· 6 years ago · Nov 13, 2019, 11:34 AM
1R<> $* $1
2R$* < @ . $* > $* $#error $@ 5.1.2 $: "553 Invalid host name"
3R$* < @ $* .. $* > $* $#error $@ 5.1.2 $: "553 Invalid host name"
4R$* < @ $* @ > $* $#error $@ 5.1.2 $: "553 Invalid route address"
5R$* @ $* < @ $* > $* $#error $@ 5.1.3 $: "553 Invalid route address"
6R$* , $~O $* $#error $@ 5.1.3 $: "553 Invalid route address"
7
8
9# now delete the local info -- note $=O to find characters that cause forwarding
10R$* < @ > $* $@ $>Parse0 $>canonify $1 user@ => user
11R< @ $=w . > : $* $@ $>Parse0 $>canonify $2 @here:... -> ...
12R$- < @ $=w . > $: $(dequote $1 $) < @ $2 . > dequote "foo"@here
13R< @ $+ > $#error $@ 5.1.3 $: "553 User address required"
14R$* $=O $* < @ $=w . > $@ $>Parse0 $>canonify $1 $2 $3 ...@here -> ...
15R$- $: $(dequote $1 $) < @ *LOCAL* > dequote "foo"
16R< @ *LOCAL* > $#error $@ 5.1.3 $: "553 User address required"
17R$* $=O $* < @ *LOCAL* >
18 $@ $>Parse0 $>canonify $1 $2 $3 ...@*LOCAL* -> ...
19R$* < @ *LOCAL* > $: $1
20
21
22#
23# Parse1 -- the bottom half of ruleset 0.
24#
25
26SParse1
27
28# handle numeric address spec
29R$* < @ [ $+ ] > $* $: $>ParseLocal $1 < @ [ $2 ] > $3 numeric internet spec
30R$* < @ [ $+ ] > $* $: $1 < @ [ $2 ] : $S > $3 Add smart host to path
31R$* < @ [ $+ ] : > $* $#esmtp $@ [$2] $: $1 < @ [$2] > $3 no smarthost: send
32R$* < @ [ $+ ] : $- : $*> $* $#$3 $@ $4 $: $1 < @ [$2] > $5 smarthost with mailer
33R$* < @ [ $+ ] : $+ > $* $#esmtp $@ $3 $: $1 < @ [$2] > $4 smarthost without mailer
34
35# handle virtual users
36R$+ $: <!> $1 Mark for lookup
37R<!> $+ < @ $={VirtHost} . > $: < $(virtuser $1 @ $2 $@ $1 $: @ $) > $1 < @ $2 . >
38R<!> $+ < @ $=w . > $: < $(virtuser $1 @ $2 $@ $1 $: @ $) > $1 < @ $2 . >
39R<@> $+ + $+ < @ $* . >
40 $: < $(virtuser $1 + + @ $3 $@ $1 $@ $2 $@ +$2 $: @ $) > $1 + $2 < @ $3 . >
41R<@> $+ + $* < @ $* . >
42 $: < $(virtuser $1 + * @ $3 $@ $1 $@ $2 $@ +$2 $: @ $) > $1 + $2 < @ $3 . >
43R<@> $+ + $* < @ $* . >
44 $: < $(virtuser $1 @ $3 $@ $1 $@ $2 $@ +$2 $: @ $) > $1 + $2 < @ $3 . >
45R<@> $+ + $+ < @ $+ . > $: < $(virtuser + + @ $3 $@ $1 $@ $2 $@ +$2 $: @ $) > $1 + $2 < @ $3 . >
46R<@> $+ + $* < @ $+ . > $: < $(virtuser + * @ $3 $@ $1 $@ $2 $@ +$2 $: @ $) > $1 + $2 < @ $3 . >
47R<@> $+ + $* < @ $+ . > $: < $(virtuser @ $3 $@ $1 $@ $2 $@ +$2 $: ! $) > $1 + $2 < @ $3 . >
48R<@> $+ < @ $+ . > $: < $(virtuser @ $2 $@ $1 $: @ $) > $1 < @ $2 . >
49R<@> $+ $: $1
50R<!> $+ $: $1
51R< error : $-.$-.$- : $+ > $* $#error $@ $1.$2.$3 $: $4
52R< error : $- $+ > $* $#error $@ $(dequote $1 $) $: $2
53R< $+ > $+ < @ $+ > $: $>Recurse $1
54
55# short circuit local delivery so forwarded email works
56
57
58R$=L < @ $=w . > $#local $: @ $1 special local names
59R$+ < @ $=w . > $#local $: $1 regular local name
60
61# not local -- try mailer table lookup
62R$* <@ $+ > $* $: < $2 > $1 < @ $2 > $3 extract host name
63R< $+ . > $* $: < $1 > $2 strip trailing dot
64R< $+ > $* $: < $(mailertable $1 $) > $2 lookup
65R< $~[ : $* > $* $>MailerToTriple < $1 : $2 > $3 check -- resolved?
66R< $+ > $* $: $>Mailertable <$1> $2 try domain
67
68# resolve remotely connected UUCP links (if any)
69
70# resolve fake top level domains by forwarding to other hosts
71
72
73
74# pass names that still have a host to a smarthost (if defined)
75R$* < @ $* > $* $: $>MailerToTriple < $S > $1 < @ $2 > $3 glue on smarthost name
76
77# deal with other remote names
78R$* < @$* > $* $#esmtp $@ $2 $: $1 < @ $2 > $3 user@host.domain
79
80# handle locally delivered names
81R$=L $#local $: @ $1 special local names
82R$+ $#local $: $1 regular local names
83
84
85
86###########################################################################
87### Ruleset 5 -- special rewriting after aliases have been expanded ###
88###########################################################################
89
90SLocal_localaddr
91Slocaladdr=5
92R$+ $: $1 $| $>"Local_localaddr" $1
93R$+ $| $#ok $@ $1 no change
94R$+ $| $#$* $#$2
95R$+ $| $* $: $1
96
97
98
99
100# deal with plussed users so aliases work nicely
101R$+ + * $#local $@ $&h $: $1
102R$+ + $* $#local $@ + $2 $: $1 + *
103
104# prepend an empty "forward host" on the front
105R$+ $: <> $1
106
107
108
109R< > $+ $: < > < $1 <> $&h > nope, restore +detail
110
111R< > < $+ <> + $* > $: < > < $1 + $2 > check whether +detail
112R< > < $+ <> $* > $: < > < $1 > else discard
113R< > < $+ + $* > $* < > < $1 > + $2 $3 find the user part
114R< > < $+ > + $* $#local $@ $2 $: @ $1 strip the extra +
115R< > < $+ > $@ $1 no +detail
116R$+ $: $1 <> $&h add +detail back in
117
118R$+ <> + $* $: $1 + $2 check whether +detail
119R$+ <> $* $: $1 else discard
120R< local : $* > $* $: $>MailerToTriple < local : $1 > $2 no host extension
121R< error : $* > $* $: $>MailerToTriple < error : $1 > $2 no host extension
122
123R< $~[ : $+ > $+ $: $>MailerToTriple < $1 : $2 > $3 < @ $2 >
124
125R< $+ > $+ $@ $>MailerToTriple < $1 > $2 < @ $1 >
126
127
128###################################################################
129### Ruleset 90 -- try domain part of mailertable entry ###
130###################################################################
131
132SMailertable=90
133R$* <$- . $+ > $* $: $1$2 < $(mailertable .$3 $@ $1$2 $@ $2 $) > $4
134R$* <$~[ : $* > $* $>MailerToTriple < $2 : $3 > $4 check -- resolved?
135R$* < . $+ > $* $@ $>Mailertable $1 . <$2> $3 no -- strip & try again
136R$* < $* > $* $: < $(mailertable . $@ $1$2 $) > $3 try "."
137R< $~[ : $* > $* $>MailerToTriple < $1 : $2 > $3 "." found?
138R< $* > $* $@ $2 no mailertable match
139
140###################################################################
141### Ruleset 95 -- canonify mailer:[user@]host syntax to triple ###
142###################################################################
143
144SMailerToTriple=95
145R< > $* $@ $1 strip off null relay
146R< error : $-.$-.$- : $+ > $* $#error $@ $1.$2.$3 $: $4
147R< error : $- : $+ > $* $#error $@ $(dequote $1 $) $: $2
148R< error : $+ > $* $#error $: $1
149R< local : $* > $* $>CanonLocal < $1 > $2
150R< $~[ : $+ @ $+ > $*<$*>$* $# $1 $@ $3 $: $2<@$3> use literal user
151R< $~[ : $+ > $* $# $1 $@ $2 $: $3 try qualified mailer
152R< $=w > $* $@ $2 delete local host
153R< $+ > $* $#relay $@ $1 $: $2 use unqualified mailer
154
155###################################################################
156### Ruleset CanonLocal -- canonify local: syntax ###
157###################################################################
158
159SCanonLocal
160# strip local host from routed addresses
161R< $* > < @ $+ > : $+ $@ $>Recurse $3
162R< $* > $+ $=O $+ < @ $+ > $@ $>Recurse $2 $3 $4
163
164# strip trailing dot from any host name that may appear
165R< $* > $* < @ $* . > $: < $1 > $2 < @ $3 >
166
167# handle local: syntax -- use old user, either with or without host
168R< > $* < @ $* > $* $#local $@ $1@$2 $: $1
169R< > $+ $#local $@ $1 $: $1
170
171# handle local:user@host syntax -- ignore host part
172R< $+ @ $+ > $* < @ $* > $: < $1 > $3 < @ $4 >
173
174# handle local:user syntax
175R< $+ > $* <@ $* > $* $#local $@ $2@$3 $: $1
176R< $+ > $* $#local $@ $2 $: $1
177
178###################################################################
179### Ruleset 93 -- convert header names to masqueraded form ###
180###################################################################
181
182SMasqHdr=93
183
184
185# do not masquerade anything in class N
186R$* < @ $* $=N . > $@ $1 < @ $2 $3 . >
187
188R$* < @ *LOCAL* > $@ $1 < @ $j . >
189
190###################################################################
191### Ruleset 94 -- convert envelope names to masqueraded form ###
192###################################################################
193
194SMasqEnv=94
195R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2
196
197###################################################################
198### Ruleset 98 -- local part of ruleset zero (can be null) ###
199###################################################################
200
201SParseLocal=98
202
203# addresses sent to foo@host.REDIRECT will give a 551 error code
204R$* < @ $+ .REDIRECT. > $: $1 < @ $2 . REDIRECT . > < ${opMode} >
205R$* < @ $+ .REDIRECT. > <i> $: $1 < @ $2 . REDIRECT. >
206R$* < @ $+ .REDIRECT. > < $- > $#error $@ 5.1.1 $: "551 User has moved; please try " <$1@$2>
207
208
209
210
211
212
213######################################################################
214### D: LookUpDomain -- search for domain in access database
215###
216### Parameters:
217### <$1> -- key (domain name)
218### <$2> -- default (what to return if not found in db)
219### <$3> -- mark (must be <(!|+) single-token>)
220### ! does lookup only with tag
221### + does lookup with and without tag
222### <$4> -- passthru (additional data passed unchanged through)
223######################################################################
224
225SD
226R<$*> <$+> <$- $-> <$*> $: < $(access $4:$1 $: ? $) > <$1> <$2> <$3 $4> <$5>
227R<?> <$+> <$+> <+ $-> <$*> $: < $(access $1 $: ? $) > <$1> <$2> <+ $3> <$4>
228R<?> <[$+.$-]> <$+> <$- $-> <$*> $@ $>D <[$1]> <$3> <$4 $5> <$6>
229R<?> <[$+::$-]> <$+> <$- $-> <$*> $: $>D <[$1]> <$3> <$4 $5> <$6>
230R<?> <[$+:$-]> <$+> <$- $-> <$*> $: $>D <[$1]> <$3> <$4 $5> <$6>
231R<?> <$+.$+> <$+> <$- $-> <$*> $@ $>D <$2> <$3> <$4 $5> <$6>
232R<?> <$+> <$+> <$- $-> <$*> $@ <$2> <$5>
233R<$* <TMPF>> <$+> <$+> <$- $-> <$*> $@ <<TMPF>> <$6>
234R<$*> <$+> <$+> <$- $-> <$*> $@ <$1> <$6>
235
236######################################################################
237### A: LookUpAddress -- search for host address in access database
238###
239### Parameters:
240### <$1> -- key (dot quadded host address)
241### <$2> -- default (what to return if not found in db)
242### <$3> -- mark (must be <(!|+) single-token>)
243### ! does lookup only with tag
244### + does lookup with and without tag
245### <$4> -- passthru (additional data passed through)
246######################################################################
247
248SA
249R<$+> <$+> <$- $-> <$*> $: < $(access $4:$1 $: ? $) > <$1> <$2> <$3 $4> <$5>
250R<?> <$+> <$+> <+ $-> <$*> $: < $(access $1 $: ? $) > <$1> <$2> <+ $3> <$4>
251R<?> <$+::$-> <$+> <$- $-> <$*> $@ $>A <$1> <$3> <$4 $5> <$6>
252R<?> <$+:$-> <$+> <$- $-> <$*> $@ $>A <$1> <$3> <$4 $5> <$6>
253R<?> <$+.$-> <$+> <$- $-> <$*> $@ $>A <$1> <$3> <$4 $5> <$6>
254R<?> <$+> <$+> <$- $-> <$*> $@ <$2> <$5>
255R<$* <TMPF>> <$+> <$+> <$- $-> <$*> $@ <<TMPF>> <$6>
256R<$*> <$+> <$+> <$- $-> <$*> $@ <$1> <$6>
257
258######################################################################
259### CanonAddr -- Convert an address into a standard form for
260### relay checking. Route address syntax is
261### crudely converted into a %-hack address.
262###
263### Parameters:
264### $1 -- full recipient address
265###
266### Returns:
267### parsed address, not in source route form
268######################################################################
269
270SCanonAddr
271R$* $: $>Parse0 $>canonify $1 make domain canonical
272
273
274######################################################################
275### ParseRecipient -- Strip off hosts in $=R as well as possibly
276### $* $=m or the access database.
277### Check user portion for host separators.
278###
279### Parameters:
280### $1 -- full recipient address
281###
282### Returns:
283### parsed, non-local-relaying address
284######################################################################
285
286SParseRecipient
287R$* $: <?> $>CanonAddr $1
288R<?> $* < @ $* . > <?> $1 < @ $2 > strip trailing dots
289R<?> $- < @ $* > $: <?> $(dequote $1 $) < @ $2 > dequote local part
290
291# if no $=O character, no host in the user portion, we are done
292R<?> $* $=O $* < @ $* > $: <NO> $1 $2 $3 < @ $4>
293R<?> $* $@ $1
294
295
296R<NO> $* < @ $* $=R > $: <RELAY> $1 < @ $2 $3 >
297R<NO> $* < @ $+ > $: $>D <$2> <NO> <+ To> <$1 < @ $2 >>
298R<$+> <$+> $: <$1> $2
299
300
301
302R<RELAY> $* < @ $* > $@ $>ParseRecipient $1
303R<$+> $* $@ $2
304
305
306######################################################################
307### check_relay -- check hostname/address on SMTP startup
308######################################################################
309
310
311
312SLocal_check_relay
313Scheck_relay
314R$* $: $1 $| $>"Local_check_relay" $1
315R$* $| $* $| $#$* $#$3
316R$* $| $* $| $* $@ $>"Basic_check_relay" $1 $| $2
317
318SBasic_check_relay
319# check for deferred delivery mode
320R$* $: < $&{deliveryMode} > $1
321R< d > $* $@ deferred
322R< $* > $* $: $2
323
324R$+ $| $+ $: $>D < $1 > <?> <+ Connect> < $2 >
325R $| $+ $: $>A < $1 > <?> <+ Connect> <> empty client_name
326R<?> <$+> $: $>A < $1 > <?> <+ Connect> <> no: another lookup
327R<?> <$*> $: OK found nothing
328R<$={Accept}> <$*> $@ $1 return value of lookup
329R<REJECT> <$*> $#error $@ 5.7.1 $: "550 Access denied"
330R<DISCARD> <$*> $#discard $: discard
331R<QUARANTINE:$+> <$*> $#error $@ quarantine $: $1
332R<ERROR:$-.$-.$-:$+> <$*> $#error $@ $1.$2.$3 $: $4
333R<ERROR:$+> <$*> $#error $: $1
334R<$* <TMPF>> <$*> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
335R<$+> <$*> $#error $: $1
336
337
338######################################################################
339### check_mail -- check SMTP `MAIL FROM:' command argument
340######################################################################
341
342SLocal_check_mail
343Scheck_mail
344R$* $: $1 $| $>"Local_check_mail" $1
345R$* $| $#$* $#$2
346R$* $| $* $@ $>"Basic_check_mail" $1
347
348SBasic_check_mail
349# check for deferred delivery mode
350R$* $: < $&{deliveryMode} > $1
351R< d > $* $@ deferred
352R< $* > $* $: $2
353
354# authenticated?
355R$* $: $1 $| $>"tls_client" $&{verify} $| MAIL
356R$* $| $#$+ $#$2
357R$* $| $* $: $1
358
359R<> $@ <OK> we MUST accept <> (RFC 1123)
360R$+ $: <?> $1
361R<?><$+> $: <@> <$1>
362R<?>$+ $: <@> <$1>
363R$* $: $&{daemon_flags} $| $1
364R$* f $* $| <@> < $* @ $- > $: < ? $&{client_name} > < $3 @ $4 >
365R$* u $* $| <@> < $* > $: <?> < $3 >
366R$* $| $* $: $2
367# handle case of @localhost on address
368R<@> < $* @ localhost > $: < ? $&{client_name} > < $1 @ localhost >
369R<@> < $* @ [127.0.0.1] >
370 $: < ? $&{client_name} > < $1 @ [127.0.0.1] >
371R<@> < $* @ [IPv6:0:0:0:0:0:0:0:1] >
372 $: < ? $&{client_name} > < $1 @ [IPv6:0:0:0:0:0:0:0:1] >
373R<@> < $* @ [IPv6:::1] >
374 $: < ? $&{client_name} > < $1 @ [IPv6:::1] >
375R<@> < $* @ localhost.$m >
376 $: < ? $&{client_name} > < $1 @ localhost.$m >
377R<@> < $* @ localhost.UUCP >
378 $: < ? $&{client_name} > < $1 @ localhost.UUCP >
379R<@> $* $: $1 no localhost as domain
380R<? $=w> $* $: $2 local client: ok
381R<? $+> <$+> $#error $@ 5.5.4 $: "553 Real domain name required for sender address"
382R<?> $* $: $1
383R$* $: <?> $>CanonAddr $1 canonify sender address and mark it
384R<?> $* < @ $+ . > <?> $1 < @ $2 > strip trailing dots
385# handle non-DNS hostnames (*.bitnet, *.decnet, *.uucp, etc)
386R<?> $* < @ $* $=P > $: <OKR> $1 < @ $2 $3 >
387R<?> $* < @ $j > $: <OKR> $1 < @ $j >
388R<?> $* < @ $+ > $: <? $(resolve $2 $: $2 <PERM> $) > $1 < @ $2 >
389R<? $* <$->> $* < @ $+ >
390 $: <$2> $3 < @ $4 >
391
392# check sender address: user@address, user@, address
393R<$+> $+ < @ $* > $: @<$1> <$2 < @ $3 >> $| <F:$2@$3> <U:$2@> <D:$3>
394R<$+> $+ $: @<$1> <$2> $| <U:$2@>
395R@ <$+> <$*> $| <$+> $: <@> <$1> <$2> $| $>SearchList <+ From> $| <$3> <>
396R<@> <$+> <$*> $| <$*> $: <$3> <$1> <$2> reverse result
397# retransform for further use
398R<?> <$+> <$*> $: <$1> $2 no match
399R<$+> <$+> <$*> $: <$1> $3 relevant result, keep it
400
401# handle case of no @domain on address
402R<?> $* $: $&{daemon_flags} $| <?> $1
403R$* u $* $| <?> $* $: <OKR> $3
404R$* $| $* $: $2
405R<?> $* $: < ? $&{client_addr} > $1
406R<?> $* $@ <OKR> ...local unqualed ok
407R<? $+> $* $#error $@ 5.5.4 $: "553 Domain name required for sender address " $&f
408 ...remote is not
409# check results
410R<?> $* $: @ $1 mark address: nothing known about it
411R<$={ResOk}> $* $: @ $2 domain ok
412R<TEMP> $* $#error $@ 4.1.8 $: "451 Domain of sender address " $&f " does not resolve"
413R<PERM> $* $#error $@ 5.1.8 $: "553 Domain of sender address " $&f " does not exist"
414R<$={Accept}> $* $# $1 accept from access map
415R<DISCARD> $* $#discard $: discard
416R<QUARANTINE:$+> $* $#error $@ quarantine $: $1
417R<REJECT> $* $#error $@ 5.7.1 $: "550 Access denied"
418R<ERROR:$-.$-.$-:$+> $* $#error $@ $1.$2.$3 $: $4
419R<ERROR:$+> $* $#error $: $1
420R<<TMPF>> $* $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
421R<$+> $* $#error $: $1 error from access db
422
423
424
425######################################################################
426### check_rcpt -- check SMTP `RCPT TO:' command argument
427######################################################################
428
429SLocal_check_rcpt
430Scheck_rcpt
431R$* $: $1 $| $>"Local_check_rcpt" $1
432R$* $| $#$* $#$2
433R$* $| $* $@ $>"Basic_check_rcpt" $1
434
435SBasic_check_rcpt
436# empty address?
437R<> $#error $@ nouser $: "553 User address required"
438R$@ $#error $@ nouser $: "553 User address required"
439# check for deferred delivery mode
440R$* $: < $&{deliveryMode} > $1
441R< d > $* $@ deferred
442R< $* > $* $: $2
443
444
445######################################################################
446R$* $: $1 $| @ $>"Rcpt_ok" $1
447R$* $| @ $#TEMP $+ $: $1 $| T $2
448R$* $| @ $#$* $#$2
449R$* $| @ RELAY $@ RELAY
450R$* $| @ $* $: O $| $>"Relay_ok" $1
451R$* $| T $+ $: T $2 $| $>"Relay_ok" $1
452R$* $| $#TEMP $+ $#error $2
453R$* $| $#$* $#$2
454R$* $| RELAY $@ RELAY
455R T $+ $| $* $#error $1
456# anything else is bogus
457R$* $#error $@ 5.7.1 $: "550 Relaying denied"
458
459
460######################################################################
461### Rcpt_ok: is the recipient ok?
462######################################################################
463SRcpt_ok
464R$* $: $>ParseRecipient $1 strip relayable hosts
465
466
467
468# blacklist local users or any host from receiving mail
469R$* $: <?> $1
470R<?> $+ < @ $=w > $: <> <$1 < @ $2 >> $| <F:$1@$2> <U:$1@> <D:$2>
471R<?> $+ < @ $* > $: <> <$1 < @ $2 >> $| <F:$1@$2> <D:$2>
472R<?> $+ $: <> <$1> $| <U:$1@>
473R<> <$*> $| <$+> $: <@> <$1> $| $>SearchList <+ To> $| <$2> <>
474R<@> <$*> $| <$*> $: <$2> <$1> reverse result
475R<?> <$*> $: @ $1 mark address as no match
476R<$={Accept}> <$*> $: @ $2 mark address as no match
477
478R<REJECT> $* $#error $@ 5.2.1 $: "550 Mailbox disabled for this recipient"
479R<DISCARD> $* $#discard $: discard
480R<QUARANTINE:$+> $* $#error $@ quarantine $: $1
481R<ERROR:$-.$-.$-:$+> $* $#error $@ $1.$2.$3 $: $4
482R<ERROR:$+> $* $#error $: $1
483R<<TMPF>> $* $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
484R<$+> $* $#error $: $1 error from access db
485R@ $* $1 remove mark
486
487# authenticated via TLS?
488R$* $: $1 $| $>RelayTLS client authenticated?
489R$* $| $# $+ $# $2 error/ok?
490R$* $| $* $: $1 no
491
492R$* $: $1 $| $>"Local_Relay_Auth" $&{auth_type}
493R$* $| $# $* $# $2
494R$* $| NO $: $1
495R$* $| $* $: $1 $| $&{auth_type}
496R$* $| $: $1
497R$* $| $={TrustAuthMech} $# RELAY
498R$* $| $* $: $1
499# anything terminating locally is ok
500R$+ < @ $=w > $@ RELAY
501R$+ < @ $* $=R > $@ RELAY
502R$+ < @ $+ > $: $>D <$2> <?> <+ To> <$1 < @ $2 >>
503R<RELAY> $* $@ RELAY
504R<$* <TMPF>> $* $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
505R<$*> <$*> $: $2
506
507
508
509# check for local user (i.e. unqualified address)
510R$* $: <?> $1
511R<?> $* < @ $+ > $: <REMOTE> $1 < @ $2 >
512# local user is ok
513R<?> $+ $@ RELAY
514R<$+> $* $: $2
515
516######################################################################
517### Relay_ok: is the relay/sender ok?
518######################################################################
519SRelay_ok
520# anything originating locally is ok
521# check IP address
522R$* $: $&{client_addr}
523R$@ $@ RELAY originated locally
524R0 $@ RELAY originated locally
525R127.0.0.1 $@ RELAY originated locally
526RIPv6:0:0:0:0:0:0:0:1 $@ RELAY originated locally
527RIPv6:::1 $@ RELAY originated locally
528R$=R $* $@ RELAY relayable IP address
529R$* $: $>A <$1> <?> <+ Connect> <$1>
530R<RELAY> $* $@ RELAY relayable IP address
531
532R<<TMPF>> $* $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
533R<$*> <$*> $: $2
534R$* $: [ $1 ] put brackets around it...
535R$=w $@ RELAY ... and see if it is local
536
537
538# check client name: first: did it resolve?
539R$* $: < $&{client_resolve} >
540R<TEMP> $#TEMP $@ 4.4.0 $: "450 Relaying temporarily denied. Cannot resolve PTR record for " $&{client_addr}
541R<FORGED> $#error $@ 5.7.1 $: "550 Relaying denied. IP name possibly forged " $&{client_name}
542R<FAIL> $#error $@ 5.7.1 $: "550 Relaying denied. IP name lookup failed " $&{client_name}
543R$* $: <@> $&{client_name}
544# pass to name server to make hostname canonical
545R<@> $* $=P $:<?> $1 $2
546R<@> $+ $:<?> $[ $1 $]
547R$* . $1 strip trailing dots
548R<?> $=w $@ RELAY
549R<?> $* $=R $@ RELAY
550R<?> $* $: $>D <$1> <?> <+ Connect> <$1>
551R<RELAY> $* $@ RELAY
552R<$* <TMPF>> $* $#TEMP $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
553R<$*> <$*> $: $2
554
555
556
557######################################################################
558### F: LookUpFull -- search for an entry in access database
559###
560### lookup of full key (which should be an address) and
561### variations if +detail exists: +* and without +detail
562###
563### Parameters:
564### <$1> -- key
565### <$2> -- default (what to return if not found in db)
566### <$3> -- mark (must be <(!|+) single-token>)
567### ! does lookup only with tag
568### + does lookup with and without tag
569### <$4> -- passthru (additional data passed unchanged through)
570######################################################################
571
572SF
573R<$+> <$*> <$- $-> <$*> $: <$(access $4:$1 $: ? $)> <$1> <$2> <$3 $4> <$5>
574R<?> <$+> <$*> <+ $-> <$*> $: <$(access $1 $: ? $)> <$1> <$2> <+ $3> <$4>
575R<?> <$+ + $* @ $+> <$*> <$- $-> <$*>
576 $: <$(access $6:$1+*@$3 $: ? $)> <$1+$2@$3> <$4> <$5 $6> <$7>
577R<?> <$+ + $* @ $+> <$*> <+ $-> <$*>
578 $: <$(access $1+*@$3 $: ? $)> <$1+$2@$3> <$4> <+ $5> <$6>
579R<?> <$+ + $* @ $+> <$*> <$- $-> <$*>
580 $: <$(access $6:$1@$3 $: ? $)> <$1+$2@$3> <$4> <$5 $6> <$7>
581R<?> <$+ + $* @ $+> <$*> <+ $-> <$*>
582 $: <$(access $1@$3 $: ? $)> <$1+$2@$3> <$4> <+ $5> <$6>
583R<?> <$+> <$*> <$- $-> <$*> $@ <$2> <$5>
584R<$+ <TMPF>> <$*> <$- $-> <$*> $@ <<TMPF>> <$5>
585R<$+> <$*> <$- $-> <$*> $@ <$1> <$5>
586
587######################################################################
588### E: LookUpExact -- search for an entry in access database
589###
590### Parameters:
591### <$1> -- key
592### <$2> -- default (what to return if not found in db)
593### <$3> -- mark (must be <(!|+) single-token>)
594### ! does lookup only with tag
595### + does lookup with and without tag
596### <$4> -- passthru (additional data passed unchanged through)
597######################################################################
598
599SE
600R<$*> <$*> <$- $-> <$*> $: <$(access $4:$1 $: ? $)> <$1> <$2> <$3 $4> <$5>
601R<?> <$+> <$*> <+ $-> <$*> $: <$(access $1 $: ? $)> <$1> <$2> <+ $3> <$4>
602R<?> <$+> <$*> <$- $-> <$*> $@ <$2> <$5>
603R<$+ <TMPF>> <$*> <$- $-> <$*> $@ <<TMPF>> <$5>
604R<$+> <$*> <$- $-> <$*> $@ <$1> <$5>
605
606######################################################################
607### U: LookUpUser -- search for an entry in access database
608###
609### lookup of key (which should be a local part) and
610### variations if +detail exists: +* and without +detail
611###
612### Parameters:
613### <$1> -- key (user@)
614### <$2> -- default (what to return if not found in db)
615### <$3> -- mark (must be <(!|+) single-token>)
616### ! does lookup only with tag
617### + does lookup with and without tag
618### <$4> -- passthru (additional data passed unchanged through)
619######################################################################
620
621SU
622R<$+> <$*> <$- $-> <$*> $: <$(access $4:$1 $: ? $)> <$1> <$2> <$3 $4> <$5>
623R<?> <$+> <$*> <+ $-> <$*> $: <$(access $1 $: ? $)> <$1> <$2> <+ $3> <$4>
624R<?> <$+ + $* @> <$*> <$- $-> <$*>
625 $: <$(access $5:$1+*@ $: ? $)> <$1+$2@> <$3> <$4 $5> <$6>
626R<?> <$+ + $* @> <$*> <+ $-> <$*>
627 $: <$(access $1+*@ $: ? $)> <$1+$2@> <$3> <+ $4> <$5>
628R<?> <$+ + $* @> <$*> <$- $-> <$*>
629 $: <$(access $5:$1@ $: ? $)> <$1+$2@> <$3> <$4 $5> <$6>
630R<?> <$+ + $* @> <$*> <+ $-> <$*>
631 $: <$(access $1@ $: ? $)> <$1+$2@> <$3> <+ $4> <$5>
632R<?> <$+> <$*> <$- $-> <$*> $@ <$2> <$5>
633R<$+ <TMPF>> <$*> <$- $-> <$*> $@ <<TMPF>> <$5>
634R<$+> <$*> <$- $-> <$*> $@ <$1> <$5>
635
636######################################################################
637### SearchList: search a list of items in the access map
638### Parameters:
639### <exact tag> $| <mark:address> <mark:address> ... <>
640### where "exact" is either "+" or "!":
641### <+ TAG> lookup with and w/o tag
642### <! TAG> lookup with tag
643### possible values for "mark" are:
644### D: recursive host lookup (LookUpDomain)
645### E: exact lookup, no modifications
646### F: full lookup, try user+ext@domain and user@domain
647### U: user lookup, try user+ext and user (input must have trailing @)
648### return: <RHS of lookup> or <?> (not found)
649######################################################################
650
651# class with valid marks for SearchList
652C{Src}E F D U
653SSearchList
654# just call the ruleset with the name of the tag... nice trick...
655R<$+> $| <$={Src}:$*> <$*> $: <$1> $| <$4> $| $>$2 <$3> <?> <$1> <>
656R<$+> $| <> $| <?> <> $@ <?>
657R<$+> $| <$+> $| <?> <> $@ $>SearchList <$1> $| <$2>
658R<$+> $| <$*> $| <$+> <> $@ <$3>
659R<$+> $| <$+> $@ <$2>
660
661
662######################################################################
663### trust_auth: is user trusted to authenticate as someone else?
664###
665### Parameters:
666### $1: AUTH= parameter from MAIL command
667######################################################################
668
669SLocal_trust_auth
670Strust_auth
671R$* $: $&{auth_type} $| $1
672# required by RFC 2554 section 4.
673R$@ $| $* $#error $@ 5.7.1 $: "550 not authenticated"
674R$* $| $&{auth_authen} $@ identical
675R$* $| <$&{auth_authen}> $@ identical
676R$* $| $* $: $1 $| $>"Local_trust_auth" $2
677R$* $| $#$* $#$2
678R$* $#error $@ 5.7.1 $: "550 " $&{auth_authen} " not allowed to act as " $&{auth_author}
679
680######################################################################
681### Relay_Auth: allow relaying based on authentication?
682###
683### Parameters:
684### $1: ${auth_type}
685######################################################################
686SLocal_Relay_Auth
687
688######################################################################
689### srv_features: which features to offer to a client?
690### (done in server)
691######################################################################
692Ssrv_features
693R$* $: $>D <$&{client_name}> <?> <! "Srv_Features"> <>
694R<?>$* $: $>A <$&{client_addr}> <?> <! "Srv_Features"> <>
695R<?>$* $: <$(access "Srv_Features": $: ? $)>
696R<?>$* $@ OK
697R<$* <TMPF>>$* $#temp
698R<$+>$* $# $1
699
700######################################################################
701### try_tls: try to use STARTTLS?
702### (done in client)
703######################################################################
704Stry_tls
705R$* $: $>D <$&{server_name}> <?> <! "Try_TLS"> <>
706R<?>$* $: $>A <$&{server_addr}> <?> <! "Try_TLS"> <>
707R<?>$* $: <$(access "Try_TLS": $: ? $)>
708R<?>$* $@ OK
709R<$* <TMPF>>$* $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
710R<NO>$* $#error $@ 5.7.1 $: "550 do not try TLS with " $&{server_name} " ["$&{server_addr}"]"
711
712######################################################################
713### tls_rcpt: is connection with server "good" enough?
714### (done in client, per recipient)
715###
716### Parameters:
717### $1: recipient
718######################################################################
719Stls_rcpt
720R$* $: $(macro {TLS_Name} $@ $&{server_name} $) $1
721R$+ $: <?> $>CanonAddr $1
722R<?> $+ < @ $+ . > <?> $1 <@ $2 >
723R<?> $+ < @ $+ > $: $1 <@ $2 > $| <F:$1@$2> <U:$1@> <D:$2> <E:>
724R<?> $+ $: $1 $| <U:$1@> <E:>
725R$* $| $+ $: $1 $| $>SearchList <! "TLS_Rcpt"> $| $2 <>
726R$* $| <?> $@ OK
727R$* $| <$* <TMPF>> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
728R$* $| <$+> $@ $>"TLS_connection" $&{verify} $| <$2>
729
730######################################################################
731### tls_client: is connection with client "good" enough?
732### (done in server)
733###
734### Parameters:
735### ${verify} $| (MAIL|STARTTLS)
736######################################################################
737Stls_client
738R$* $: $(macro {TLS_Name} $@ $&{client_name} $) $1
739R$* $| $* $: $1 $| $>D <$&{client_name}> <?> <! "TLS_Clt"> <>
740R$* $| <?>$* $: $1 $| $>A <$&{client_addr}> <?> <! "TLS_Clt"> <>
741R$* $| <?>$* $: $1 $| <$(access "TLS_Clt": $: ? $)>
742R$* $| <$* <TMPF>> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
743R$* $@ $>"TLS_connection" $1
744
745######################################################################
746### tls_server: is connection with server "good" enough?
747### (done in client)
748###
749### Parameter:
750### ${verify}
751######################################################################
752Stls_server
753R$* $: $(macro {TLS_Name} $@ $&{server_name} $) $1
754R$* $: $1 $| $>D <$&{server_name}> <?> <! "TLS_Srv"> <>
755R$* $| <?>$* $: $1 $| $>A <$&{server_addr}> <?> <! "TLS_Srv"> <>
756R$* $| <?>$* $: $1 $| <$(access "TLS_Srv": $: ? $)>
757R$* $| <$* <TMPF>> $#error $@ 4.3.0 $: "451 Temporary system failure. Please try again later."
758R$* $@ $>"TLS_connection" $1
759
760######################################################################
761### TLS_connection: is TLS connection "good" enough?
762###
763### Parameters:
764### ${verify} $| <Requirement> [<>]
765### Requirement: RHS from access map, may be ? for none.
766######################################################################
767STLS_connection
768R$* $| <$*>$* $: $1 $| <$2>
769# create the appropriate error codes
770R$* $| <PERM + $={Tls} $*> $: $1 $| <503:5.7.0> <$2 $3>
771R$* $| <TEMP + $={Tls} $*> $: $1 $| <403:4.7.0> <$2 $3>
772R$* $| <$={Tls} $*> $: $1 $| <403:4.7.0> <$2 $3>
773# deal with TLS handshake failures: abort
774RSOFTWARE $| <$-:$+> $* $#error $@ $2 $: $1 " TLS handshake failed."
775RSOFTWARE $| $* $#error $@ 4.7.0 $: "403 TLS handshake failed."
776# deal with TLS protocol errors: abort
777RPROTOCOL $| <$-:$+> $* $#error $@ $2 $: $1 " STARTTLS failed."
778RPROTOCOL $| $* $#error $@ 4.7.0 $: "403 STARTTLS failed."
779R$* $| <$*> <VERIFY> $: <$2> <VERIFY> <> $1
780R$* $| <$*> <VERIFY + $+> $: <$2> <VERIFY> <$3> $1
781R$* $| <$*> <$={Tls}:$->$* $: <$2> <$3:$4> <> $1
782R$* $| <$*> <$={Tls}:$- + $+>$* $: <$2> <$3:$4> <$5> $1
783R$* $| $* $@ OK
784# authentication required: give appropriate error
785# other side did authenticate (via STARTTLS)
786R<$*><VERIFY> <> OK $@ OK
787R<$*><VERIFY> <$+> OK $: <$1> <REQ:0> <$2>
788R<$*><VERIFY:$-> <$*> OK $: <$1> <REQ:$2> <$3>
789R<$*><ENCR:$-> <$*> $* $: <$1> <REQ:$2> <$3>
790R<$-:$+><VERIFY $*> <$*> $#error $@ $2 $: $1 " authentication required"
791R<$-:$+><VERIFY $*> <$*> FAIL $#error $@ $2 $: $1 " authentication failed"
792R<$-:$+><VERIFY $*> <$*> NO $#error $@ $2 $: $1 " not authenticated"
793R<$-:$+><VERIFY $*> <$*> NOT $#error $@ $2 $: $1 " no authentication requested"
794R<$-:$+><VERIFY $*> <$*> NONE $#error $@ $2 $: $1 " other side does not support STARTTLS"
795R<$-:$+><VERIFY $*> <$*> $+ $#error $@ $2 $: $1 " authentication failure " $4
796R<$*><REQ:$-> <$*> $: <$1> <REQ:$2> <$3> $>max $&{cipher_bits} : $&{auth_ssf}
797R<$*><REQ:$-> <$*> $- $: <$1> <$2:$4> <$3> $(arith l $@ $4 $@ $2 $)
798R<$-:$+><$-:$-> <$*> TRUE $#error $@ $2 $: $1 " encryption too weak " $4 " less than " $3
799R<$-:$+><$-:$-> <$*> $* $: <$1:$2 ++ $5>
800R<$-:$+ ++ > $@ OK
801R<$-:$+ ++ $+ > $: <$1:$2> <$3>
802R<$-:$+> < $+ ++ $+ > <$1:$2> <$3> <$4>
803R<$-:$+> $+ $@ $>"TLS_req" $3 $| <$1:$2>
804
805######################################################################
806### TLS_req: check additional TLS requirements
807###
808### Parameters: [<list> <of> <req>] $| <$-:$+>
809### $-: SMTP reply code
810### $+: Enhanced Status Code
811######################################################################
812STLS_req
813R $| $+ $@ OK
814R<CN> $* $| <$+> $: <CN:$&{TLS_Name}> $1 $| <$2>
815R<CN:$&{cn_subject}> $* $| <$+> $@ $>"TLS_req" $1 $| <$2>
816R<CN:$+> $* $| <$-:$+> $#error $@ $4 $: $3 " CN " $&{cn_subject} " does not match " $1
817R<CS:$&{cert_subject}> $* $| <$+> $@ $>"TLS_req" $1 $| <$2>
818R<CS:$+> $* $| <$-:$+> $#error $@ $4 $: $3 " Cert Subject " $&{cert_subject} " does not match " $1
819R<CI:$&{cert_issuer}> $* $| <$+> $@ $>"TLS_req" $1 $| <$2>
820R<CI:$+> $* $| <$-:$+> $#error $@ $4 $: $3 " Cert Issuer " $&{cert_issuer} " does not match " $1
821ROK $@ OK
822
823######################################################################
824### max: return the maximum of two values separated by :
825###
826### Parameters: [$-]:[$-]
827######################################################################
828Smax
829R: $: 0
830R:$- $: $1
831R$-: $: $1
832R$-:$- $: $(arith l $@ $1 $@ $2 $) : $1 : $2
833RTRUE:$-:$- $: $2
834R$-:$-:$- $: $2
835
836
837
838
839######################################################################
840### RelayTLS: allow relaying based on TLS authentication
841###
842### Parameters:
843### none
844######################################################################
845SRelayTLS
846# authenticated?
847R$* $: <?> $&{verify}
848R<?> OK $: OK authenticated: continue
849R<?> $* $@ NO not authenticated
850R$* $: $&{cert_issuer}
851R$+ $: $(access CERTISSUER:$1 $)
852RRELAY $# RELAY
853RSUBJECT $: <@> $&{cert_subject}
854R<@> $+ $: <@> $(access CERTSUBJECT:$1 $)
855R<@> RELAY $# RELAY
856R$* $: NO
857
858######################################################################
859### authinfo: lookup authinfo in the access map
860###
861### Parameters:
862### $1: {server_name}
863### $2: {server_addr}
864######################################################################
865Sauthinfo
866R$* $: $1 $| $>D <$&{server_name}> <?> <! AuthInfo> <>
867R$* $| <?>$* $: $1 $| $>A <$&{server_addr}> <?> <! AuthInfo> <>
868R$* $| <?>$* $: $1 $| <$(access AuthInfo: $: ? $)> <>
869R$* $| <?>$* $@ no no authinfo available
870R$* $| <$*> <> $# $2
871
872
873
874
875
876#
877
878######################################################################
879######################################################################
880#####
881##### MAIL FILTER DEFINITIONS
882#####
883######################################################################
884######################################################################
885
886#
887
888######################################################################
889######################################################################
890#####
891##### MAILER DEFINITIONS
892#####
893######################################################################
894######################################################################
895
896
897##################################################
898### Local and Program Mailer specification ###
899##################################################
900
901##### $Id: local.m4,v 8.60 2013-11-22 20:51:14 ca Exp $ #####
902
903#
904# Envelope sender rewriting
905#
906SEnvFromL
907R<@> $n errors to mailer-daemon
908R@ <@ $*> $n temporarily bypass Sun bogosity
909R$+ $: $>AddDomain $1 add local domain if needed
910R$* $: $>MasqEnv $1 do masquerading
911
912#
913# Envelope recipient rewriting
914#
915SEnvToL
916R$+ < @ $* > $: $1 strip host part
917R$+ + $* $: < $&{addr_type} > $1 + $2 mark with addr type
918R<e s> $+ + $* $: $1 remove +detail for sender
919R< $* > $+ $: $2 else remove mark
920
921#
922# Header sender rewriting
923#
924SHdrFromL
925R<@> $n errors to mailer-daemon
926R@ <@ $*> $n temporarily bypass Sun bogosity
927R$+ $: $>AddDomain $1 add local domain if needed
928R$* $: $>MasqHdr $1 do masquerading
929
930#
931# Header recipient rewriting
932#
933SHdrToL
934R$+ $: $>AddDomain $1 add local domain if needed
935R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2
936
937#
938# Common code to add local domain name (only if always-add-domain)
939#
940SAddDomain
941
942Mlocal, P=/usr/libexec/mail.local, F=lsDFMAw5:/|@qPSXmnz9, S=EnvFromSMTP/HdrFromL, R=EnvToL/HdrToL,
943 T=DNS/RFC822/SMTP,
944 A=mail.local -l
945Mprog, P=/bin/sh, F=lsDFMoqeu9, S=EnvFromL/HdrFromL, R=EnvToL/HdrToL, D=$z:/,
946 T=X-Unix/X-Unix/X-Unix,
947 A=sh -c $u
948
949#####################################
950### SMTP Mailer specification ###
951#####################################
952
953##### $Id: smtp.m4,v 8.66 2013-11-22 20:51:14 ca Exp $ #####
954
955#
956# common sender and masquerading recipient rewriting
957#
958SMasqSMTP
959R$* < @ $* > $* $@ $1 < @ $2 > $3 already fully qualified
960R$+ $@ $1 < @ *LOCAL* > add local qualification
961
962#
963# convert pseudo-domain addresses to real domain addresses
964#
965SPseudoToReal
966
967# pass <route-addr>s through
968R< @ $+ > $* $@ < @ $1 > $2 resolve <route-addr>
969
970# output fake domains as user%fake@relay
971
972# do UUCP heuristics; note that these are shared with UUCP mailers
973R$+ < @ $+ .UUCP. > $: < $2 ! > $1 convert to UUCP form
974R$+ < @ $* > $* $@ $1 < @ $2 > $3 not UUCP form
975
976# leave these in .UUCP form to avoid further tampering
977R< $&h ! > $- ! $+ $@ $2 < @ $1 .UUCP. >
978R< $&h ! > $-.$+ ! $+ $@ $3 < @ $1.$2 >
979R< $&h ! > $+ $@ $1 < @ $&h .UUCP. >
980R< $+ ! > $+ $: $1 ! $2 < @ $Y > use UUCP_RELAY
981R$+ < @ $~[ $* : $+ > $@ $1 < @ $4 > strip mailer: part
982R$+ < @ > $: $1 < @ *LOCAL* > if no UUCP_RELAY
983
984
985#
986# envelope sender rewriting
987#
988SEnvFromSMTP
989R$+ $: $>PseudoToReal $1 sender/recipient common
990R$* :; <@> $@ list:; special case
991R$* $: $>MasqSMTP $1 qualify unqual'ed names
992R$+ $: $>MasqEnv $1 do masquerading
993
994
995#
996# envelope recipient rewriting --
997# also header recipient if not masquerading recipients
998#
999SEnvToSMTP
1000R$+ $: $>PseudoToReal $1 sender/recipient common
1001R$+ $: $>MasqSMTP $1 qualify unqual'ed names
1002R$* < @ *LOCAL* > $* $: $1 < @ $j . > $2
1003
1004#
1005# header sender and masquerading header recipient rewriting
1006#
1007SHdrFromSMTP
1008R$+ $: $>PseudoToReal $1 sender/recipient common
1009R:; <@> $@ list:; special case
1010
1011# do special header rewriting
1012R$* <@> $* $@ $1 <@> $2 pass null host through
1013R< @ $* > $* $@ < @ $1 > $2 pass route-addr through
1014R$* $: $>MasqSMTP $1 qualify unqual'ed names
1015R$+ $: $>MasqHdr $1 do masquerading
1016
1017
1018#
1019# relay mailer header masquerading recipient rewriting
1020#
1021SMasqRelay
1022R$+ $: $>MasqSMTP $1
1023R$+ $: $>MasqHdr $1
1024
1025Msmtp, P=[IPC], F=mDFMuX, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,
1026 T=DNS/RFC822/SMTP,
1027 A=TCP $h
1028Mesmtp, P=[IPC], F=mDFMuXa, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,
1029 T=DNS/RFC822/SMTP,
1030 A=TCP $h
1031Msmtp8, P=[IPC], F=mDFMuX8, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,
1032 T=DNS/RFC822/SMTP,
1033 A=TCP $h
1034Mdsmtp, P=[IPC], F=mDFMuXa%, S=EnvFromSMTP/HdrFromSMTP, R=EnvToSMTP, E=\r\n, L=990,
1035 T=DNS/RFC822/SMTP,
1036 A=TCP $h
1037Mrelay, P=[IPC], F=mDFMuXa8, S=EnvFromSMTP/HdrFromSMTP, R=MasqSMTP, E=\r\n, L=2040,
1038 T=DNS/RFC822/SMTP,
1039 A=TCP $h
1040
1041root@przybylski:/etc/mail #