistributions of source code must retain the above copyright
|
|
# notice, this list of conditions and the following disclaimer.
|
|
# 2. Redistributions in binary form must reproduce the above copyright
|
|
# notice, this list of conditions and the following disclaimer in the
|
|
# documentation and/or other materials provided with the distribution.
|
|
# 3. All advertising materials mentioning features or use of this software
|
|
# must display the following acknowledgement:
|
|
# This product includes software developed by the University of
|
|
# California, Berkeley and its contributors.
|
|
# 4. Neither the name of the University nor the names of its contributors
|
|
# may be used to endorse or promote products derived from this software
|
|
# without specific prior written permission.
|
|
#
|
|
# THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
# ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
# SUCH DAMAGE.
|
|
#
|
|
|
|
#
|
|
# This is a generic configuration file for FreeBSD 6.X and later systems.
|
|
# If you want to customize it, copy it to a name appropriate for your
|
|
# environment and do the modifications there.
|
|
#
|
|
# The best documentation for this .mc file is:
|
|
# /usr/share/sendmail/cf/README or
|
|
# /usr/src/contrib/sendmail/cf/README
|
|
#
|
|
# NOTE: If you enable RunAsUser, make sure that you adjust the permissions
|
|
# and owner of the SSL certificates and keys in /etc/mail/certs to be usable
|
|
# by that user.
|
|
#
|
|
# Last updated: 2024-02-01
|
|
|
|
divert(0)
|
|
OSTYPE(freebsd6)
|
|
DOMAIN(generic)
|
|
|
|
FEATURE(access_db, `hash -o -T<TMPF> /etc/mail/access')
|
|
FEATURE(blocklist_recipients)
|
|
FEATURE(local_lmtp)
|
|
FEATURE(mailertable, `hash -o /etc/mail/mailertable')
|
|
FEATURE(virtusertable, `hash -o /etc/mail/virtusertable')
|
|
|
|
dnl Enable STARTTLS for receiving email.
|
|
define(`CERT_DIR', `/etc/mail/certs')dnl
|
|
define(`confSERVER_CERT', `CERT_DIR/host.cert')dnl
|
|
define(`confSERVER_KEY', `CERT_DIR/host.key')dnl
|
|
define(`confCLIENT_CERT', `CERT_DIR/host.cert')dnl
|
|
define(`confCLIENT_KEY', `CERT_DIR/host.key')dnl
|
|
define(`confCACERT', `CERT_DIR/cacert.pem')dnl
|
|
define(`confCACERT_PATH', `CERT_DIR')dnl
|
|
|
|
dnl Uncomment to allow relaying based on your MX records.
|
|
dnl NOTE: This can allow sites to use your server as a backup MX without
|
|
dnl your permission.
|
|
dnl FEATURE(relay_based_on_MX)
|
|
|
|
dnl DNS based block lists
|
|
dnl ---------------------
|
|
dnl DNS based block lists come and go on a regular basis so this
|
|
dnl file will not serve as a database of the available servers.
|
|
dnl For more information, visit
|
|
dnl http://en.wikipedia.org/wiki/DNSBL
|
|
|
|
dnl Uncomment to activate your chosen DNS based block list
|
|
dnl FEATURE(dnsbl, `dnsbl.example.com')
|
|
dnl Alternatively, you can provide your own server and rejection message:
|
|
dnl FEATURE(dnsbl, `dnsbl.example.com', ``"550 Mail from " $&{client_addr} " rejected"'')
|
|
|
|
dnl Dialup users should uncomment and define this appropriately
|
|
dnl define(`SMART_HOST', `your.isp.mail.server')
|
|
|
|
dnl Uncomment the first line to change the location of the default
|
|
dnl /etc/mail/local-host-names and comment out the second line.
|
|
dnl define(`confCW_FILE', `-o /etc/mail/sendmail.cw')
|
|
define(`confCW_FILE', `-o /etc/mail/local-host-names')
|
|
|
|
dnl Enable for both IPv4 and IPv6 (optional)
|
|
DAEMON_OPTIONS(`Name=IPv4, Family=inet')
|
|
DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O')
|
|
|
|
define(`confBIND_OPTS', `WorkAroundBrokenAAAA')
|
|
define(`confNO_RCPT_ACTION', `add-to-undisclosed')
|
|
define(`confPRIVACY_FLAGS', `authwarnings,noexpn,novrfy')
|
|
MAILER(local)
|
|
MAILER(smtp)
|