divert(-1) # # Copyright (c) 1997,1998,1999 Claus Assmann # # In short: you can do whatever you want with this, but don't blame me! # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # # # ifdef(`_ERR_MSG_RELAY_',`',`define(`_ERR_MSG_RELAY_',`550 we do not relay $&f')') ifdef(`_CHECK_MAP_TYPE_',`',`define(`_CHECK_MAP_TYPE_',`dbm')') ifdef(`_ALLOW_MAP_LOC_',,`define(`_ALLOW_MAP_LOC_',`/etc/mail/allow')') ifdef(`_POP_MAP_LOC_',,`define(`_POP_MAP_LOC_',`/etc/mail/popauth')') ifdef(`_LOCAL_IP_MAP_',`define(`_CHECK_IPMAP_REQ_',`1')') ifdef(`_LOCAL_ONLY_',`define(`_REQ_CANON_',`1')') ifdef(`_CHECK_RCPT_USER_',`define(`_REQ_CANON_',`1')') dnl ifdef(`_SPH_FIX_',`ifdef(`_REQ_CANON_',`',`define(`_REQ_CANON_',`1')')') define(`_USE_NAMES_RULES',`R $`'| $`'* $`'@ OK no client name: directly invoked #R$`'- $`'| $`'* $`'@ OK for those without full DNS... ifdef(`_NO_SUB_W_',`R$`'=w $`'| $`'* $`'@ OK from here', `R$`'*$`'=w $`'| $`'* $`'@ OK from here') R$`'*$`'={LocalNames} $`'| $`'* $`'@ OK from allowed system') divert(0) VERSIONID(`@(#)check_rcpt4.m4 3.3.1 (Claus Assmann) 1999-09-20') include(_CF_DIR_`'hack/junk.m4) PUSHDIVERT(6) ifdef(`_SPAM_FRIENDS_',dnl # file containing addresses which receive all mail without filtering F{SpamFriends} ifelse(_SPAM_FRIENDS_, `', `/etc/mail/SpamFriends', `_SPAM_FRIENDS_')) ifdef(`_MAP_SPAM_FRIENDS_',dnl # map containing addresses which receive all mail without filtering Kspam_friends ifelse(_MAP_SPAM_FRIENDS_, `', `_CHECK_MAP_TYPE_ -a@SPAMFRIEND /etc/mail/spam_friends', `_MAP_SPAM_FRIENDS_')) ifdef(`_SPAM_HATERS_',dnl # map containing addresses which want to have mail filtering Kspam_haters ifelse(_SPAM_HATERS_, `', `_CHECK_MAP_TYPE_ -a@SPAMHATER /etc/mail/spam_haters', `_SPAM_HATERS_')) ifdef(`_RELAYTO_MAP_',dnl # map containing names of machines/hosts which can use our relay Kisrt ifelse(_RELAYTO_MAP_, `', `_CHECK_MAP_TYPE_ -a@RELAYTO /etc/mail/relayto', `_RELAYTO_MAP_')) ifdef(`_USE_RELAY_MAILERTABLE_',`dnl # use mailertable lookup for check_rcpt too Kmtrelay _CHECK_MAP_TYPE_ -m -a@RELAYTO ifelse(_USE_RELAY_MAILERTABLE_,`',`/etc/mailertable',`_USE_RELAY_MAILERTABLE_')',`dnl') ifdef(`_ALLOW_SOME_',dnl # list of domains and addresses which can send mail through # our relay if they appear in MAIL FROM: Kallow ifelse(_ALLOW_SOME_, `', `_CHECK_MAP_TYPE_ -a@ALLOWED _ALLOW_MAP_LOC_', `_ALLOW_SOME_')) ifdef(`_CHECK_RCPT_USER_',dnl # map for forbidden local names Kforbrcpt ifelse(_CHECK_RCPT_USER_,`', `_CHECK_MAP_TYPE_ -a@FORBIDDEN /etc/mail/forbrcpt', `_CHECK_RCPT_USER_')) ifdef(`_ISMX_',`# MX map (requires a patch) Kismx ismx',`dnl') ifdef(`_LOCAL_SUBNETBITS_', `# map for converting ip (requires a patch) Kip2bin storage', `dnl') ifdef(`_LOCAL_IP_MAP_',`# use map for local IP Klocalip ifelse(_LOCAL_IP_MAP_,`',`_CHECK_MAP_TYPE_ -a@MATCH /etc/mail/localIP',`_LOCAL_IP_MAP_')') ifdef(`_POPAUTH_',`# use map for authentification via POP Kpopauth ifelse(_POPAUTH_,`',`_CHECK_MAP_TYPE_ -o -m -a@MATCH _POP_MAP_LOC_',`_POPAUTH_')',`dnl') ifdef(`_LOCAL_ONLY_',`# use class for users who can send only local mail F{LocalOnly} ifelse(_LOCAL_ONLY_, `', `/etc/mail/LocalOnly', `_LOCAL_ONLY_')',`dnl') POPDIVERT LOCAL_RULESETS ifdef(`_CHECK_MAIL_IN_RCPT_',`define(`_CHECK_RCPT_IN_RCPT_',`1')',`ifdef(`_CHECK_RELAY_IN_RCPT_',`define(`_CHECK_RCPT_IN_RCPT_',`1')',`dnl')') ifdef(`_CHECK_RCPT_IN_RCPT_', `Scheckrcpt', `S`'SM89_LOCAL`'check_rcpt ifdef(`_SPAM_FRIENDS_',`# allow some local addresses; use only legal syntax R<$={SpamFriends}@$=w> $@ ifdef(`_FRIEND_STORAGE_', `$(friend YES $)', `OK') R<$={SpamFriends}> $@ ifdef(`_FRIEND_STORAGE_', `$(friend YES $)', `OK')',`dnl') ifdef(`_MAP_SPAM_FRIENDS_',`# allow some local addresses; use only legal syntax R<$+@$+> $: <$(spam_friends @$2 $:$1@$2 $)> R<$+@SPAMFRIEND> $@ ifdef(`_FRIEND_STORAGE_', `$(friend YES $)', `OK') R<$+@$=w> $: <$(spam_friends $1 $) @ $2> R<$+@SPAMFRIEND@$=w> $@ ifdef(`_FRIEND_STORAGE_', `$(friend YES $)', `OK')',`dnl')') ifdef(`_CHECK_RCPT_USER_',`# local user address allowed? R$+ $: $1 $| <@> $>canon $1 ifdef(`_CHECK_ALL_RCPTS_',`# check every recipient address R$+ $| <@> $- + $*<@$*> $: $1 $| $(forbrcpt $2@$4 $: <@>$2+$3 $)<@$4> R$+ $| <@> $+ <@$*> $: $1 $| $(forbrcpt $2@$3 $: <@>$2 $)<@$3> R$+ $| <@> $- + $*<@$*> $: $1 $| $(forbrcpt $2 $: <@>$2+$3 $)<@$4> R$+ $| <@> $+ <@$*> $: $1 $| $(forbrcpt $2 $: <@>$2 $)<@$3>', `R$+ $| <@> $- + $*<@$=w> $: $1 $| $(forbrcpt $2 $:<@>$2+$3 $)<@$4> R$+ $| <@> $+ <@$=w> $: $1 $| $(forbrcpt $2 $:<@>$2$)<@$3>') R$+ $| FORBIDDEN@FORBIDDEN<@$*> $# error $@ NOUSER $: 553 Unrecognized username R$+ $| $+@FORBIDDEN<@$*> $# error $@ NOUSER $: $2 R$* $| $* $: $1 undo damage',`dnl') ifdef(`_LOCAL_ONLY_',`# if local_only sender: no remote recipient R$+ $: $1 $| <@> $>canon tokenize($&f) R$+ $| <@> $={LocalOnly}<@$=w> $: $1 $| R$+ $| <@> $* $: $1 R<$*@$=w> $| $: <$1@$2> R$+ $| $# error $@ NOUSER $: 553 External Recipient Forbidden.',`dnl') ifdef(`_USE_RCPT_', `', `errprint(`HACK "check_rcpt" requires use_ip or use_names')')dnl ifdef(`_USE_IP_', # first: get client address ifdef(`_LOCAL_SUBNETBITS_', `dnl R$+ $: $(ip2bin $&{client_addr} $@ b $) $| $1 ifdef(`_LOCAL_IP_MAP_', `errprint(`subnetbits work with Class LocalIP only')', `dnl')', `R$+ $: tokenize($&{client_addr}) $| $1') R0 $| $* $@ OK client_addr is 0 for sendmail -bs ifdef(`_LOCAL_IP_MAP_',`# use map for local IP R$* $| $+ $: $2 $| $>IPMap $1.localip R$* $| NO@MATCH $: $1 $| tokenize($&{client_addr}) not allowed: restore address R$* $| $*@MATCH $@ OK allowed: ok R$* $| $* $: $2 $| $1 format now: client_addr $| rcpt',`# class for local IP R$={LocalIP}$* $| $* $@ OK from here') ifdef(`_POPAUTH_',`# authentification via POP R$+ $| $* $: $(popauth $1 $) $| $2 OK if from a POP-authed address ifdef(`_POPAUTH2_',`R$-.$-.$-.$- $| $* $: $(popauth $1.$2.$3 $) $| $5 OK if from a POP-authed subnet',`dnl') R$+@MATCH $| $* $@ OK',`dnl') ifdef(`_USE_NAMES_', # next: get client name R$* $| $+ $: tokenize($&{client_name}) $| $2 _USE_NAMES_RULES ), # first: get client name R$+ $: tokenize($&{client_name}) $| $1 _USE_NAMES_RULES )dnl # now check other side R$* $| $* $: $>3 $2 # remove local part R$+ $:$>removelocal $1 ifdef(`_ALLOW_SOME_',`dnl R$*<@$*>$* $: ifdef(`_NO_UUCP_', `R$+ ! $+ $: ', `dnl') # relay attempt? get and canonify the FROM address R $: $>3 tokenize($&f) # compare it with an "allowed" domain R $*<@$*.>$* $: $>allow $1<@$2> # match: ok R $*<@$*@ALLOWED>$* $@ OK # nope: it is a relay attempt R $* $#error $@ 5.7.1 $: _ERR_MSG_RELAY_',`dnl # still something left? R$*<@$*>$* $#error $@ 5.7.1 $: _ERR_MSG_RELAY_ ifdef(`_NO_UUCP_', `R$+ ! $+ $#error $@ 5.7.1 $: _ERR_MSG_RELAY_', `dnl')') ifdef(`_SPAM_HATERS_',`R$+ $@ <$1@LOCALNAME>',`dnl') ifdef(`_ALLOW_SOME_',` # check for allowed addresses Sallow # lookup domain in database R$*<@$+> $:$1<@$(allow $2$)> # exists? return R$*<@$*@ALLOWED> $@$1<@$2@ALLOWED> # lookup address in database R$*<@$+> $:$1<@$(allow $1@$2 $:$2$)> # exists? return R$*<@$*@ALLOWED> $@$1<@$2@ALLOWED> # remove one subdomain; try again R$*<@$+.$+.$+> $: $>allow $1<@$3.$4> ',`dnl') Sremovelocal # remove local part (maybe repeatedly) ifdef(`_ISMX_',`# See if we are MX for this host R$*<@$+>$* $: $1 <@ $(ismx $2 $: NOMX $) > $3 R$*<@NOMX>$* $#error $@ 5.7.1 $: 571 unauthorized relay destination R$*<@TEMPFAIL>$* $#error $@ 4.5.1 $: 451 Cannot resolve destination R$*<@$+>$* $: $>3 $1 $3', `ifdef(`_RELAYTO_MAP_',`dnl' R$*<@$+.>$* $:$1<@$(isrt $2 $:$2.$)>$3 R$*<@$*@RELAYTO>$* $:$>removelocal $>3 $1 $3 ifdef(`_CLASS_W_TOO_',`R$*<@$=w.>$* $:$>removelocal $>3 $1 $3',`dnl') R$*<@$+.$+.>$* $:$>removelocal $1<@$3.>$4 R$*<@$*>$* $@ $1<@$2>$3, ifdef(`_USE_RELAYTO_',`dnl' R$*<@$*$={RelayTo}.>$* $>3 $1 $4 ifdef(`_NO_CANONIFY_',`R$*<@$*$={RelayTo}>$* $: $>removelocal $>3 $1 $4',`dnl') R$*<@$=w.>$* $: $>removelocal $>3 $1 $3, R$*<@$=w.>$* $>3 $1 $3) ifdef(`_USE_RELAY_MAILERTABLE_',`dnl R$*<@$+>$* $:$1<@$(mtrelay $2 $:$2.$)>$3 R$*<@$*@RELAYTO>$* $:$>removelocal $>3 $1 $3',`dnl') ifdef(`_MAILER_uucp_',`dnl' ifdef(`_CLASS_U_', `R$*<@$=U.UUCP.>$* $: $>removelocal $>3 $1 $3',`dnl') ifdef(`_CLASS_V_', `R$*<@$=V.UUCP.>$* $: $>removelocal $>3 $1 $3',`dnl') ifdef(`_CLASS_W_', `R$*<@$=W.UUCP.>$* $: $>removelocal $>3 $1 $3',`dnl') ifdef(`_CLASS_X_', `R$*<@$=X.UUCP.>$* $: $>removelocal $>3 $1 $3',`dnl') ifdef(`_CLASS_Y_', `R$*<@$=Y.UUCP.>$* $: $>removelocal $>3 $1 $3',`dnl') R$*<@$=Z.UUCP.>$* $: $>removelocal $>3 $1 $3, `dnl') R$*<@$*>$* $@ $1<@$2>$3)') # dequote local part R$- $: $>3 $(dequote $1 $) R$*<@$*>$* $: $>removelocal $1<@$2>$3 ifdef(`_CHECK_RCPT_IN_RCPT_',` S`'SM89_LOCAL`'check_rcpt ifdef(`_SPAM_FRIENDS_',`# allow some local addresses; use only legal syntax R<$={SpamFriends}@$=w> $@ ifdef(`_FRIEND_STORAGE_', `$(friend YES $)', `OK') R<$={SpamFriends}> $@ ifdef(`_FRIEND_STORAGE_', `$(friend YES $)', `OK')',`dnl') ifdef(`_MAP_SPAM_FRIENDS_',`# allow some local addresses; use only legal syntax R<$+@$=w> $: <$(spam_friends $1 $) @ $2> R<$+@SPAMFRIEND@$=w> $@ ifdef(`_FRIEND_STORAGE_', `$(friend YES $)', `OK')',`dnl') # call the rulesets ifdef(`_SPH_FIX_',`dnl R$* $: $1 $| $>checkrcpt $1 R$* $| $* $2 R$* $| OK $: $>removelocal $1 dnl',`dnl R$* $: $>checkrcpt $1') ifdef(`_SPAM_HATERS_',`dnl ifdef(`_SPH_FIX_',`dnl',`ROK $@ OK from trusted source, no further checks') R<$+ + $* @ LOCALNAME> $: <@> $(spam_haters $1 $) R<$+ @ LOCALNAME> $: <@> $(spam_haters $1 $) R<@> $*@SPAMHATER $: ifdef(`_FRIEND_STORAGE_', `$(friend NO $)', `is_hater') R<@> $* $@ no_hater_stop_the_check', `dnl') ifdef(`_CHECK_MAIL_IN_RCPT_',`dnl R$* $: R<<$*>> <$1> strip superfluous < > R<$*> $: $>checkmail <$1> ifdef(`_ACCEPT_SOME_',`dnl R<$*@$*@ACCEPT> $@ ACCEPT',`dnl')',`dnl') ifdef(`_CHECK_RELAY_IN_RCPT_',`dnl R$* $: $>checkrelay tokenize($&{client_name} $| $&{client_addr})',`dnl')',`dnl') ifdef(`_REQ_CANON_',`# canonify address: user<@domain>; if no domain: add $j Scanon R$+ $: $>3 $1 R $*<@$*.>$* $1<@$2>$3 R $*<@$*>$* $@ $1<@$2>$3 R $* $@ $1<@$j>',`dnl') divert(0)