divert(-1) dnl This is the sendmail macro config file. If you make changes to this file, dnl you need the sendmail-cf rpm installed and then have to generate a dnl new /etc/sendmail.cf by running the following command: dnl dnl m4 /etc/mail/sendmail.mc > /etc/sendmail.cf dnl include(`/usr/share/sendmail-cf/m4/cf.m4') VERSIONID(`UNet SMTP AUTH 0.1.6 20021221 alba')dnl OSTYPE(`linux') define(`confDEF_USER_ID',``8:12'')dnl undefine(`UUCP_RELAY')dnl FEATURE(nouucp,`reject')dnl define(`EDNSBL_TO',2)dnl dnl dnl Must match 2 of 5 blacklists to lose dnl HACK(`brenhdnsbl', `blackholes.easynet.nl')dnl HACK(`brenhdnsbl', `bl.spamcop.net')dnl HACK(`brenhdnsbl', `sbl.spamhaus.org')dnl HACK(`brenhdnsbl', `list.dsbl.org')dnl HACK(`brenhdnsbl', `dnsbl.sorbs.net')dnl HACK(`brenhdnsbl', `cbl.abuseat.org')dnl undefine(`BITNET_RELAY')dnl define(`confTO_ICONNECT', `2m')dnl define(`confLOGLEVEL', `14')dnl define(`confTO_IDENT', `0')dnl define(`confTO_INITIAL', `3m')dnl define(`confMCI_CACHE_SIZE',`4')dnl define(`confDELAY_LA',`12')dnl define(`confREFUSE_LA',`36')dnl define(`confQUEUE_LA',`16')dnl define(`confBAD_RCPT_THROTTLE',`5')dnl define(`confSHARED_MEMORY_KEY',`355cce05')dnl define(`confTRY_NULL_MX_LIST',true)dnl dnl define(`confERROR_MESSAGE',`/etc/mail/error-header')dnl INPUT_MAIL_FILTER(`vbsfilter', `S=local:/var/run/milter/vbsfilter.sock') dnl define(`confDONT_PROBE_INTERFACES',true)dnl define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl dnl define(`ALIAS_FILE', `/etc/aliases')dnl define(`ALIAS_FILE', `/etc/aliases')dnl dnl define(`STATUS_FILE', `/etc/mail/statistics')dnl define(`confMAX_MESSAGE_SIZE', `40000000')dnl define(`confMAX_DAEMON_CHILDREN', `160')dnl define(`confFORWARD_PATH', `')dnl define(`confPRIVACY_FLAGS', `noreceipts,novrfy,noexpn,restrictqrun')dnl define(`confAUTH_OPTIONS', `A,p,y')dnl TRUST_AUTH_MECH(`LOGIN PLAIN')dnl define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl define(`confCACERT_PATH', `/etc/mail')dnl dnl dnl Do not require (or ask for) SSL client certs dnl define(`confTLS_SRV_OPTIONS',`V')dnl define(`confRELAY_MSG',`"550 Relaying denied without login - see http://mail.brandeis.edu/ or use your local SMTP server. sender:" $&f')dnl HACK(`popauth')dnl FEATURE(`no_default_msa')dnl DAEMON_OPTIONS(`Name=MTA')dnl DAEMON_OPTIONS(`Port=587, Name=MSA, M=E')dnl DAEMON_OPTIONS(`Port=smtps, Name=SSLMTA, M=s')dnl CLIENT_OPTIONS(`M=S')dnl define(`confCACERT', `/usr/share/ssl/certs/ca-bundle.crt')dnl define(`confSERVER_CERT', `/etc/mail/mail.brandeis.edu.crt')dnl define(`confSERVER_KEY', `/etc/mail/mail.brandeis.edu.key')dnl dnl define(`confTO_QUEUEWARN', `4h')dnl dnl define(`confTO_QUEUERETURN', `5d')dnl FEATURE(`access_db',`hash -T -o /etc/mail/access.db')dnl dnl FEATURE(delay_checks)dnl MASQUERADE_AS(brandeis.edu)dnl MASQUERADE_DOMAIN_FILE(`/etc/mail/masquerade')dnl FEATURE(`allmasquerade')dnl FEATURE(`limited_masquerade')dnl FEATURE(`masquerade_envelope')dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl FEATURE(`domaintable',`hash -o /etc/mail/domaintable.db')dnl FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl FEATURE(`relay_entire_domain')dnl FEATURE(redirect)dnl FEATURE(always_add_domain)dnl FEATURE(use_cw_file)dnl FEATURE(use_ct_file)dnl FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl FEATURE(`blacklist_recipients')dnl FEATURE(`delay_checks',`friend')dnl EXPOSED_USER(`root')dnl MAILER(smtp)dnl MAILER(procmail)dnl Cwlocalhost.localdomain LOCAL_CONFIG Cmbrandeis.edu C{VMSHosts} binah din logos dnl While often forged, hotmail.com must not be listed because some legitimate dnl hotmail and msn relays use a simple helo hotmail.com sometimes C{RejectHelo} 129.64.99.163 129.64.99.165 129.64.99.169 rocketmail.com yahoo.com www.email.com.cn optinnetworks.net compuserve.com sprint.com aol.com msn.com luftmensch.com hisword.com mail4her.com hungermail.com test1.com test.com test2.com space-star.com mail4good.com AMNESTYmail.com mail4her.com mail4him.com F{TLSServers} /etc/mail/tls-servers Kldapmail ldap -b "o=Brandeis University" -h"127.0.0.1 ldap5.unet.brandeis.edu ldap1.unet.brandeis.edu clara.unet.brandeis.edu" -k (mailacceptinggeneralid=%0) -v mailforwardingaddress # # Regular expression to reject: # * numeric-only localparts aol.com, msn.com, bellsouth.net, brandeis.edu # * localparts starting with a digit from juno.com and hotmail.com # * localparts longer than 16 characters from aol or hotbot or canada.com # * localparts w/ _ and longer than 16 characters and at least 1 digit # @(hotbot|juno|rocketmail|excite|hotmail|mail).com # * test*@test.com # * *inkjet* and *_toner_* # * COVAD spammer pattern oqvg_quqe_s_c_f@brandeis.edu # Kcheckaddress regex -a@MATCH ^(wp_lottery.*<@.*.com|mailer\-daemon[0-9]+.*<@.*|viagra.*<@yours\.com|.*([0-9].*prsesly|discounts|printsuppl|software[0-9])<@yahoo\.com|.*(saveonink|printsupplies|inkjet|toner_).*<@.*|(education|academic)-.*(software|discounts)[0-9]*<@.*|out<@bpick[0-9]+\.com|test.*<@test.*\.com|[0-9]+<@(aol\.com|msn\.com|bellsouth\.net|brandeis\.edu)|[0-9][^<]*<@(hotmail|juno)\.com|.{16}[^<]+<@(canada|aol|hotbot)\.com|.{10}.*_.{2}.*[0-9].{2}.*<@(hotmail|juno|rocketmail|hotbot|excite|yahoo|msn|mail)\.com|.*free4you<@.*|.*_...._._._.<@.*brandeis\.edu|BullseyeStockProf.*|[0-9a-z]{5}\.[0-9a-z]{5}<@hotmail\.com|[a-z]{5,20}[0-9]{5,20}<@koreamail.co.kr|xtrafreeporn.*|MAILsweeper<@.*|virusadmin<@.*|antivirus<@.*|MailWiper<@.*|StockTalkCentral_.*|Nasdaq_Newsdesk.*|ListsOnSale.*|InvestorInsights__.*|subscriptionssavings_.*|.*<@gotraveling.*\.us|lovingtouches.*|MarketingLists.*[0-9].*<@.*)\.?> Kcheckfromaddress regex -a@MATCH (@creative-courses\.com|@hello\.com|@veriopt\.com|ha@sexyfun\.net|@himailer.com|clubhotlist@aol.com|^[0-9]+@(earthlink|email|juno|yahoo|hotmail|msn)\.com|@support\.net|customer@newsletters.com|@updates.msdn.net|@technet_msdn\.net|@advisor\.microsoft\.com|@technet\.ms\.com) Kcheckreplyto regex -a@MATCH @btamail.net.cn|@web-mail.com.ar Kklez regex -a@MATCH_KLEZ ^A (Very|special| *) +(New|funny|nice|humour|excite|good|powful|WinXP|IE 6.0| *) +(game|tool|website|patch)|^(W32.Elkern|W32.Klez.E) *removal *tool|^Your Friend Prince|Discrete Shipping|^Worm *Klez.E *immunity|^Virus Detected by Network Associates. Inc|^Home .*(Xanax|Vicodin)|^(laser|toner|ink-jet|inkjet) (cartridges|supplies)|(quality ink|inkjets).* percent off|^Save .*on ink cartri|^Ink-jet and laser cartri|^ADV:|^A D V :|^Symantec AVF detected|^InterScan NT Alert|PROTECT YOURSELF AGAINST HARMFUL VIRUSES|V(.a|i.|1.)gra .*(online|low cost)|^Norton AntiVirus detected.*virus|^Antigen (Notification|found VIRUS)|sick of deleting spam email|spam.*spam remedy|^Use this patch immediately|(increase|expand|about) your pen(1|i)s|pen.s .*enlargem|^(Ultmate|free) HGH(:| )|get out of debt|^ScanMail Message. |(Want|Get) a (lar|big)ger penis| (than|as) vi(@|a)gr@|1/2 off v.agra|FREE V.AGRA tablets|Re:Generic V.agra|(diet pills|v.agra|vicodin).* (no|without).*Prescription|Off V(1|i)agra|Gener.c Viag.a |Stamina-RX|GV-ProMax|^Re: Here is that sample|^Sleep Guaranteed.*Natural|^Now copy DVD|with NO PRESCRIPTION|Sleep with Ambien|Superlative DVD SOFT|Copy any DVD to |DVD (Backup movies|Copying Features|Magic.* Pro)|^Mortgage Rates .*|^Meet a new lover|DVDs in Your Own Home|^DVD Backup Movies|^Low Home Mortgage rates|^Whats up\? |(ANTI VIRUS|SYSTEMWORKS) CLEARANCE SALE|EMAIL Password with SPYWARE|^adu1t: |improve .* cellphone signal|lenders.*compete for your (mortgage business|loan)|^Re:Get Password mail|DVD Magick Pro|Powerful DVD copy software|I find cool site for you.|^Re: Wicked screensaver|^Re: Re: My details|your m(@|a)nh(o|0).d|^You credit card has been charged|sav.* ink.* cartridges|^[0-9a-zA-Z].* [a-zA-Z0-9]{4}[a-zA-Z0-9]+-[a-zA-Z0-9]{4}[a-zA-Z0-9]+-[a-zA-Z0-9]+-[a-zA-Z0-9]+|^[0-9a-zA-Z].* . . \[?[a-z0-9]{3,10}\]?$ Kcheckreceived regex -a@MATCH_RCVD (halftomorrow\.com|hottestmile\.com|cyberemailings\.com|mail\.yahou\.com|\.huyahoo\.com|\.webproxies\.com|\.dohuya\.com|\.oxteli\.com|\.hottestmale\.com|\.bigpong\.com|\.aolmd\.com|\.yahui\.com|\.zhello.nl|\.hd.ressort.net|xxxpobox\.com|from unknown .HELO CAMPAIGN|teledailypromotionslist|\.otpalo\.com|\.gimmixx\.net|\.sol-superunderline\.com|\.cyberecschange\.com|\.nikavo\.net|\.pesdets.com|\.zubilam\.net|\.loxsystems\.net|\.lamailer\.com|\.345mail\.com|\.tilkbans\.com|\.xpaaqm\.org|\.rqute8\.net|\.piswix.net|\.36m4\.com|\.shawkeyxtreme\.com| bizoppalliance\.|by (yahoo\.com|aol\.com|mail\.ru|hotmail\.com) .Postfix. from userid) # # Names that won't be allowed in a To: line (local-part and domains) # C{RejectToLocalparts} Free.Sex.Trial youremailaddress 4you webmoney Wall.Street.Stockwatch.customers Mostly.Millionaires Mainly.Millionaires Money.In.Motion users whoareyou C{RejectToDomains} hello.com republic.com public.com new.com yourserver.com example.com emailofferz.net emailofferz.com uniquemailoffers.com hi-speedemail.com test.com test2.com mailtonic.net domain-name-search-engine.org rcpthost.rcptdomain technet_msdn.net updates.msdn.net advisor.microsoft.com technet.ms.com support.net LOCAL_SRV_FEATURES dnl #################################################################### dnl # Don't offer SMTP AUTH if relay would be allowed anyway dnl # Only offer STARTTLS for vhosts listed in /etc/mail/tls-servers R$* $: $1 $| $&{if_name} $| $>"Relay_ok" $1 R$* $| $={TLSServers} $| RELAY $# A V R$* $| $={TLSServers} $| $* $# V R$* $| $* $| RELAY $# A S R$* $| $* $| $* $# A S R$* $| $* $| $* $: $1 LOCAL_RULE_0 # Hack to rewrite vmsism {BINAH,DIN,LOGOS,PIP}::USER@$=w to local USER # N.B. ruleset 199 only removes quotes around LHS when RHS is local ($=w), so # mail from SMTP clients to e.g. "binah::foo"@another.edu will be bounced. R$={VMSHosts} : : $- $+ $2 Junk all but username LOCAL_RULE_3 Rin % $+ $1 Nuke in% R< in % $+ > $1 Nuke LOCAL_RULESETS # LDAP fallback SLocal_localaddr R$+ + $+ $: $1 R$+ $: <$(ldapmail $1 $: $)> $1 R< > $+ $: $1 R<$+ @ $+> $+ $: $>Parse1 $>ParseLocal $>canonify $1@$2 HTo: $>CheckTo SCheckTo R$={RejectToLocalparts}@$* $#error $@ 5.7.1 $: "554 Header error: " $&f R$*@$={RejectToDomains} $#error $@ 5.7.1 $: "554 Header error: " $&f HReceived: $>CheckReceived SCheckReceived R$* $: $(checkreceived $&{currHeader} $: $1 $) R@MATCH_RCVD $#error $@ 5.7.1 $: "554 Rejected due to Received: pattern typical of recent spam - fix this or ask postmaster@brandeis to refine this filter - please include full headers" HComment: $>CheckComment SCheckComment R$+ www . yourvling . com $+ $#error $: "Spammers not welcome yourvling" HX-Spanska: $>CheckSpanska SCheckSpanska RYes $#error $: "You have a virus. http://geocities.com/SiliconValley/Heights/3652/SKA.HTM" HX-transfer-number: $>CheckXTransfer SCheckXTransfer R$* $#error $@ 5.7.1 $: "554 X-Transfer header error: " $&f HX-Unsent: $>CheckXUnsent SCheckXUnsent R1 $#error $: "Appears to have Nimda or some other Outlook abusing worm" HX-SpamKiller-AutoReply: $>CheckSpamKiller SCheckSpamKiller R0 $#error $: "SpamKiller is worse than useless - it wastes abuse desk time sending complaints about forgeries to the wrong people" HSubject: $>Check_klez_subject # HSubject: $>+UppercaseSubject SCheck_klez_subject R$* $: $(klez $&{currHeader} $: $1 $) R@MATCH_KLEZ $#error $@ 5.7.1 $: "554 Rejected probable spam/virus - change Subject line or ask postmaster@brandeis.edu to refine this filter: "$&{currHeader} R$* $: $(Upper $&{hdr_name} $: FALSE $) R$- $@ $(macro {IsUpper} $@ $1 $) KUpper regex -f -aTRUE ^[A-Z][A-Z]*$$ #SUppercaseSubject #R$* $: $(Upper $&{hdr_name} $: FALSE $) #R$- $@ $(macro {IsUpper} $@ $1 $) HContent-Type: $>+CheckContentType KWormCheck regex -f -q -a multipart/.*boundary=\\"[a-z][a-z]*\\""$$ SCheckContentType R$* $: <@> $&{IsUpper} R<@>FALSE $@ OK R<@> $@ OK R$* $:$(WormCheck $&{currHeader} $) R$* $#error $@ 5.7.1 $: 554 Uppercase SUBJECT and lowercase Content-Type MIME boundary suggests the Swen virus - contact postmaster@brandeis if this was an error HFrom: $>CheckFromHeader Ksyslog syslog SCheckFromHeader R$+ $: $(checkfromaddress $1 $) R@MATCH $#error $@ 5.7.1 $: "554 Looks like spam to me" R$* $: <@> $&{DnsBlFlags} R<@> $@ OK R<@>$+ $: $(syslog "single blacklist:" $1 " " $&{client_addr} " " $&{client_name} $) HReply-To: $>CheckReplyToHeader SCheckReplyToHeader R$+ $: $(checkreplyto $1 $) R@MATCH $#error $@ 5.7.1 $: "554 Looks like spam to me" SLocal_check_mail # check address against various regex checks R<*@$+.com> $#error $@ 5.1.1 $: 550 Asterisked from lines rejected - try again R$* $: $>Parse0 $>3 $1 R$+ $: $(checkaddress $1 $) R@MATCH $#error $@ 5.1.1 $: "550 Suspicious from rejected - contact postmaster@brandeis from an alternate address if this was an error" R$* $: <$&s> R<$={RejectHelo}> $#error $@ 5.7.1 $: "554 Invalid helo rejected - contact postmaster@brandeis if this was an error: "$&s R<$+cybermailer.biz> $#error $@ 5.7.1 $: "554 Invalid helo rejected - contact postmaster@brandeis if this was an error: "$&s