divert(-1)
#
# Original Version
# ----------------
#	http://www.Linux-Sec.net/Mail/sendmail-8.12.3.config.header_chk.mc
#	http://www.Linux-Sec.net/Mail/sendmail-8.12.3.antispam.howto.txt
#
# check_local-5 Examples
#	http://www.digitalanswers.org/check_local/examples.html
#
#
# ------------------------------------------------------------------------
# This sendmail.mc file enables the sendmail-8.12.3 Built-in Spam Features
# ------------------------------------------------------------------------
#	- Ignore servers without proper reverse DNS
#	- Ignore those spammers listed in the RBLs
#	- Accept incoming email for "valid recipients"
#
#
# BROKEN rules -- needs fixing
# ------------
# -- check_local-5.0 ( 49301 )
#	554 5.0.0 Macro/class {rcpt_host}: too many long names	--  check_local w/ options
#	554 5.0.0 Macro/class {rcpt_addr}: too many long names  --  cehck_local no options
#
#	SYSERR(root): Macro/class {hdrlen}: too many long names
#	SYSERR(root): Macro/class {msg_size}: too many long names
#	SYSERR(root): Macro/class {rcpt_relay}: too many long names
#	SYSERR(root): Unable to assign macro/class ID (mid = 0xffffffff)
#
#
# -- check_local-5.0.beta ( 48046 )
#	-->> SOMETHING <<--  causes map "foo" not found problems w/ "check_local.m4" enabled
#	Unknown ruleset resolve_domain
#
#	--- find a fix for really bad header: Subject: make money fast ) than abort spam
#
# -- local-4.4 has these problems w/ check_local-4.4 turned on
#	Unknown ruleset RelayAuth
#	H:planet.fef.com><... Unbalanced '>
#
#
# 10-May-02 amo Enabled anti-spam features, added Tmajordom, delay_checks(check_rcpt)
# 12-May-02 amo Added check-local-5 from http://www.digitalanswers.org/check_local
# 17-May-02 amo Fixed check-local-5 by enabling all m4 macros, and args for check_localpart
# 24-May-02 amo Added rfc-ignorant.org, quanta.m4, compat_check, authinfo,   ( access_db not being accessed it seems )
#
#
# Copyright (c) 1998, 1999 Sendmail, Inc. and its suppliers.
#	All rights reserved.
# Copyright (c) 1983 Eric P. Allman.  All rights reserved.
# Copyright (c) 1988, 1993
#	The Regents of the University of California.  All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
# the sendmail distribution.
#
#
#
#  This is a generic configuration file for Linux.
#  It has support for local and SMTP mail only.  If you want to
#  customize it, copy it to a name appropriate for your environment
#  and do the modifications there.
#
# 
#
divert(0)dnl
VERSIONID(`$Id: 08-May-02 amo Modified sendmail-8.12.3 Exp $')
OSTYPE(linux)dnl
DOMAIN(generic)dnl
FEATURE(`use_cw_file')
FEATURE(`redirect')
FEATURE(`always_add_domain')
dnl define(`LOCAL_MAILER_PATH', `/usr/bin/procmail')dnl
FEATURE(`local_procmail')
FEATURE(`domaintable')
FEATURE(`genericstable')
FEATURE(`virtusertable')
FEATURE(`smrsh')
dnl
dnl -- manually fix Kaccess 
dnl FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
FEATURE(`access_db')
dnl
dnl turn on in 8.12.3 ... mailertable, blacklist, delay_cheks, lookupdotdomain
FEATURE(`mailertable')
FEATURE(`blacklist_recipients')
FEATURE(`delay_checks')
FEATURE(`lookupdotdomain')
dnl
FEATURE(`compat_check')
FEATURE(`authinfo')
dnl
dnl ---------------------------
dnl check_local global options
dnl 	http://www.sendmail.org/~ca/email/chk-opt.html -- options
dnl ---------------------------
dnl
dnl -- no effect in 8.12.3 ( option already turned on )
dnl -- define(`_MD2NAME_')
dnl -- define(`_CHECK_REGEX_')
dnl -- define(`_CLIENT_MUST_RESOLVE_')dnl
dnl -- define(`_CHECK_ALL_RCPTS_')
dnl -- define(`_CHECK_RCPT_USER_')
dnl -- define(`_CHECK_FULL_FROM_')
dnl -- define(`_CHECK_IP_IN_MAIL_')
dnl -- define(`_CHECK_LOCALADDR_')
dnl -- define(`_CHECK_LOCALPART_')
dnl -- define(`_CHECK_LOCALSUBDOMAINS_')
dnl -- define(`_CHECK_LOCALUSER_')
dnl -- define(`_CHECK_MAIL_IN_RCPT_')
dnl -- define(`_CHECK_DNSVALID_')
dnl -- define(`_IP_LOOKUP_')
dnl
dnl
define(`_QUIET_FREEWARE_')dnl
dnl
define(`confREJECT_MSG',`552 Spammer $&{client_addr} $&f Rejected by PostMaster@$j - check_mail or check_relay trap ')dnl
dnl
define(`confCF_VERSION', `check_local-5')dnl
define(`confSMTP_LOGIN_MSG', ``$j Sendmail 1.0/1.0; $b'')
dnl
dnl   (`confPRIVACY_FLAGS', `authwarnings noexpn novrfy needmailhelo')
define(`confPRIVACY_FLAGS', `authwarnings noexpn novrfy needmailhelo needexpnhelo needvrfyhelo noreceipts ')
define(`confTO_IDENT',`0')
dnl 0s
dnl
dnl define Trusted user ( Tmajordom ) for majordomo and for majordomo files
dnl
dnl define(`ALIAS_FILE',`/etc/mail/aliases, /usr/local/majordomo/majordomo.aliases') 
define(`confTRUSTED_USERS',`majordom')
dnl
dnl
dnl ------------------------
dnl --- Spam Filter Stuff --
dnl ------------------------
dnl
dnl  friend should have one entry for postmaster
FEATURE(`delay_checks', `friend')
dnl
dnl List all the spammers here ??
dnl FEATURE(`delay_checks', `hater')
dnl
dnl
HACK(`check_localpart', `reg_no_nums', `no_num_domains', `REGNONUM')dnl
dnl
dnl
dnl - duplicate HACK(`check_rhsbl')dnl
dnl - duplicate HACK(`check_rhsbl_end')dnl
dnl
dnl
dnl
dnl defaults to blackholes.mail-abuse.org
dnl FEATURE(`dnsbl')
dnl FEATURE(`enhdnsbl')
dnl
dnl
dnl **
dnl ** turn on some MAPS/RBL options **
dnl **
dnl
dnl - FEATURE(dnsbl, `blackholes.mail-abuse.org',` Mail from $&{client_addr} rejected by http://mail-abuse.org/rbl')
dnl - FEATURE(dnsbl, `relays.mail-abuse.org',` Mail from $&{client_addr} rejected by http://mail-abuse.org/rss')
dnl - FEATURE(dnsbl, `dialups.mail-abuse.org',` Mail from $&{client_addr} rejected by http://mail-abuse.org/dul')
dnl
dnl
dnl -- noticeably slows down sending of email if its checking the RBLs
dnl
HACK(`check_dnsbl')dnl
dnl
FEATURE(`enhdnsbl')
FEATURE(`enhdnsbl', `or.orbl.org', `Spammer $&{client_addr} $&f rejected: see http://www.orbl.org/ (ORBL)')
FEATURE(`enhdnsbl', `relays.ordb.org', `Spammer $&{client_addr} $&f rejected: see http://ordb.org/ (relays)')
FEATURE(`enhdnsbl', `spamsites.relays.osirusoft.com', `Spammer $&{client_addr} $&f rejected by http://relays.osirusoft.com/ (spamsites)')
FEATURE(`enhdnsbl', `spamhaus.relays.osirusoft.com', `Spammer $&{client_addr} $&f rejected by http://relays.osirusoft.com/ (spamhaus)')
FEATURE(`enhdnsbl', `spews.relays.osirusoft.com', `Spammer $&{client_addr} $&f rejected by http://relays.osirusoft.com/ (spews)')
HACK(`check_dnsbl_end')dnl
dnl
dnl
dnl http://www.rfc-ignorant.org/how_to_domain.html  - use dnsbl instead of rhsbl
dnl
FEATURE(enhdnsbl,`dsn.rfc-ignorant.org',`550 Spammer $&{client_addr} $&f rejected because you violate RFC 821/2505/2821')
FEATURE(enhdnsbl,`postmaster.rfc-ignorant.org',`550 Spammer $&{client_addr} $&f rejected because your domain does not have a working PostMaster')
dnl
dnl
dnl check_local definition of headerchecks ( option already turned on )
dnl -- no effect in 8.12.3
dnl -- define(_HC_SWITCH_)
dnl -- define(`_REGEX_LOCALNUMS_')dnl
dnl -- define(`_CHECK_HEADER_RECEIVED_')dnl
dnl -- define(`_CHECK_HEADER_FROM_')dnl
dnl -- define(`_CHECK_MESSAGE_ID_')dnl
dnl
HACK(check_header, `Received', `HRC,,,HRCCNT', `', `parse_received', `+header', `!general', `', `1', `', `"552 Spammer $&{client_addr} $&f rejected - Bad Received"')dnl
HACK(check_header, `Message-Id', `HMI,HMIPARSE,HMIDNS,HMICNT', `test_message_id', `parse_message_id', `+header', `!general', `dns_message_id', `1', `1', `"552 spmmer $&{client_addr} $&f rejected - Message Id corrupt"')dnl
HACK(check_header, `From', `HFR', `', `parse_address', `+header', `+all', `', `', `', `"552 Spammer $&{client_addr} $&f rejected - bad From"')dnl
HACK(check_header, `To', `HFR', `', `parse_address', `+header', `+all', `', `', `', `"552 Spammer $&{client_addr} $&f rejected - bad To"')dnl
HACK(check_header, `Reply-To', `HFR', `', `parse_address', `+header', `+all', `', `', `', `"552 Spammer $&{client_addr} $&f rejected - Bad Reply-To"')dnl
HACK(check_header, `Sender', `HFR', `', `parse_address', `+header', `+all', `', `', `', `"552 Spammer $&{client_addr} $&f rejected - Bad Sender"')dnl
HACK(check_header, `Cc', `HFR', `', `parse_address', `+header', `+all', `', `', `', `"552 Spammer $&{client_addr} $&f rejected - Bad Cc"')dnl
HACK(check_header_end, `XSPAM')dnl
dnl
dnl
dnl http://quanta.kyunghee.ac.kr/~dacapo/sendmail/rulesets/quanta_spam-killer_REGEX.m4
dnl http://www.Linux-Sec.net/Mail/etc.mail/linux-sec.m4 ( aka header_chk.m4 modified from above quanta )
dnl
HACK(`linux-sec')dnl	# modify quanta.m4 and check more headers
dnl
dnl
HACK(check_unknown_header, `/etc/mail/known-headers')dnl
dnl
dnl
HACK(check_local_patterns)dnl
HACK(check_local_tester)dnl
dnl
dnl
dnl -- take out check_local-5(beta) to prevents the erroneous map error:
dnl --------------------------------------------------------------
dnl	==>
dnl	==>  'rewrite: map <user> not found' problems
dnl	==>
dnl	check_relay _MD2NAME_ _ACCEPT_MAIL_FROM_OK_ Basic_check_mail LookUp DNSbls _REGEX_DIALUP_ _CLIENT_MUST_RESOLVE_ _CHECK_REGEX_ 
dnl HACK(check_local)
dnl HACK(check_local, `CREL,CMD2N,CMFOK,CBASM,CDNSBL,CDREG,CRES', `XSPAM')dnl
dnl
dnl
dnl -- define(`_MD2NAME_')
dnl -- define(`_ACCEPT_MAIL_FROM_OK_')
dnl -- define(`_CLIENT_MUST_RESOLVE_')
dnl -- define(`_CHECK_REGEX_')
dnl dnl
dnl HACK(check_local)
dnl HACK(check_local, `CREL,CMD2N,CMFOK,CBASM,CDNSBL,CDREG,CRES,CMREG,CCRHSBL,CFRHSBL,CBFROM', `XSPAM')
dnl
dnl
dnl Mailers
dnl
MAILER(local)dnl
MAILER(smtp)dnl
dnl
dnl MAILER(uucp)dnl
#
#
# end of file