1 /* $NetBSD: mail_params.h,v 1.13 2015/09/12 08:23:24 tron Exp $ */ 2 3 #ifndef _MAIL_PARAMS_H_INCLUDED_ 4 #define _MAIL_PARAMS_H_INCLUDED_ 5 6 /*++ 7 /* NAME 8 /* mail_params 3h 9 /* SUMMARY 10 /* globally configurable parameters 11 /* SYNOPSIS 12 /* #include <mail_params.h> 13 /* DESCRIPTION 14 /* .nf 15 16 /* 17 * This is to make it easier to auto-generate tables. 18 */ 19 typedef int bool; 20 21 /* 22 * Name used when this mail system announces itself. 23 */ 24 #define VAR_MAIL_NAME "mail_name" 25 #define DEF_MAIL_NAME "Postfix" 26 extern char *var_mail_name; 27 28 /* 29 * You want to be helped or not. 30 */ 31 #define VAR_HELPFUL_WARNINGS "helpful_warnings" 32 #define DEF_HELPFUL_WARNINGS 1 33 extern bool var_helpful_warnings; 34 35 /* 36 * You want to be helped or not. 37 */ 38 #define VAR_SHOW_UNK_RCPT_TABLE "show_user_unknown_table_name" 39 #define DEF_SHOW_UNK_RCPT_TABLE 1 40 extern bool var_show_unk_rcpt_table; 41 42 /* 43 * What problem classes should be reported to the postmaster via email. 44 * Default is bad problems only. See mail_error(3). Even when mail notices 45 * are disabled, problems are still logged to the syslog daemon. 46 * 47 * Do not add "protocol" to the default setting. It gives Postfix a bad 48 * reputation: people get mail whenever spam software makes a mistake. 49 */ 50 #define VAR_NOTIFY_CLASSES "notify_classes" 51 #define DEF_NOTIFY_CLASSES "resource, software" /* Not: "protocol" */ 52 extern char *var_notify_classes; 53 54 /* 55 * What do I turn <> into? Sendmail defaults to mailer-daemon. 56 */ 57 #define VAR_EMPTY_ADDR "empty_address_recipient" 58 #define DEF_EMPTY_ADDR MAIL_ADDR_MAIL_DAEMON 59 extern char *var_empty_addr; 60 61 /* 62 * Privileges used by the mail system: the owner of files and commands, and 63 * the rights to be used when running external commands. 64 */ 65 #define VAR_MAIL_OWNER "mail_owner" 66 #define DEF_MAIL_OWNER "postfix" 67 extern char *var_mail_owner; 68 extern uid_t var_owner_uid; 69 extern gid_t var_owner_gid; 70 71 #define VAR_SGID_GROUP "setgid_group" 72 #define DEF_SGID_GROUP "maildrop" 73 extern char *var_sgid_group; 74 extern gid_t var_sgid_gid; 75 76 #define VAR_DEFAULT_PRIVS "default_privs" 77 #define DEF_DEFAULT_PRIVS "nobody" 78 extern char *var_default_privs; 79 extern uid_t var_default_uid; 80 extern gid_t var_default_gid; 81 82 /* 83 * Access control for local privileged operations: 84 */ 85 #define STATIC_ANYONE_ACL "static:anyone" 86 87 #define VAR_FLUSH_ACL "authorized_flush_users" 88 #define DEF_FLUSH_ACL STATIC_ANYONE_ACL 89 extern char *var_flush_acl; 90 91 #define VAR_SHOWQ_ACL "authorized_mailq_users" 92 #define DEF_SHOWQ_ACL STATIC_ANYONE_ACL 93 extern char *var_showq_acl; 94 95 #define VAR_SUBMIT_ACL "authorized_submit_users" 96 #define DEF_SUBMIT_ACL STATIC_ANYONE_ACL 97 extern char *var_submit_acl; 98 99 /* 100 * What goes on the right-hand side of addresses of mail sent from this 101 * machine. 102 */ 103 #define VAR_MYORIGIN "myorigin" 104 #define DEF_MYORIGIN "$myhostname" 105 extern char *var_myorigin; 106 107 /* 108 * What domains I will receive mail for. Not to be confused with transit 109 * mail to other destinations. 110 */ 111 #define VAR_MYDEST "mydestination" 112 #define DEF_MYDEST "$myhostname, localhost.$mydomain, localhost" 113 extern char *var_mydest; 114 115 /* 116 * These are by default taken from the name service. 117 */ 118 #define VAR_MYHOSTNAME "myhostname" /* my hostname (fqdn) */ 119 extern char *var_myhostname; 120 121 #define VAR_MYDOMAIN "mydomain" /* my domain name */ 122 #define DEF_MYDOMAIN "localdomain" 123 extern char *var_mydomain; 124 125 /* 126 * The default local delivery transport. 127 */ 128 #define VAR_LOCAL_TRANSPORT "local_transport" 129 #define DEF_LOCAL_TRANSPORT MAIL_SERVICE_LOCAL ":$myhostname" 130 extern char *var_local_transport; 131 132 /* 133 * Where to send postmaster copies of bounced mail, and other notices. 134 */ 135 #define VAR_BOUNCE_RCPT "bounce_notice_recipient" 136 #define DEF_BOUNCE_RCPT "postmaster" 137 extern char *var_bounce_rcpt; 138 139 #define VAR_2BOUNCE_RCPT "2bounce_notice_recipient" 140 #define DEF_2BOUNCE_RCPT "postmaster" 141 extern char *var_2bounce_rcpt; 142 143 #define VAR_DELAY_RCPT "delay_notice_recipient" 144 #define DEF_DELAY_RCPT "postmaster" 145 extern char *var_delay_rcpt; 146 147 #define VAR_ERROR_RCPT "error_notice_recipient" 148 #define DEF_ERROR_RCPT "postmaster" 149 extern char *var_error_rcpt; 150 151 /* 152 * Virtual host support. Default is to listen on all machine interfaces. 153 */ 154 #define VAR_INET_INTERFACES "inet_interfaces" /* listen addresses */ 155 #define INET_INTERFACES_ALL "all" 156 #define INET_INTERFACES_LOCAL "loopback-only" 157 #define DEF_INET_INTERFACES INET_INTERFACES_ALL 158 extern char *var_inet_interfaces; 159 160 #define VAR_PROXY_INTERFACES "proxy_interfaces" /* proxies, NATs */ 161 #define DEF_PROXY_INTERFACES "" 162 extern char *var_proxy_interfaces; 163 164 /* 165 * Masquerading (i.e. subdomain stripping). 166 */ 167 #define VAR_MASQ_DOMAINS "masquerade_domains" 168 #define DEF_MASQ_DOMAINS "" 169 extern char *var_masq_domains; 170 171 #define VAR_MASQ_EXCEPTIONS "masquerade_exceptions" 172 #define DEF_MASQ_EXCEPTIONS "" 173 extern char *var_masq_exceptions; 174 175 #define MASQ_CLASS_ENV_FROM "envelope_sender" 176 #define MASQ_CLASS_ENV_RCPT "envelope_recipient" 177 #define MASQ_CLASS_HDR_FROM "header_sender" 178 #define MASQ_CLASS_HDR_RCPT "header_recipient" 179 180 #define VAR_MASQ_CLASSES "masquerade_classes" 181 #define DEF_MASQ_CLASSES MASQ_CLASS_ENV_FROM ", " \ 182 MASQ_CLASS_HDR_FROM ", " \ 183 MASQ_CLASS_HDR_RCPT 184 extern char *var_masq_classes; 185 186 /* 187 * Intranet versus internet. 188 */ 189 #define VAR_RELAYHOST "relayhost" 190 #define DEF_RELAYHOST "" 191 extern char *var_relayhost; 192 193 #define VAR_SND_RELAY_MAPS "sender_dependent_relayhost_maps" 194 #define DEF_SND_RELAY_MAPS "" 195 extern char *var_snd_relay_maps; 196 197 #define VAR_NULL_RELAY_MAPS_KEY "empty_address_relayhost_maps_lookup_key" 198 #define DEF_NULL_RELAY_MAPS_KEY "<>" 199 extern char *var_null_relay_maps_key; 200 201 #define VAR_SMTP_FALLBACK "smtp_fallback_relay" 202 #define DEF_SMTP_FALLBACK "$fallback_relay" 203 #define VAR_LMTP_FALLBACK "smtp_fallback_relay" 204 #define DEF_FALLBACK_RELAY "" 205 extern char *var_fallback_relay; 206 207 #define VAR_DISABLE_DNS "disable_dns_lookups" 208 #define DEF_DISABLE_DNS 0 209 extern bool var_disable_dns; 210 211 #define SMTP_DNS_SUPPORT_DISABLED "disabled" 212 #define SMTP_DNS_SUPPORT_ENABLED "enabled" 213 #define SMTP_DNS_SUPPORT_DNSSEC "dnssec" 214 215 #define VAR_SMTP_DNS_SUPPORT "smtp_dns_support_level" 216 #define DEF_SMTP_DNS_SUPPORT "" 217 #define VAR_LMTP_DNS_SUPPORT "lmtp_dns_support_level" 218 #define DEF_LMTP_DNS_SUPPORT "" 219 extern char *var_smtp_dns_support; 220 221 #define SMTP_HOST_LOOKUP_DNS "dns" 222 #define SMTP_HOST_LOOKUP_NATIVE "native" 223 224 #define VAR_SMTP_HOST_LOOKUP "smtp_host_lookup" 225 #define DEF_SMTP_HOST_LOOKUP SMTP_HOST_LOOKUP_DNS 226 #define VAR_LMTP_HOST_LOOKUP "lmtp_host_lookup" 227 #define DEF_LMTP_HOST_LOOKUP SMTP_HOST_LOOKUP_DNS 228 extern char *var_smtp_host_lookup; 229 230 #define SMTP_DNS_RES_OPT_DEFNAMES "res_defnames" 231 #define SMTP_DNS_RES_OPT_DNSRCH "res_dnsrch" 232 233 #define VAR_SMTP_DNS_RES_OPT "smtp_dns_resolver_options" 234 #define DEF_SMTP_DNS_RES_OPT "" 235 #define VAR_LMTP_DNS_RES_OPT "lmtp_dns_resolver_options" 236 #define DEF_LMTP_DNS_RES_OPT "" 237 extern char *var_smtp_dns_res_opt; 238 239 #define VAR_SMTP_MXADDR_LIMIT "smtp_mx_address_limit" 240 #define DEF_SMTP_MXADDR_LIMIT 5 241 #define VAR_LMTP_MXADDR_LIMIT "lmtp_mx_address_limit" 242 #define DEF_LMTP_MXADDR_LIMIT 5 243 extern int var_smtp_mxaddr_limit; 244 245 #define VAR_SMTP_MXSESS_LIMIT "smtp_mx_session_limit" 246 #define DEF_SMTP_MXSESS_LIMIT 2 247 #define VAR_LMTP_MXSESS_LIMIT "lmtp_mx_session_limit" 248 #define DEF_LMTP_MXSESS_LIMIT 2 249 extern int var_smtp_mxsess_limit; 250 251 /* 252 * Location of the mail queue directory tree. 253 */ 254 #define VAR_QUEUE_DIR "queue_directory" 255 #ifndef DEF_QUEUE_DIR 256 #define DEF_QUEUE_DIR "/var/spool/postfix" 257 #endif 258 extern char *var_queue_dir; 259 260 /* 261 * Location of command and daemon programs. 262 */ 263 #define VAR_DAEMON_DIR "daemon_directory" 264 #ifndef DEF_DAEMON_DIR 265 #define DEF_DAEMON_DIR "/usr/libexec/postfix" 266 #endif 267 extern char *var_daemon_dir; 268 269 #define VAR_COMMAND_DIR "command_directory" 270 #ifndef DEF_COMMAND_DIR 271 #define DEF_COMMAND_DIR "/usr/sbin" 272 #endif 273 extern char *var_command_dir; 274 275 /* 276 * Location of PID files. 277 */ 278 #define VAR_PID_DIR "process_id_directory" 279 #ifndef DEF_PID_DIR 280 #define DEF_PID_DIR "pid" 281 #endif 282 extern char *var_pid_dir; 283 284 /* 285 * Location of writable data files. 286 */ 287 #define VAR_DATA_DIR "data_directory" 288 #ifndef DEF_DATA_DIR 289 #define DEF_DATA_DIR "/var/db/postfix" 290 #endif 291 extern char *var_data_dir; 292 293 /* 294 * Program startup time. 295 */ 296 extern time_t var_starttime; 297 298 /* 299 * Location of configuration files. 300 */ 301 #define VAR_CONFIG_DIR "config_directory" 302 #ifndef DEF_CONFIG_DIR 303 #define DEF_CONFIG_DIR "/etc/postfix" 304 #endif 305 extern char *var_config_dir; 306 307 #define VAR_CONFIG_DIRS "alternate_config_directories" 308 #define DEF_CONFIG_DIRS "" 309 extern char *var_config_dirs; 310 311 #define MAIN_CONF_FILE "main.cf" 312 #define MASTER_CONF_FILE "master.cf" 313 314 /* 315 * Preferred type of indexed files. The DEF_DB_TYPE macro value is system 316 * dependent. It is defined in <sys_defs.h>. 317 */ 318 #define VAR_DB_TYPE "default_database_type" 319 extern char *var_db_type; 320 321 /* 322 * What syslog facility to use. Unfortunately, something may have to be 323 * logged before parameters are read from the main.cf file. This logging 324 * will go the LOG_FACILITY facility specified below. 325 */ 326 #define VAR_SYSLOG_FACILITY "syslog_facility" 327 extern char *var_syslog_facility; 328 329 #ifndef DEF_SYSLOG_FACILITY 330 #define DEF_SYSLOG_FACILITY "mail" 331 #endif 332 333 #ifndef LOG_FACILITY 334 #define LOG_FACILITY LOG_MAIL 335 #endif 336 337 /* 338 * Big brother: who receives a blank-carbon copy of all mail that enters 339 * this mail system. 340 */ 341 #define VAR_ALWAYS_BCC "always_bcc" 342 #define DEF_ALWAYS_BCC "" 343 extern char *var_always_bcc; 344 345 /* 346 * What to put in the To: header when no recipients were disclosed. 347 * 348 * XXX 2822: When no recipient headers remain, a system should insert a Bcc: 349 * header without additional information. That is not so great given that 350 * MTAs routinely strip Bcc: headers from message headers. 351 */ 352 #define VAR_RCPT_WITHELD "undisclosed_recipients_header" 353 #define DEF_RCPT_WITHELD "" 354 extern char *var_rcpt_witheld; 355 356 /* 357 * Add missing headers. Postfix 2.6 no longer adds headers to remote mail by 358 * default. 359 */ 360 #define VAR_ALWAYS_ADD_HDRS "always_add_missing_headers" 361 #define DEF_ALWAYS_ADD_HDRS 0 362 extern bool var_always_add_hdrs; 363 364 /* 365 * Standards violation: allow/permit RFC 822-style addresses in SMTP 366 * commands. 367 */ 368 #define VAR_STRICT_RFC821_ENV "strict_rfc821_envelopes" 369 #define DEF_STRICT_RFC821_ENV 0 370 extern bool var_strict_rfc821_env; 371 372 /* 373 * Standards violation: send "250 AUTH=list" in order to accomodate clients 374 * that implement an old version of the protocol. 375 */ 376 #define VAR_BROKEN_AUTH_CLNTS "broken_sasl_auth_clients" 377 #define DEF_BROKEN_AUTH_CLNTS 0 378 extern bool var_broken_auth_clients; 379 380 /* 381 * Standards violation: disable VRFY. 382 */ 383 #define VAR_DISABLE_VRFY_CMD "disable_vrfy_command" 384 #define DEF_DISABLE_VRFY_CMD 0 385 extern bool var_disable_vrfy_cmd; 386 387 /* 388 * trivial rewrite/resolve service: mapping tables. 389 */ 390 #define VAR_VIRT_ALIAS_MAPS "virtual_alias_maps" 391 #define DEF_VIRT_ALIAS_MAPS "$virtual_maps" /* Compatibility! */ 392 extern char *var_virt_alias_maps; 393 394 #define VAR_VIRT_ALIAS_DOMS "virtual_alias_domains" 395 #define DEF_VIRT_ALIAS_DOMS "$virtual_alias_maps" 396 extern char *var_virt_alias_doms; 397 398 #define VAR_VIRT_ALIAS_CODE "unknown_virtual_alias_reject_code" 399 #define DEF_VIRT_ALIAS_CODE 550 400 extern int var_virt_alias_code; 401 402 #define VAR_CANONICAL_MAPS "canonical_maps" 403 #define DEF_CANONICAL_MAPS "" 404 extern char *var_canonical_maps; 405 406 #define VAR_SEND_CANON_MAPS "sender_canonical_maps" 407 #define DEF_SEND_CANON_MAPS "" 408 extern char *var_send_canon_maps; 409 410 #define VAR_RCPT_CANON_MAPS "recipient_canonical_maps" 411 #define DEF_RCPT_CANON_MAPS "" 412 extern char *var_rcpt_canon_maps; 413 414 #define CANON_CLASS_ENV_FROM "envelope_sender" 415 #define CANON_CLASS_ENV_RCPT "envelope_recipient" 416 #define CANON_CLASS_HDR_FROM "header_sender" 417 #define CANON_CLASS_HDR_RCPT "header_recipient" 418 419 #define VAR_CANON_CLASSES "canonical_classes" 420 #define DEF_CANON_CLASSES CANON_CLASS_ENV_FROM ", " \ 421 CANON_CLASS_ENV_RCPT ", " \ 422 CANON_CLASS_HDR_FROM ", " \ 423 CANON_CLASS_HDR_RCPT 424 extern char *var_canon_classes; 425 426 #define VAR_SEND_CANON_CLASSES "sender_canonical_classes" 427 #define DEF_SEND_CANON_CLASSES CANON_CLASS_ENV_FROM ", " \ 428 CANON_CLASS_HDR_FROM 429 extern char *var_send_canon_classes; 430 431 #define VAR_RCPT_CANON_CLASSES "recipient_canonical_classes" 432 #define DEF_RCPT_CANON_CLASSES CANON_CLASS_ENV_RCPT ", " \ 433 CANON_CLASS_HDR_RCPT 434 extern char *var_rcpt_canon_classes; 435 436 #define VAR_SEND_BCC_MAPS "sender_bcc_maps" 437 #define DEF_SEND_BCC_MAPS "" 438 extern char *var_send_bcc_maps; 439 440 #define VAR_RCPT_BCC_MAPS "recipient_bcc_maps" 441 #define DEF_RCPT_BCC_MAPS "" 442 extern char *var_rcpt_bcc_maps; 443 444 #define VAR_TRANSPORT_MAPS "transport_maps" 445 #define DEF_TRANSPORT_MAPS "" 446 extern char *var_transport_maps; 447 448 #define VAR_DEF_TRANSPORT "default_transport" 449 #define DEF_DEF_TRANSPORT MAIL_SERVICE_SMTP 450 extern char *var_def_transport; 451 452 #define VAR_SND_DEF_XPORT_MAPS "sender_dependent_" VAR_DEF_TRANSPORT "_maps" 453 #define DEF_SND_DEF_XPORT_MAPS "" 454 extern char *var_snd_def_xport_maps; 455 456 #define VAR_NULL_DEF_XPORT_MAPS_KEY "empty_address_" VAR_DEF_TRANSPORT "_maps_lookup_key" 457 #define DEF_NULL_DEF_XPORT_MAPS_KEY "<>" 458 extern char *var_null_def_xport_maps_key; 459 460 /* 461 * trivial rewrite/resolve service: rewriting controls. 462 */ 463 #define VAR_SWAP_BANGPATH "swap_bangpath" 464 #define DEF_SWAP_BANGPATH 1 465 extern bool var_swap_bangpath; 466 467 #define VAR_APP_AT_MYORIGIN "append_at_myorigin" 468 #define DEF_APP_AT_MYORIGIN 1 469 extern bool var_append_at_myorigin; 470 471 #define VAR_APP_DOT_MYDOMAIN "append_dot_mydomain" 472 #define DEF_APP_DOT_MYDOMAIN 1 473 extern bool var_append_dot_mydomain; 474 475 #define VAR_PERCENT_HACK "allow_percent_hack" 476 #define DEF_PERCENT_HACK 1 477 extern bool var_percent_hack; 478 479 /* 480 * Local delivery: alias databases. 481 */ 482 #define VAR_ALIAS_MAPS "alias_maps" 483 #ifdef HAS_NIS 484 #define DEF_ALIAS_MAPS ALIAS_DB_MAP ", nis:mail.aliases" 485 #else 486 #define DEF_ALIAS_MAPS ALIAS_DB_MAP 487 #endif 488 extern char *var_alias_maps; 489 490 /* 491 * Local delivery: to BIFF or not to BIFF. 492 */ 493 #define VAR_BIFF "biff" 494 #define DEF_BIFF 1 495 extern bool var_biff; 496 497 /* 498 * Local delivery: mail to files/commands. 499 */ 500 #define VAR_ALLOW_COMMANDS "allow_mail_to_commands" 501 #define DEF_ALLOW_COMMANDS "alias, forward" 502 extern char *var_allow_commands; 503 504 #define VAR_COMMAND_MAXTIME "command_time_limit" 505 #define _MAXTIME "_time_limit" 506 #define DEF_COMMAND_MAXTIME "1000s" 507 extern int var_command_maxtime; 508 509 #define VAR_ALLOW_FILES "allow_mail_to_files" 510 #define DEF_ALLOW_FILES "alias, forward" 511 extern char *var_allow_files; 512 513 #define VAR_LOCAL_CMD_SHELL "local_command_shell" 514 #define DEF_LOCAL_CMD_SHELL "" 515 extern char *var_local_cmd_shell; 516 517 #define VAR_ALIAS_DB_MAP "alias_database" 518 #define DEF_ALIAS_DB_MAP ALIAS_DB_MAP /* sys_defs.h */ 519 extern char *var_alias_db_map; 520 521 #define VAR_LUSER_RELAY "luser_relay" 522 #define DEF_LUSER_RELAY "" 523 extern char *var_luser_relay; 524 525 /* 526 * Local delivery: mailbox delivery. 527 */ 528 #define VAR_MAIL_SPOOL_DIR "mail_spool_directory" 529 #define DEF_MAIL_SPOOL_DIR _PATH_MAILDIR 530 extern char *var_mail_spool_dir; 531 532 #define VAR_HOME_MAILBOX "home_mailbox" 533 #define DEF_HOME_MAILBOX "" 534 extern char *var_home_mailbox; 535 536 #define VAR_MAILBOX_COMMAND "mailbox_command" 537 #define DEF_MAILBOX_COMMAND "" 538 extern char *var_mailbox_command; 539 540 #define VAR_MAILBOX_CMD_MAPS "mailbox_command_maps" 541 #define DEF_MAILBOX_CMD_MAPS "" 542 extern char *var_mailbox_cmd_maps; 543 544 #define VAR_MAILBOX_TRANSP "mailbox_transport" 545 #define DEF_MAILBOX_TRANSP "" 546 extern char *var_mailbox_transport; 547 548 #define VAR_MBOX_TRANSP_MAPS "mailbox_transport_maps" 549 #define DEF_MBOX_TRANSP_MAPS "" 550 extern char *var_mbox_transp_maps; 551 552 #define VAR_FALLBACK_TRANSP "fallback_transport" 553 #define DEF_FALLBACK_TRANSP "" 554 extern char *var_fallback_transport; 555 556 #define VAR_FBCK_TRANSP_MAPS "fallback_transport_maps" 557 #define DEF_FBCK_TRANSP_MAPS "" 558 extern char *var_fbck_transp_maps; 559 560 /* 561 * Local delivery: path to per-user forwarding file. 562 */ 563 #define VAR_FORWARD_PATH "forward_path" 564 #define DEF_FORWARD_PATH "$home/.forward${recipient_delimiter}${extension}, $home/.forward" 565 extern char *var_forward_path; 566 567 /* 568 * Local delivery: external command execution directory. 569 */ 570 #define VAR_EXEC_DIRECTORY "command_execution_directory" 571 #define DEF_EXEC_DIRECTORY "" 572 extern char *var_exec_directory; 573 574 #define VAR_EXEC_EXP_FILTER "execution_directory_expansion_filter" 575 #define DEF_EXEC_EXP_FILTER "1234567890!@%-_=+:,./\ 576 abcdefghijklmnopqrstuvwxyz\ 577 ABCDEFGHIJKLMNOPQRSTUVWXYZ" 578 extern char *var_exec_exp_filter; 579 580 /* 581 * Mailbox locking. DEF_MAILBOX_LOCK is defined in sys_defs.h. 582 */ 583 #define VAR_MAILBOX_LOCK "mailbox_delivery_lock" 584 extern char *var_mailbox_lock; 585 586 /* 587 * Mailbox size limit. This used to be enforced as a side effect of the way 588 * the message size limit is implemented, but that is not clean. 589 */ 590 #define VAR_MAILBOX_LIMIT "mailbox_size_limit" 591 #define DEF_MAILBOX_LIMIT (DEF_MESSAGE_LIMIT * 5) 592 extern long var_mailbox_limit; 593 594 /* 595 * Miscellaneous. 596 */ 597 #define VAR_PROP_EXTENSION "propagate_unmatched_extensions" 598 #define DEF_PROP_EXTENSION "canonical, virtual" 599 extern char *var_prop_extension; 600 601 #define VAR_RCPT_DELIM "recipient_delimiter" 602 #define DEF_RCPT_DELIM "" 603 extern char *var_rcpt_delim; 604 605 #define VAR_CMD_EXP_FILTER "command_expansion_filter" 606 #define DEF_CMD_EXP_FILTER "1234567890!@%-_=+:,./\ 607 abcdefghijklmnopqrstuvwxyz\ 608 ABCDEFGHIJKLMNOPQRSTUVWXYZ" 609 extern char *var_cmd_exp_filter; 610 611 #define VAR_FWD_EXP_FILTER "forward_expansion_filter" 612 #define DEF_FWD_EXP_FILTER "1234567890!@%-_=+:,./\ 613 abcdefghijklmnopqrstuvwxyz\ 614 ABCDEFGHIJKLMNOPQRSTUVWXYZ" 615 extern char *var_fwd_exp_filter; 616 617 #define VAR_DELIVER_HDR "prepend_delivered_header" 618 #define DEF_DELIVER_HDR "command, file, forward" 619 extern char *var_deliver_hdr; 620 621 /* 622 * Cleanup: enable support for X-Original-To message headers, which are 623 * needed for multi-recipient mailboxes. When this is turned on, perform 624 * duplicate elimination on (original rcpt, rewritten rcpt) pairs, and 625 * generating non-empty original recipient records in the queue file. 626 */ 627 #define VAR_ENABLE_ORCPT "enable_original_recipient" 628 #define DEF_ENABLE_ORCPT 1 629 extern bool var_enable_orcpt; 630 631 #define VAR_EXP_OWN_ALIAS "expand_owner_alias" 632 #define DEF_EXP_OWN_ALIAS 0 633 extern bool var_exp_own_alias; 634 635 #define VAR_STAT_HOME_DIR "require_home_directory" 636 #define DEF_STAT_HOME_DIR 0 637 extern bool var_stat_home_dir; 638 639 /* 640 * Cleanup server: maximal size of the duplicate expansion filter. By 641 * default, we do graceful degradation with huge mailing lists. 642 */ 643 #define VAR_DUP_FILTER_LIMIT "duplicate_filter_limit" 644 #define DEF_DUP_FILTER_LIMIT 1000 645 extern int var_dup_filter_limit; 646 647 /* 648 * Transport Layer Security (TLS) protocol support. 649 */ 650 #define VAR_TLS_MGR_SERVICE "tlsmgr_service_name" 651 #define DEF_TLS_MGR_SERVICE "tlsmgr" 652 extern char *var_tls_mgr_service; 653 654 #define VAR_TLS_APPEND_DEF_CA "tls_append_default_CA" 655 #define DEF_TLS_APPEND_DEF_CA 0 /* Postfix < 2.8 BC break */ 656 extern bool var_tls_append_def_CA; 657 658 #define VAR_TLS_RAND_EXCH_NAME "tls_random_exchange_name" 659 #define DEF_TLS_RAND_EXCH_NAME "${data_directory}/prng_exch" 660 extern char *var_tls_rand_exch_name; 661 662 #define VAR_TLS_RAND_SOURCE "tls_random_source" 663 #ifdef PREFERRED_RAND_SOURCE 664 #define DEF_TLS_RAND_SOURCE PREFERRED_RAND_SOURCE 665 #else 666 #define DEF_TLS_RAND_SOURCE "" 667 #endif 668 extern char *var_tls_rand_source; 669 670 #define VAR_TLS_RAND_BYTES "tls_random_bytes" 671 #define DEF_TLS_RAND_BYTES 32 672 extern int var_tls_rand_bytes; 673 674 #define VAR_TLS_DAEMON_RAND_BYTES "tls_daemon_random_bytes" 675 #define DEF_TLS_DAEMON_RAND_BYTES 32 676 extern int var_tls_daemon_rand_bytes; 677 678 #define VAR_TLS_RESEED_PERIOD "tls_random_reseed_period" 679 #define DEF_TLS_RESEED_PERIOD "3600s" 680 extern int var_tls_reseed_period; 681 682 #define VAR_TLS_PRNG_UPD_PERIOD "tls_random_prng_update_period" 683 #define DEF_TLS_PRNG_UPD_PERIOD "3600s" 684 extern int var_tls_prng_upd_period; 685 686 /* 687 * Queue manager: relocated databases. 688 */ 689 #define VAR_RELOCATED_MAPS "relocated_maps" 690 #define DEF_RELOCATED_MAPS "" 691 extern char *var_relocated_maps; 692 693 /* 694 * Queue manager: after each failed attempt the backoff time (how long we 695 * won't try this host in seconds) is doubled until it reaches the maximum. 696 * MAX_QUEUE_TIME limits the amount of time a message may spend in the mail 697 * queue before it is sent back. 698 */ 699 #define VAR_QUEUE_RUN_DELAY "queue_run_delay" 700 #define DEF_QUEUE_RUN_DELAY "300s" 701 702 #define VAR_MIN_BACKOFF_TIME "minimal_backoff_time" 703 #define DEF_MIN_BACKOFF_TIME DEF_QUEUE_RUN_DELAY 704 extern int var_min_backoff_time; 705 706 #define VAR_MAX_BACKOFF_TIME "maximal_backoff_time" 707 #define DEF_MAX_BACKOFF_TIME "4000s" 708 extern int var_max_backoff_time; 709 710 #define VAR_MAX_QUEUE_TIME "maximal_queue_lifetime" 711 #define DEF_MAX_QUEUE_TIME "5d" 712 extern int var_max_queue_time; 713 714 /* 715 * XXX The default can't be $maximal_queue_lifetime, because that panics 716 * when a non-default maximal_queue_lifetime setting contains no time unit. 717 */ 718 #define VAR_DSN_QUEUE_TIME "bounce_queue_lifetime" 719 #define DEF_DSN_QUEUE_TIME "5d" 720 extern int var_dsn_queue_time; 721 722 #define VAR_DELAY_WARN_TIME "delay_warning_time" 723 #define DEF_DELAY_WARN_TIME "0h" 724 extern int var_delay_warn_time; 725 726 /* 727 * Queue manager: various in-core message and recipient limits. 728 */ 729 #define VAR_QMGR_ACT_LIMIT "qmgr_message_active_limit" 730 #define DEF_QMGR_ACT_LIMIT 20000 731 extern int var_qmgr_active_limit; 732 733 #define VAR_QMGR_RCPT_LIMIT "qmgr_message_recipient_limit" 734 #define DEF_QMGR_RCPT_LIMIT 20000 735 extern int var_qmgr_rcpt_limit; 736 737 #define VAR_QMGR_MSG_RCPT_LIMIT "qmgr_message_recipient_minimum" 738 #define DEF_QMGR_MSG_RCPT_LIMIT 10 739 extern int var_qmgr_msg_rcpt_limit; 740 741 #define VAR_XPORT_RCPT_LIMIT "default_recipient_limit" 742 #define _XPORT_RCPT_LIMIT "_recipient_limit" 743 #define DEF_XPORT_RCPT_LIMIT 20000 744 extern int var_xport_rcpt_limit; 745 746 #define VAR_STACK_RCPT_LIMIT "default_extra_recipient_limit" 747 #define _STACK_RCPT_LIMIT "_extra_recipient_limit" 748 #define DEF_STACK_RCPT_LIMIT 1000 749 extern int var_stack_rcpt_limit; 750 751 #define VAR_XPORT_REFILL_LIMIT "default_recipient_refill_limit" 752 #define _XPORT_REFILL_LIMIT "_recipient_refill_limit" 753 #define DEF_XPORT_REFILL_LIMIT 100 754 extern int var_xport_refill_limit; 755 756 #define VAR_XPORT_REFILL_DELAY "default_recipient_refill_delay" 757 #define _XPORT_REFILL_DELAY "_recipient_refill_delay" 758 #define DEF_XPORT_REFILL_DELAY "5s" 759 extern int var_xport_refill_delay; 760 761 /* 762 * Queue manager: default job scheduler parameters. 763 */ 764 #define VAR_DELIVERY_SLOT_COST "default_delivery_slot_cost" 765 #define _DELIVERY_SLOT_COST "_delivery_slot_cost" 766 #define DEF_DELIVERY_SLOT_COST 5 767 extern int var_delivery_slot_cost; 768 769 #define VAR_DELIVERY_SLOT_LOAN "default_delivery_slot_loan" 770 #define _DELIVERY_SLOT_LOAN "_delivery_slot_loan" 771 #define DEF_DELIVERY_SLOT_LOAN 3 772 extern int var_delivery_slot_loan; 773 774 #define VAR_DELIVERY_SLOT_DISCOUNT "default_delivery_slot_discount" 775 #define _DELIVERY_SLOT_DISCOUNT "_delivery_slot_discount" 776 #define DEF_DELIVERY_SLOT_DISCOUNT 50 777 extern int var_delivery_slot_discount; 778 779 #define VAR_MIN_DELIVERY_SLOTS "default_minimum_delivery_slots" 780 #define _MIN_DELIVERY_SLOTS "_minimum_delivery_slots" 781 #define DEF_MIN_DELIVERY_SLOTS 3 782 extern int var_min_delivery_slots; 783 784 #define VAR_QMGR_FUDGE "qmgr_fudge_factor" 785 #define DEF_QMGR_FUDGE 100 786 extern int var_qmgr_fudge; 787 788 /* 789 * Queue manager: default destination concurrency levels. 790 */ 791 #define VAR_INIT_DEST_CON "initial_destination_concurrency" 792 #define _INIT_DEST_CON "_initial_destination_concurrency" 793 #define DEF_INIT_DEST_CON 5 794 extern int var_init_dest_concurrency; 795 796 #define VAR_DEST_CON_LIMIT "default_destination_concurrency_limit" 797 #define _DEST_CON_LIMIT "_destination_concurrency_limit" 798 #define DEF_DEST_CON_LIMIT 20 799 extern int var_dest_con_limit; 800 801 #define VAR_LOCAL_CON_LIMIT "local" _DEST_CON_LIMIT 802 #define DEF_LOCAL_CON_LIMIT 2 803 extern int var_local_con_lim; 804 805 /* 806 * Queue manager: default number of recipients per transaction. 807 */ 808 #define VAR_DEST_RCPT_LIMIT "default_destination_recipient_limit" 809 #define _DEST_RCPT_LIMIT "_destination_recipient_limit" 810 #define DEF_DEST_RCPT_LIMIT 50 811 extern int var_dest_rcpt_limit; 812 813 #define VAR_LOCAL_RCPT_LIMIT "local" _DEST_RCPT_LIMIT /* XXX */ 814 #define DEF_LOCAL_RCPT_LIMIT 1 /* XXX */ 815 extern int var_local_rcpt_lim; 816 817 /* 818 * Queue manager: default delay before retrying a dead transport. 819 */ 820 #define VAR_XPORT_RETRY_TIME "transport_retry_time" 821 #define DEF_XPORT_RETRY_TIME "60s" 822 extern int var_transport_retry_time; 823 824 /* 825 * Queue manager: what transports to defer delivery to. 826 */ 827 #define VAR_DEFER_XPORTS "defer_transports" 828 #define DEF_DEFER_XPORTS "" 829 extern char *var_defer_xports; 830 831 /* 832 * Queue manager: how often to warn that a destination is clogging the 833 * active queue. 834 */ 835 #define VAR_QMGR_CLOG_WARN_TIME "qmgr_clog_warn_time" 836 #define DEF_QMGR_CLOG_WARN_TIME "300s" 837 extern int var_qmgr_clog_warn_time; 838 839 /* 840 * Master: default process count limit per mail subsystem. 841 */ 842 #define VAR_PROC_LIMIT "default_process_limit" 843 #define DEF_PROC_LIMIT 100 844 extern int var_proc_limit; 845 846 /* 847 * Master: default time to wait after service is throttled. 848 */ 849 #define VAR_THROTTLE_TIME "service_throttle_time" 850 #define DEF_THROTTLE_TIME "60s" 851 extern int var_throttle_time; 852 853 /* 854 * Master: what master.cf services are turned off. 855 */ 856 #define VAR_MASTER_DISABLE "master_service_disable" 857 #define DEF_MASTER_DISABLE "" 858 extern char *var_master_disable; 859 860 /* 861 * Any subsystem: default maximum number of clients serviced before a mail 862 * subsystem terminates (except queue manager). 863 */ 864 #define VAR_MAX_USE "max_use" 865 #define DEF_MAX_USE 100 866 extern int var_use_limit; 867 868 /* 869 * Any subsystem: default amount of time a mail subsystem waits for a client 870 * connection (except queue manager). 871 */ 872 #define VAR_MAX_IDLE "max_idle" 873 #define DEF_MAX_IDLE "100s" 874 extern int var_idle_limit; 875 876 /* 877 * Any subsystem: default amount of time a mail subsystem waits for 878 * application events to drain. 879 */ 880 #define VAR_EVENT_DRAIN "application_event_drain_time" 881 #define DEF_EVENT_DRAIN "100s" 882 extern int var_event_drain; 883 884 /* 885 * Any subsystem: default amount of time a mail subsystem keeps an internal 886 * IPC connection before closing it because it is idle for too much time. 887 */ 888 #define VAR_IPC_IDLE "ipc_idle" 889 #define DEF_IPC_IDLE "5s" 890 extern int var_ipc_idle_limit; 891 892 /* 893 * Any subsystem: default amount of time a mail subsystem keeps an internal 894 * IPC connection before closing it because the connection has existed for 895 * too much time. 896 */ 897 #define VAR_IPC_TTL "ipc_ttl" 898 #define DEF_IPC_TTL "1000s" 899 extern int var_ipc_ttl_limit; 900 901 /* 902 * Any front-end subsystem: avoid running out of memory when someone sends 903 * infinitely-long requests or replies. 904 */ 905 #define VAR_LINE_LIMIT "line_length_limit" 906 #define DEF_LINE_LIMIT 2048 907 extern int var_line_limit; 908 909 /* 910 * Specify what SMTP peers need verbose logging. 911 */ 912 #define VAR_DEBUG_PEER_LIST "debug_peer_list" 913 #define DEF_DEBUG_PEER_LIST "" 914 extern char *var_debug_peer_list; 915 916 #define VAR_DEBUG_PEER_LEVEL "debug_peer_level" 917 #define DEF_DEBUG_PEER_LEVEL 2 918 extern int var_debug_peer_level; 919 920 /* 921 * Queue management: what queues are hashed behind a forest of 922 * subdirectories, and how deep the forest is. 923 */ 924 #define VAR_HASH_QUEUE_NAMES "hash_queue_names" 925 #define DEF_HASH_QUEUE_NAMES "deferred, defer" 926 extern char *var_hash_queue_names; 927 928 #define VAR_HASH_QUEUE_DEPTH "hash_queue_depth" 929 #define DEF_HASH_QUEUE_DEPTH 1 930 extern int var_hash_queue_depth; 931 932 /* 933 * Short queue IDs contain the time in microseconds and file inode number. 934 * Long queue IDs also contain the time in seconds. 935 */ 936 #define VAR_LONG_QUEUE_IDS "enable_long_queue_ids" 937 #define DEF_LONG_QUEUE_IDS 0 938 extern bool var_long_queue_ids; 939 940 /* 941 * Multi-protocol support. 942 */ 943 #define INET_PROTO_NAME_IPV4 "ipv4" 944 #define INET_PROTO_NAME_IPV6 "ipv6" 945 #define INET_PROTO_NAME_ALL "all" 946 #define INET_PROTO_NAME_ANY "any" 947 #define VAR_INET_PROTOCOLS "inet_protocols" 948 extern char *var_inet_protocols; 949 950 /* 951 * SMTP client. Timeouts inspired by RFC 1123. The SMTP recipient limit 952 * determines how many recipient addresses the SMTP client sends along with 953 * each message. Unfortunately, some mailers misbehave and disconnect (smap) 954 * when given more recipients than they are willing to handle. 955 * 956 * XXX 2821: A mail system is supposed to use EHLO instead of HELO, and to fall 957 * back to HELO if EHLO is not supported. 958 */ 959 #define VAR_BESTMX_TRANSP "best_mx_transport" 960 #define DEF_BESTMX_TRANSP "" 961 extern char *var_bestmx_transp; 962 963 #define VAR_SMTP_CACHE_CONNT "smtp_connection_cache_time_limit" 964 #define DEF_SMTP_CACHE_CONNT "2s" 965 #define VAR_LMTP_CACHE_CONNT "lmtp_connection_cache_time_limit" 966 #define DEF_LMTP_CACHE_CONNT "2s" 967 extern int var_smtp_cache_conn; 968 969 #define VAR_SMTP_REUSE_COUNT "smtp_connection_reuse_count_limit" 970 #define DEF_SMTP_REUSE_COUNT 0 971 #define VAR_LMTP_REUSE_COUNT "lmtp_connection_reuse_count_limit" 972 #define DEF_LMTP_REUSE_COUNT 0 973 extern int var_smtp_reuse_count; 974 975 #define VAR_SMTP_REUSE_TIME "smtp_connection_reuse_time_limit" 976 #define DEF_SMTP_REUSE_TIME "300s" 977 #define VAR_LMTP_REUSE_TIME "lmtp_connection_reuse_time_limit" 978 #define DEF_LMTP_REUSE_TIME "300s" 979 extern int var_smtp_reuse_time; 980 981 #define VAR_SMTP_CACHE_DEST "smtp_connection_cache_destinations" 982 #define DEF_SMTP_CACHE_DEST "" 983 #define VAR_LMTP_CACHE_DEST "lmtp_connection_cache_destinations" 984 #define DEF_LMTP_CACHE_DEST "" 985 extern char *var_smtp_cache_dest; 986 987 #define VAR_SMTP_CACHE_DEMAND "smtp_connection_cache_on_demand" 988 #ifndef DEF_SMTP_CACHE_DEMAND 989 #define DEF_SMTP_CACHE_DEMAND 1 990 #endif 991 #define VAR_LMTP_CACHE_DEMAND "lmtp_connection_cache_on_demand" 992 #ifndef DEF_LMTP_CACHE_DEMAND 993 #define DEF_LMTP_CACHE_DEMAND 1 994 #endif 995 extern bool var_smtp_cache_demand; 996 997 #define VAR_SMTP_CONN_TMOUT "smtp_connect_timeout" 998 #define DEF_SMTP_CONN_TMOUT "30s" 999 extern int var_smtp_conn_tmout; 1000 1001 #define VAR_SMTP_HELO_TMOUT "smtp_helo_timeout" 1002 #define DEF_SMTP_HELO_TMOUT "300s" 1003 #define VAR_LMTP_HELO_TMOUT "lmtp_lhlo_timeout" 1004 #define DEF_LMTP_HELO_TMOUT "300s" 1005 extern int var_smtp_helo_tmout; 1006 1007 #define VAR_SMTP_XFWD_TMOUT "smtp_xforward_timeout" 1008 #define DEF_SMTP_XFWD_TMOUT "300s" 1009 extern int var_smtp_xfwd_tmout; 1010 1011 #define VAR_SMTP_STARTTLS_TMOUT "smtp_starttls_timeout" 1012 #define DEF_SMTP_STARTTLS_TMOUT "300s" 1013 #define VAR_LMTP_STARTTLS_TMOUT "lmtp_starttls_timeout" 1014 #define DEF_LMTP_STARTTLS_TMOUT "300s" 1015 extern int var_smtp_starttls_tmout; 1016 1017 #define VAR_SMTP_MAIL_TMOUT "smtp_mail_timeout" 1018 #define DEF_SMTP_MAIL_TMOUT "300s" 1019 extern int var_smtp_mail_tmout; 1020 1021 #define VAR_SMTP_RCPT_TMOUT "smtp_rcpt_timeout" 1022 #define DEF_SMTP_RCPT_TMOUT "300s" 1023 extern int var_smtp_rcpt_tmout; 1024 1025 #define VAR_SMTP_DATA0_TMOUT "smtp_data_init_timeout" 1026 #define DEF_SMTP_DATA0_TMOUT "120s" 1027 extern int var_smtp_data0_tmout; 1028 1029 #define VAR_SMTP_DATA1_TMOUT "smtp_data_xfer_timeout" 1030 #define DEF_SMTP_DATA1_TMOUT "180s" 1031 extern int var_smtp_data1_tmout; 1032 1033 #define VAR_SMTP_DATA2_TMOUT "smtp_data_done_timeout" 1034 #define DEF_SMTP_DATA2_TMOUT "600s" 1035 extern int var_smtp_data2_tmout; 1036 1037 #define VAR_SMTP_RSET_TMOUT "smtp_rset_timeout" 1038 #define DEF_SMTP_RSET_TMOUT "20s" 1039 extern int var_smtp_rset_tmout; 1040 1041 #define VAR_SMTP_QUIT_TMOUT "smtp_quit_timeout" 1042 #define DEF_SMTP_QUIT_TMOUT "300s" 1043 extern int var_smtp_quit_tmout; 1044 1045 #define VAR_SMTP_QUOTE_821_ENV "smtp_quote_rfc821_envelope" 1046 #define DEF_SMTP_QUOTE_821_ENV 1 1047 #define VAR_LMTP_QUOTE_821_ENV "lmtp_quote_rfc821_envelope" 1048 #define DEF_LMTP_QUOTE_821_ENV 1 1049 extern int var_smtp_quote_821_env; 1050 1051 #define VAR_SMTP_SKIP_5XX "smtp_skip_5xx_greeting" 1052 #define DEF_SMTP_SKIP_5XX 1 1053 #define VAR_LMTP_SKIP_5XX "lmtp_skip_5xx_greeting" 1054 #define DEF_LMTP_SKIP_5XX 1 1055 extern bool var_smtp_skip_5xx_greeting; 1056 1057 #define VAR_IGN_MX_LOOKUP_ERR "ignore_mx_lookup_error" 1058 #define DEF_IGN_MX_LOOKUP_ERR 0 1059 extern bool var_ign_mx_lookup_err; 1060 1061 #define VAR_SMTP_SKIP_QUIT_RESP "smtp_skip_quit_response" 1062 #define DEF_SMTP_SKIP_QUIT_RESP 1 1063 extern bool var_skip_quit_resp; 1064 1065 #define VAR_SMTP_ALWAYS_EHLO "smtp_always_send_ehlo" 1066 #ifdef RFC821_SYNTAX 1067 #define DEF_SMTP_ALWAYS_EHLO 0 1068 #else 1069 #define DEF_SMTP_ALWAYS_EHLO 1 1070 #endif 1071 extern bool var_smtp_always_ehlo; 1072 1073 #define VAR_SMTP_NEVER_EHLO "smtp_never_send_ehlo" 1074 #define DEF_SMTP_NEVER_EHLO 0 1075 extern bool var_smtp_never_ehlo; 1076 1077 #define VAR_SMTP_RESP_FILTER "smtp_reply_filter" 1078 #define DEF_SMTP_RESP_FILTER "" 1079 #define VAR_LMTP_RESP_FILTER "lmtp_reply_filter" 1080 #define DEF_LMTP_RESP_FILTER "" 1081 extern char *var_smtp_resp_filter; 1082 1083 #define VAR_SMTP_BIND_ADDR "smtp_bind_address" 1084 #define DEF_SMTP_BIND_ADDR "" 1085 #define VAR_LMTP_BIND_ADDR "lmtp_bind_address" 1086 #define DEF_LMTP_BIND_ADDR "" 1087 extern char *var_smtp_bind_addr; 1088 1089 #define VAR_SMTP_BIND_ADDR6 "smtp_bind_address6" 1090 #define DEF_SMTP_BIND_ADDR6 "" 1091 #define VAR_LMTP_BIND_ADDR6 "lmtp_bind_address6" 1092 #define DEF_LMTP_BIND_ADDR6 "" 1093 extern char *var_smtp_bind_addr6; 1094 1095 #define VAR_SMTP_HELO_NAME "smtp_helo_name" 1096 #define DEF_SMTP_HELO_NAME "$myhostname" 1097 #define VAR_LMTP_HELO_NAME "lmtp_lhlo_name" 1098 #define DEF_LMTP_HELO_NAME "$myhostname" 1099 extern char *var_smtp_helo_name; 1100 1101 #define VAR_SMTP_RAND_ADDR "smtp_randomize_addresses" 1102 #define DEF_SMTP_RAND_ADDR 1 1103 #define VAR_LMTP_RAND_ADDR "lmtp_randomize_addresses" 1104 #define DEF_LMTP_RAND_ADDR 1 1105 extern bool var_smtp_rand_addr; 1106 1107 #define VAR_SMTP_LINE_LIMIT "smtp_line_length_limit" 1108 #define DEF_SMTP_LINE_LIMIT 998 1109 #define VAR_LMTP_LINE_LIMIT "lmtp_line_length_limit" 1110 #define DEF_LMTP_LINE_LIMIT 998 1111 extern int var_smtp_line_limit; 1112 1113 #define VAR_SMTP_PIX_THRESH "smtp_pix_workaround_threshold_time" 1114 #define DEF_SMTP_PIX_THRESH "500s" 1115 #define VAR_LMTP_PIX_THRESH "lmtp_pix_workaround_threshold_time" 1116 #define DEF_LMTP_PIX_THRESH "500s" 1117 extern int var_smtp_pix_thresh; 1118 1119 #define VAR_SMTP_PIX_DELAY "smtp_pix_workaround_delay_time" 1120 #define DEF_SMTP_PIX_DELAY "10s" 1121 #define VAR_LMTP_PIX_DELAY "lmtp_pix_workaround_delay_time" 1122 #define DEF_LMTP_PIX_DELAY "10s" 1123 extern int var_smtp_pix_delay; 1124 1125 /* 1126 * Courageous people may want to turn off PIX bug workarounds. 1127 */ 1128 #define PIX_BUG_DISABLE_ESMTP "disable_esmtp" 1129 #define PIX_BUG_DELAY_DOTCRLF "delay_dotcrlf" 1130 #define VAR_SMTP_PIX_BUG_WORDS "smtp_pix_workarounds" 1131 #define DEF_SMTP_PIX_BUG_WORDS PIX_BUG_DISABLE_ESMTP "," \ 1132 PIX_BUG_DELAY_DOTCRLF 1133 #define VAR_LMTP_PIX_BUG_WORDS "lmtp_pix_workarounds" 1134 #define DEF_LMTP_PIX_BUG_WORDS DEF_SMTP_PIX_BUG_WORDS 1135 extern char *var_smtp_pix_bug_words; 1136 1137 #define VAR_SMTP_PIX_BUG_MAPS "smtp_pix_workaround_maps" 1138 #define DEF_SMTP_PIX_BUG_MAPS "" 1139 #define VAR_LMTP_PIX_BUG_MAPS "lmtp_pix_workaround_maps" 1140 #define DEF_LMTP_PIX_BUG_MAPS "" 1141 extern char *var_smtp_pix_bug_maps; 1142 1143 #define VAR_SMTP_DEFER_MXADDR "smtp_defer_if_no_mx_address_found" 1144 #define DEF_SMTP_DEFER_MXADDR 0 1145 #define VAR_LMTP_DEFER_MXADDR "lmtp_defer_if_no_mx_address_found" 1146 #define DEF_LMTP_DEFER_MXADDR 0 1147 extern bool var_smtp_defer_mxaddr; 1148 1149 #define VAR_SMTP_SEND_XFORWARD "smtp_send_xforward_command" 1150 #define DEF_SMTP_SEND_XFORWARD 0 1151 extern bool var_smtp_send_xforward; 1152 1153 #define VAR_SMTP_GENERIC_MAPS "smtp_generic_maps" 1154 #define DEF_SMTP_GENERIC_MAPS "" 1155 #define VAR_LMTP_GENERIC_MAPS "lmtp_generic_maps" 1156 #define DEF_LMTP_GENERIC_MAPS "" 1157 extern char *var_smtp_generic_maps; 1158 1159 /* 1160 * SMTP server. The soft error limit determines how many errors an SMTP 1161 * client may make before we start to slow down; the hard error limit 1162 * determines after how many client errors we disconnect. 1163 */ 1164 #define VAR_SMTPD_BANNER "smtpd_banner" 1165 #define DEF_SMTPD_BANNER "$myhostname ESMTP $mail_name" 1166 extern char *var_smtpd_banner; 1167 1168 #define VAR_SMTPD_TMOUT "smtpd_timeout" 1169 #define DEF_SMTPD_TMOUT "${stress?10}${stress:300}s" 1170 extern int var_smtpd_tmout; 1171 1172 #define VAR_SMTPD_STARTTLS_TMOUT "smtpd_starttls_timeout" 1173 #define DEF_SMTPD_STARTTLS_TMOUT "${stress?10}${stress:300}s" 1174 extern int var_smtpd_starttls_tmout; 1175 1176 #define VAR_SMTPD_RCPT_LIMIT "smtpd_recipient_limit" 1177 #define DEF_SMTPD_RCPT_LIMIT 1000 1178 extern int var_smtpd_rcpt_limit; 1179 1180 #define VAR_SMTPD_SOFT_ERLIM "smtpd_soft_error_limit" 1181 #define DEF_SMTPD_SOFT_ERLIM "10" 1182 extern int var_smtpd_soft_erlim; 1183 1184 #define VAR_SMTPD_HARD_ERLIM "smtpd_hard_error_limit" 1185 #define DEF_SMTPD_HARD_ERLIM "${stress?1}${stress:20}" 1186 extern int var_smtpd_hard_erlim; 1187 1188 #define VAR_SMTPD_ERR_SLEEP "smtpd_error_sleep_time" 1189 #define DEF_SMTPD_ERR_SLEEP "1s" 1190 extern int var_smtpd_err_sleep; 1191 1192 #define VAR_SMTPD_JUNK_CMD "smtpd_junk_command_limit" 1193 #define DEF_SMTPD_JUNK_CMD "${stress?1}${stress:100}" 1194 extern int var_smtpd_junk_cmd_limit; 1195 1196 #define VAR_SMTPD_RCPT_OVERLIM "smtpd_recipient_overshoot_limit" 1197 #define DEF_SMTPD_RCPT_OVERLIM 1000 1198 extern int var_smtpd_rcpt_overlim; 1199 1200 #define VAR_SMTPD_HIST_THRSH "smtpd_history_flush_threshold" 1201 #define DEF_SMTPD_HIST_THRSH 100 1202 extern int var_smtpd_hist_thrsh; 1203 1204 #define VAR_SMTPD_NOOP_CMDS "smtpd_noop_commands" 1205 #define DEF_SMTPD_NOOP_CMDS "" 1206 extern char *var_smtpd_noop_cmds; 1207 1208 #define VAR_SMTPD_FORBID_CMDS "smtpd_forbidden_commands" 1209 #define DEF_SMTPD_FORBID_CMDS "CONNECT GET POST" 1210 extern char *var_smtpd_forbid_cmds; 1211 1212 #define VAR_SMTPD_CMD_FILTER "smtpd_command_filter" 1213 #define DEF_SMTPD_CMD_FILTER "" 1214 extern char *var_smtpd_cmd_filter; 1215 1216 #define VAR_SMTPD_TLS_WRAPPER "smtpd_tls_wrappermode" 1217 #define DEF_SMTPD_TLS_WRAPPER 0 1218 extern bool var_smtpd_tls_wrappermode; 1219 1220 #define VAR_SMTPD_TLS_LEVEL "smtpd_tls_security_level" 1221 #define DEF_SMTPD_TLS_LEVEL "" 1222 extern char *var_smtpd_tls_level; 1223 1224 #define VAR_SMTPD_USE_TLS "smtpd_use_tls" 1225 #define DEF_SMTPD_USE_TLS 0 1226 extern bool var_smtpd_use_tls; 1227 1228 #define VAR_SMTPD_ENFORCE_TLS "smtpd_enforce_tls" 1229 #define DEF_SMTPD_ENFORCE_TLS 0 1230 extern bool var_smtpd_enforce_tls; 1231 1232 #define VAR_SMTPD_TLS_AUTH_ONLY "smtpd_tls_auth_only" 1233 #define DEF_SMTPD_TLS_AUTH_ONLY 0 1234 extern bool var_smtpd_tls_auth_only; 1235 1236 #define VAR_SMTPD_TLS_ACERT "smtpd_tls_ask_ccert" 1237 #define DEF_SMTPD_TLS_ACERT 0 1238 extern bool var_smtpd_tls_ask_ccert; 1239 1240 #define VAR_SMTPD_TLS_RCERT "smtpd_tls_req_ccert" 1241 #define DEF_SMTPD_TLS_RCERT 0 1242 extern bool var_smtpd_tls_req_ccert; 1243 1244 #define VAR_SMTPD_TLS_CCERT_VD "smtpd_tls_ccert_verifydepth" 1245 #define DEF_SMTPD_TLS_CCERT_VD 9 1246 extern int var_smtpd_tls_ccert_vd; 1247 1248 #define VAR_SMTPD_TLS_CERT_FILE "smtpd_tls_cert_file" 1249 #define DEF_SMTPD_TLS_CERT_FILE "" 1250 extern char *var_smtpd_tls_cert_file; 1251 1252 #define VAR_SMTPD_TLS_KEY_FILE "smtpd_tls_key_file" 1253 #define DEF_SMTPD_TLS_KEY_FILE "$smtpd_tls_cert_file" 1254 extern char *var_smtpd_tls_key_file; 1255 1256 #define VAR_SMTPD_TLS_DCERT_FILE "smtpd_tls_dcert_file" 1257 #define DEF_SMTPD_TLS_DCERT_FILE "" 1258 extern char *var_smtpd_tls_dcert_file; 1259 1260 #define VAR_SMTPD_TLS_DKEY_FILE "smtpd_tls_dkey_file" 1261 #define DEF_SMTPD_TLS_DKEY_FILE "$smtpd_tls_dcert_file" 1262 extern char *var_smtpd_tls_dkey_file; 1263 1264 #define VAR_SMTPD_TLS_ECCERT_FILE "smtpd_tls_eccert_file" 1265 #define DEF_SMTPD_TLS_ECCERT_FILE "" 1266 extern char *var_smtpd_tls_eccert_file; 1267 1268 #define VAR_SMTPD_TLS_ECKEY_FILE "smtpd_tls_eckey_file" 1269 #define DEF_SMTPD_TLS_ECKEY_FILE "$smtpd_tls_eccert_file" 1270 extern char *var_smtpd_tls_eckey_file; 1271 1272 #define VAR_SMTPD_TLS_CA_FILE "smtpd_tls_CAfile" 1273 #define DEF_SMTPD_TLS_CA_FILE "" 1274 extern char *var_smtpd_tls_CAfile; 1275 1276 #define VAR_SMTPD_TLS_CA_PATH "smtpd_tls_CApath" 1277 #define DEF_SMTPD_TLS_CA_PATH "" 1278 extern char *var_smtpd_tls_CApath; 1279 1280 #define VAR_SMTPD_TLS_PROTO "smtpd_tls_protocols" 1281 #define DEF_SMTPD_TLS_PROTO "!SSLv2, !SSLv3" 1282 extern char *var_smtpd_tls_proto; 1283 1284 #define VAR_SMTPD_TLS_MAND_PROTO "smtpd_tls_mandatory_protocols" 1285 #define DEF_SMTPD_TLS_MAND_PROTO "!SSLv2, !SSLv3" 1286 extern char *var_smtpd_tls_mand_proto; 1287 1288 #define VAR_SMTPD_TLS_CIPH "smtpd_tls_ciphers" 1289 #define DEF_SMTPD_TLS_CIPH "medium" 1290 extern char *var_smtpd_tls_ciph; 1291 1292 #define VAR_SMTPD_TLS_MAND_CIPH "smtpd_tls_mandatory_ciphers" 1293 #define DEF_SMTPD_TLS_MAND_CIPH "medium" 1294 extern char *var_smtpd_tls_mand_ciph; 1295 1296 #define VAR_SMTPD_TLS_EXCL_CIPH "smtpd_tls_exclude_ciphers" 1297 #define DEF_SMTPD_TLS_EXCL_CIPH "" 1298 extern char *var_smtpd_tls_excl_ciph; 1299 1300 #define VAR_SMTPD_TLS_MAND_EXCL "smtpd_tls_mandatory_exclude_ciphers" 1301 #define DEF_SMTPD_TLS_MAND_EXCL "" 1302 extern char *var_smtpd_tls_mand_excl; 1303 1304 #define VAR_SMTPD_TLS_FPT_DGST "smtpd_tls_fingerprint_digest" 1305 #define DEF_SMTPD_TLS_FPT_DGST "md5" 1306 extern char *var_smtpd_tls_fpt_dgst; 1307 1308 #define VAR_SMTPD_TLS_512_FILE "smtpd_tls_dh512_param_file" 1309 #define DEF_SMTPD_TLS_512_FILE "" 1310 extern char *var_smtpd_tls_dh512_param_file; 1311 1312 #define VAR_SMTPD_TLS_1024_FILE "smtpd_tls_dh1024_param_file" 1313 #define DEF_SMTPD_TLS_1024_FILE "" 1314 extern char *var_smtpd_tls_dh1024_param_file; 1315 1316 #define VAR_SMTPD_TLS_EECDH "smtpd_tls_eecdh_grade" 1317 #define DEF_SMTPD_TLS_EECDH "strong" 1318 extern char *var_smtpd_tls_eecdh; 1319 1320 #define VAR_SMTPD_TLS_LOGLEVEL "smtpd_tls_loglevel" 1321 #define DEF_SMTPD_TLS_LOGLEVEL "0" 1322 extern char *var_smtpd_tls_loglevel; 1323 1324 #define VAR_SMTPD_TLS_RECHEAD "smtpd_tls_received_header" 1325 #define DEF_SMTPD_TLS_RECHEAD 0 1326 extern bool var_smtpd_tls_received_header; 1327 1328 #define VAR_SMTPD_TLS_SCACHE_DB "smtpd_tls_session_cache_database" 1329 #define DEF_SMTPD_TLS_SCACHE_DB "" 1330 extern char *var_smtpd_tls_scache_db; 1331 1332 #define MAX_SMTPD_TLS_SCACHETIME 8640000 1333 #define VAR_SMTPD_TLS_SCACHTIME "smtpd_tls_session_cache_timeout" 1334 #define DEF_SMTPD_TLS_SCACHTIME "3600s" 1335 extern int var_smtpd_tls_scache_timeout; 1336 1337 #define VAR_SMTPD_TLS_SET_SESSID "smtpd_tls_always_issue_session_ids" 1338 #define DEF_SMTPD_TLS_SET_SESSID 1 1339 extern bool var_smtpd_tls_set_sessid; 1340 1341 #define VAR_SMTPD_DELAY_OPEN "smtpd_delay_open_until_valid_rcpt" 1342 #define DEF_SMTPD_DELAY_OPEN 1 1343 extern bool var_smtpd_delay_open; 1344 1345 #define VAR_SMTP_TLS_PER_SITE "smtp_tls_per_site" 1346 #define DEF_SMTP_TLS_PER_SITE "" 1347 #define VAR_LMTP_TLS_PER_SITE "lmtp_tls_per_site" 1348 #define DEF_LMTP_TLS_PER_SITE "" 1349 extern char *var_smtp_tls_per_site; 1350 1351 #define VAR_SMTP_USE_TLS "smtp_use_tls" 1352 #define DEF_SMTP_USE_TLS 0 1353 #define VAR_LMTP_USE_TLS "lmtp_use_tls" 1354 #define DEF_LMTP_USE_TLS 0 1355 extern bool var_smtp_use_tls; 1356 1357 #define VAR_SMTP_ENFORCE_TLS "smtp_enforce_tls" 1358 #define DEF_SMTP_ENFORCE_TLS 0 1359 #define VAR_LMTP_ENFORCE_TLS "lmtp_enforce_tls" 1360 #define DEF_LMTP_ENFORCE_TLS 0 1361 extern bool var_smtp_enforce_tls; 1362 1363 #define VAR_SMTP_TLS_ENFORCE_PN "smtp_tls_enforce_peername" 1364 #define DEF_SMTP_TLS_ENFORCE_PN 1 1365 #define VAR_LMTP_TLS_ENFORCE_PN "lmtp_tls_enforce_peername" 1366 #define DEF_LMTP_TLS_ENFORCE_PN 1 1367 extern bool var_smtp_tls_enforce_peername; 1368 1369 #define VAR_SMTP_TLS_LEVEL "smtp_tls_security_level" 1370 #define DEF_SMTP_TLS_LEVEL "" 1371 #define VAR_LMTP_TLS_LEVEL "lmtp_tls_security_level" 1372 #define DEF_LMTP_TLS_LEVEL "" 1373 extern char *var_smtp_tls_level; 1374 1375 #define VAR_SMTP_TLS_SCERT_VD "smtp_tls_scert_verifydepth" 1376 #define DEF_SMTP_TLS_SCERT_VD 9 1377 #define VAR_LMTP_TLS_SCERT_VD "lmtp_tls_scert_verifydepth" 1378 #define DEF_LMTP_TLS_SCERT_VD 9 1379 extern int var_smtp_tls_scert_vd; 1380 1381 #define VAR_SMTP_TLS_CERT_FILE "smtp_tls_cert_file" 1382 #define DEF_SMTP_TLS_CERT_FILE "" 1383 #define VAR_LMTP_TLS_CERT_FILE "lmtp_tls_cert_file" 1384 #define DEF_LMTP_TLS_CERT_FILE "" 1385 extern char *var_smtp_tls_cert_file; 1386 1387 #define VAR_SMTP_TLS_KEY_FILE "smtp_tls_key_file" 1388 #define DEF_SMTP_TLS_KEY_FILE "$smtp_tls_cert_file" 1389 #define VAR_LMTP_TLS_KEY_FILE "lmtp_tls_key_file" 1390 #define DEF_LMTP_TLS_KEY_FILE "$lmtp_tls_cert_file" 1391 extern char *var_smtp_tls_key_file; 1392 1393 #define VAR_SMTP_TLS_DCERT_FILE "smtp_tls_dcert_file" 1394 #define DEF_SMTP_TLS_DCERT_FILE "" 1395 #define VAR_LMTP_TLS_DCERT_FILE "lmtp_tls_dcert_file" 1396 #define DEF_LMTP_TLS_DCERT_FILE "" 1397 extern char *var_smtp_tls_dcert_file; 1398 1399 #define VAR_SMTP_TLS_DKEY_FILE "smtp_tls_dkey_file" 1400 #define DEF_SMTP_TLS_DKEY_FILE "$smtp_tls_dcert_file" 1401 #define VAR_LMTP_TLS_DKEY_FILE "lmtp_tls_dkey_file" 1402 #define DEF_LMTP_TLS_DKEY_FILE "$lmtp_tls_dcert_file" 1403 extern char *var_smtp_tls_dkey_file; 1404 1405 #define VAR_SMTP_TLS_ECCERT_FILE "smtp_tls_eccert_file" 1406 #define DEF_SMTP_TLS_ECCERT_FILE "" 1407 #define VAR_LMTP_TLS_ECCERT_FILE "lmtp_tls_eccert_file" 1408 #define DEF_LMTP_TLS_ECCERT_FILE "" 1409 extern char *var_smtp_tls_eccert_file; 1410 1411 #define VAR_SMTP_TLS_ECKEY_FILE "smtp_tls_eckey_file" 1412 #define DEF_SMTP_TLS_ECKEY_FILE "$smtp_tls_eccert_file" 1413 #define VAR_LMTP_TLS_ECKEY_FILE "lmtp_tls_eckey_file" 1414 #define DEF_LMTP_TLS_ECKEY_FILE "$lmtp_tls_eccert_file" 1415 extern char *var_smtp_tls_eckey_file; 1416 1417 #define VAR_SMTP_TLS_CA_FILE "smtp_tls_CAfile" 1418 #define DEF_SMTP_TLS_CA_FILE "" 1419 #define VAR_LMTP_TLS_CA_FILE "lmtp_tls_CAfile" 1420 #define DEF_LMTP_TLS_CA_FILE "" 1421 extern char *var_smtp_tls_CAfile; 1422 1423 #define VAR_SMTP_TLS_CA_PATH "smtp_tls_CApath" 1424 #define DEF_SMTP_TLS_CA_PATH "" 1425 #define VAR_LMTP_TLS_CA_PATH "lmtp_tls_CApath" 1426 #define DEF_LMTP_TLS_CA_PATH "" 1427 extern char *var_smtp_tls_CApath; 1428 1429 #define VAR_SMTP_TLS_CIPH "smtp_tls_ciphers" 1430 #define DEF_SMTP_TLS_CIPH "medium" 1431 #define VAR_LMTP_TLS_CIPH "lmtp_tls_ciphers" 1432 #define DEF_LMTP_TLS_CIPH "medium" 1433 extern char *var_smtp_tls_ciph; 1434 1435 #define VAR_SMTP_TLS_MAND_CIPH "smtp_tls_mandatory_ciphers" 1436 #define DEF_SMTP_TLS_MAND_CIPH "medium" 1437 #define VAR_LMTP_TLS_MAND_CIPH "lmtp_tls_mandatory_ciphers" 1438 #define DEF_LMTP_TLS_MAND_CIPH "medium" 1439 extern char *var_smtp_tls_mand_ciph; 1440 1441 #define VAR_SMTP_TLS_EXCL_CIPH "smtp_tls_exclude_ciphers" 1442 #define DEF_SMTP_TLS_EXCL_CIPH "" 1443 #define VAR_LMTP_TLS_EXCL_CIPH "lmtp_tls_exclude_ciphers" 1444 #define DEF_LMTP_TLS_EXCL_CIPH "" 1445 extern char *var_smtp_tls_excl_ciph; 1446 1447 #define VAR_SMTP_TLS_MAND_EXCL "smtp_tls_mandatory_exclude_ciphers" 1448 #define DEF_SMTP_TLS_MAND_EXCL "" 1449 #define VAR_LMTP_TLS_MAND_EXCL "lmtp_tls_mandatory_exclude_ciphers" 1450 #define DEF_LMTP_TLS_MAND_EXCL "" 1451 extern char *var_smtp_tls_mand_excl; 1452 1453 #define VAR_SMTP_TLS_FPT_DGST "smtp_tls_fingerprint_digest" 1454 #define DEF_SMTP_TLS_FPT_DGST "md5" 1455 #define VAR_LMTP_TLS_FPT_DGST "lmtp_tls_fingerprint_digest" 1456 #define DEF_LMTP_TLS_FPT_DGST "md5" 1457 extern char *var_smtp_tls_fpt_dgst; 1458 1459 #define VAR_SMTP_TLS_TAFILE "smtp_tls_trust_anchor_file" 1460 #define DEF_SMTP_TLS_TAFILE "" 1461 #define VAR_LMTP_TLS_TAFILE "lmtp_tls_trust_anchor_file" 1462 #define DEF_LMTP_TLS_TAFILE "" 1463 extern char *var_smtp_tls_tafile; 1464 1465 #define VAR_SMTP_TLS_LOGLEVEL "smtp_tls_loglevel" 1466 #define DEF_SMTP_TLS_LOGLEVEL "0" 1467 #define VAR_LMTP_TLS_LOGLEVEL "lmtp_tls_loglevel" 1468 #define DEF_LMTP_TLS_LOGLEVEL "0" 1469 extern char *var_smtp_tls_loglevel; /* In smtp(8) and tlsmgr(8) */ 1470 extern char *var_lmtp_tls_loglevel; /* In tlsmgr(8) */ 1471 1472 #define VAR_SMTP_TLS_NOTEOFFER "smtp_tls_note_starttls_offer" 1473 #define DEF_SMTP_TLS_NOTEOFFER 0 1474 #define VAR_LMTP_TLS_NOTEOFFER "lmtp_tls_note_starttls_offer" 1475 #define DEF_LMTP_TLS_NOTEOFFER 0 1476 extern bool var_smtp_tls_note_starttls_offer; 1477 1478 #define VAR_SMTP_TLS_SCACHE_DB "smtp_tls_session_cache_database" 1479 #define DEF_SMTP_TLS_SCACHE_DB "" 1480 #define VAR_LMTP_TLS_SCACHE_DB "lmtp_tls_session_cache_database" 1481 #define DEF_LMTP_TLS_SCACHE_DB "" 1482 extern char *var_smtp_tls_scache_db; 1483 extern char *var_lmtp_tls_scache_db; 1484 1485 #define MAX_SMTP_TLS_SCACHETIME 8640000 1486 #define VAR_SMTP_TLS_SCACHTIME "smtp_tls_session_cache_timeout" 1487 #define DEF_SMTP_TLS_SCACHTIME "3600s" 1488 #define MAX_LMTP_TLS_SCACHETIME 8640000 1489 #define VAR_LMTP_TLS_SCACHTIME "lmtp_tls_session_cache_timeout" 1490 #define DEF_LMTP_TLS_SCACHTIME "3600s" 1491 extern int var_smtp_tls_scache_timeout; 1492 extern int var_lmtp_tls_scache_timeout; 1493 1494 #define VAR_SMTP_TLS_POLICY "smtp_tls_policy_maps" 1495 #define DEF_SMTP_TLS_POLICY "" 1496 #define VAR_LMTP_TLS_POLICY "lmtp_tls_policy_maps" 1497 #define DEF_LMTP_TLS_POLICY "" 1498 extern char *var_smtp_tls_policy; 1499 1500 #define VAR_SMTP_TLS_PROTO "smtp_tls_protocols" 1501 #define DEF_SMTP_TLS_PROTO "!SSLv2, !SSLv3" 1502 #define VAR_LMTP_TLS_PROTO "lmtp_tls_protocols" 1503 #define DEF_LMTP_TLS_PROTO "!SSLv2, !SSLv3" 1504 extern char *var_smtp_tls_proto; 1505 1506 #define VAR_SMTP_TLS_MAND_PROTO "smtp_tls_mandatory_protocols" 1507 #define DEF_SMTP_TLS_MAND_PROTO "!SSLv2, !SSLv3" 1508 #define VAR_LMTP_TLS_MAND_PROTO "lmtp_tls_mandatory_protocols" 1509 #define DEF_LMTP_TLS_MAND_PROTO "!SSLv2, !SSLv3" 1510 extern char *var_smtp_tls_mand_proto; 1511 1512 #define VAR_SMTP_TLS_VFY_CMATCH "smtp_tls_verify_cert_match" 1513 #define DEF_SMTP_TLS_VFY_CMATCH "hostname" 1514 #define VAR_LMTP_TLS_VFY_CMATCH "lmtp_tls_verify_cert_match" 1515 #define DEF_LMTP_TLS_VFY_CMATCH "hostname" 1516 extern char *var_smtp_tls_vfy_cmatch; 1517 1518 /* 1519 * There are no MX lookups for LMTP, so verify == secure 1520 */ 1521 #define VAR_SMTP_TLS_SEC_CMATCH "smtp_tls_secure_cert_match" 1522 #define DEF_SMTP_TLS_SEC_CMATCH "nexthop, dot-nexthop" 1523 #define VAR_LMTP_TLS_SEC_CMATCH "lmtp_tls_secure_cert_match" 1524 #define DEF_LMTP_TLS_SEC_CMATCH "nexthop" 1525 extern char *var_smtp_tls_sec_cmatch; 1526 1527 1528 #define VAR_SMTP_TLS_FPT_CMATCH "smtp_tls_fingerprint_cert_match" 1529 #define DEF_SMTP_TLS_FPT_CMATCH "" 1530 #define VAR_LMTP_TLS_FPT_CMATCH "lmtp_tls_fingerprint_cert_match" 1531 #define DEF_LMTP_TLS_FPT_CMATCH "" 1532 extern char *var_smtp_tls_fpt_cmatch; 1533 1534 #define VAR_SMTP_TLS_BLK_EARLY_MAIL_REPLY "smtp_tls_block_early_mail_reply" 1535 #define DEF_SMTP_TLS_BLK_EARLY_MAIL_REPLY 0 1536 #define VAR_LMTP_TLS_BLK_EARLY_MAIL_REPLY "lmtp_tls_block_early_mail_reply" 1537 #define DEF_LMTP_TLS_BLK_EARLY_MAIL_REPLY 0 1538 extern bool var_smtp_tls_blk_early_mail_reply; 1539 1540 #define VAR_SMTP_TLS_FORCE_TLSA "smtp_tls_force_insecure_host_tlsa_lookup" 1541 #define DEF_SMTP_TLS_FORCE_TLSA 0 1542 #define VAR_LMTP_TLS_FORCE_TLSA "lmtp_tls_force_insecure_host_tlsa_lookup" 1543 #define DEF_LMTP_TLS_FORCE_TLSA 0 1544 extern bool var_smtp_tls_force_tlsa; 1545 1546 /* 1547 * SASL authentication support, SMTP server side. 1548 */ 1549 #define VAR_SMTPD_SASL_ENABLE "smtpd_sasl_auth_enable" 1550 #define DEF_SMTPD_SASL_ENABLE 0 1551 extern bool var_smtpd_sasl_enable; 1552 1553 #define VAR_SMTPD_SASL_AUTH_HDR "smtpd_sasl_authenticated_header" 1554 #define DEF_SMTPD_SASL_AUTH_HDR 0 1555 extern bool var_smtpd_sasl_auth_hdr; 1556 1557 #define VAR_SMTPD_SASL_OPTS "smtpd_sasl_security_options" 1558 #define DEF_SMTPD_SASL_OPTS "noanonymous" 1559 extern char *var_smtpd_sasl_opts; 1560 1561 #define VAR_SMTPD_SASL_PATH "smtpd_sasl_path" 1562 #define DEF_SMTPD_SASL_PATH "smtpd" 1563 extern char *var_smtpd_sasl_path; 1564 1565 #define VAR_SMTPD_SASL_SERVICE "smtpd_sasl_service" 1566 #define DEF_SMTPD_SASL_SERVICE "smtp" 1567 extern char *var_smtpd_sasl_service; 1568 1569 #define VAR_CYRUS_CONF_PATH "cyrus_sasl_config_path" 1570 #define DEF_CYRUS_CONF_PATH "" 1571 extern char *var_cyrus_conf_path; 1572 1573 #define VAR_SMTPD_SASL_TLS_OPTS "smtpd_sasl_tls_security_options" 1574 #define DEF_SMTPD_SASL_TLS_OPTS "$" VAR_SMTPD_SASL_OPTS 1575 extern char *var_smtpd_sasl_tls_opts; 1576 1577 #define VAR_SMTPD_SASL_REALM "smtpd_sasl_local_domain" 1578 #define DEF_SMTPD_SASL_REALM "" 1579 extern char *var_smtpd_sasl_realm; 1580 1581 #define VAR_SMTPD_SASL_EXCEPTIONS_NETWORKS "smtpd_sasl_exceptions_networks" 1582 #define DEF_SMTPD_SASL_EXCEPTIONS_NETWORKS "" 1583 extern char *var_smtpd_sasl_exceptions_networks; 1584 1585 #ifndef DEF_SERVER_SASL_TYPE 1586 #define DEF_SERVER_SASL_TYPE "cyrus" 1587 #endif 1588 1589 #define VAR_SMTPD_SASL_TYPE "smtpd_sasl_type" 1590 #define DEF_SMTPD_SASL_TYPE DEF_SERVER_SASL_TYPE 1591 extern char *var_smtpd_sasl_type; 1592 1593 #define VAR_SMTPD_SND_AUTH_MAPS "smtpd_sender_login_maps" 1594 #define DEF_SMTPD_SND_AUTH_MAPS "" 1595 extern char *var_smtpd_snd_auth_maps; 1596 1597 #define REJECT_SENDER_LOGIN_MISMATCH "reject_sender_login_mismatch" 1598 #define REJECT_AUTH_SENDER_LOGIN_MISMATCH \ 1599 "reject_authenticated_sender_login_mismatch" 1600 #define REJECT_KNOWN_SENDER_LOGIN_MISMATCH \ 1601 "reject_known_sender_login_mismatch" 1602 #define REJECT_UNAUTH_SENDER_LOGIN_MISMATCH \ 1603 "reject_unauthenticated_sender_login_mismatch" 1604 1605 /* 1606 * SASL authentication support, SMTP client side. 1607 */ 1608 #define VAR_SMTP_SASL_ENABLE "smtp_sasl_auth_enable" 1609 #define DEF_SMTP_SASL_ENABLE 0 1610 extern bool var_smtp_sasl_enable; 1611 1612 #define VAR_SMTP_SASL_PASSWD "smtp_sasl_password_maps" 1613 #define DEF_SMTP_SASL_PASSWD "" 1614 extern char *var_smtp_sasl_passwd; 1615 1616 #define VAR_SMTP_SASL_OPTS "smtp_sasl_security_options" 1617 #define DEF_SMTP_SASL_OPTS "noplaintext, noanonymous" 1618 extern char *var_smtp_sasl_opts; 1619 1620 #define VAR_SMTP_SASL_PATH "smtp_sasl_path" 1621 #define DEF_SMTP_SASL_PATH "" 1622 extern char *var_smtp_sasl_path; 1623 1624 #define VAR_SMTP_SASL_MECHS "smtp_sasl_mechanism_filter" 1625 #define DEF_SMTP_SASL_MECHS "" 1626 #define VAR_LMTP_SASL_MECHS "lmtp_sasl_mechanism_filter" 1627 #define DEF_LMTP_SASL_MECHS "" 1628 extern char *var_smtp_sasl_mechs; 1629 1630 #ifndef DEF_CLIENT_SASL_TYPE 1631 #define DEF_CLIENT_SASL_TYPE "cyrus" 1632 #endif 1633 1634 #define VAR_SMTP_SASL_TYPE "smtp_sasl_type" 1635 #define DEF_SMTP_SASL_TYPE DEF_CLIENT_SASL_TYPE 1636 #define VAR_LMTP_SASL_TYPE "lmtp_sasl_type" 1637 #define DEF_LMTP_SASL_TYPE DEF_CLIENT_SASL_TYPE 1638 extern char *var_smtp_sasl_type; 1639 1640 #define VAR_SMTP_SASL_TLS_OPTS "smtp_sasl_tls_security_options" 1641 #define DEF_SMTP_SASL_TLS_OPTS "$" VAR_SMTP_SASL_OPTS 1642 #define VAR_LMTP_SASL_TLS_OPTS "lmtp_sasl_tls_security_options" 1643 #define DEF_LMTP_SASL_TLS_OPTS "$" VAR_LMTP_SASL_OPTS 1644 extern char *var_smtp_sasl_tls_opts; 1645 1646 #define VAR_SMTP_SASL_TLSV_OPTS "smtp_sasl_tls_verified_security_options" 1647 #define DEF_SMTP_SASL_TLSV_OPTS "$" VAR_SMTP_SASL_TLS_OPTS 1648 #define VAR_LMTP_SASL_TLSV_OPTS "lmtp_sasl_tls_verified_security_options" 1649 #define DEF_LMTP_SASL_TLSV_OPTS "$" VAR_LMTP_SASL_TLS_OPTS 1650 extern char *var_smtp_sasl_tlsv_opts; 1651 1652 #define VAR_SMTP_DUMMY_MAIL_AUTH "smtp_send_dummy_mail_auth" 1653 #define DEF_SMTP_DUMMY_MAIL_AUTH 0 1654 extern bool var_smtp_dummy_mail_auth; 1655 1656 /* 1657 * LMTP server. The soft error limit determines how many errors an LMTP 1658 * client may make before we start to slow down; the hard error limit 1659 * determines after how many client errors we disconnect. 1660 */ 1661 #define VAR_LMTPD_BANNER "lmtpd_banner" 1662 #define DEF_LMTPD_BANNER "$myhostname $mail_name" 1663 extern char *var_lmtpd_banner; 1664 1665 #define VAR_LMTPD_TMOUT "lmtpd_timeout" 1666 #define DEF_LMTPD_TMOUT "300s" 1667 extern int var_lmtpd_tmout; 1668 1669 #define VAR_LMTPD_RCPT_LIMIT "lmtpd_recipient_limit" 1670 #define DEF_LMTPD_RCPT_LIMIT 1000 1671 extern int var_lmtpd_rcpt_limit; 1672 1673 #define VAR_LMTPD_SOFT_ERLIM "lmtpd_soft_error_limit" 1674 #define DEF_LMTPD_SOFT_ERLIM 10 1675 extern int var_lmtpd_soft_erlim; 1676 1677 #define VAR_LMTPD_HARD_ERLIM "lmtpd_hard_error_limit" 1678 #define DEF_LMTPD_HARD_ERLIM 100 1679 extern int var_lmtpd_hard_erlim; 1680 1681 #define VAR_LMTPD_ERR_SLEEP "lmtpd_error_sleep_time" 1682 #define DEF_LMTPD_ERR_SLEEP "5s" 1683 extern int var_lmtpd_err_sleep; 1684 1685 #define VAR_LMTPD_JUNK_CMD "lmtpd_junk_command_limit" 1686 #define DEF_LMTPD_JUNK_CMD 1000 1687 extern int var_lmtpd_junk_cmd_limit; 1688 1689 /* 1690 * SASL authentication support, LMTP server side. 1691 */ 1692 #define VAR_LMTPD_SASL_ENABLE "lmtpd_sasl_auth_enable" 1693 #define DEF_LMTPD_SASL_ENABLE 0 1694 extern bool var_lmtpd_sasl_enable; 1695 1696 #define VAR_LMTPD_SASL_OPTS "lmtpd_sasl_security_options" 1697 #define DEF_LMTPD_SASL_OPTS "noanonymous" 1698 extern char *var_lmtpd_sasl_opts; 1699 1700 #define VAR_LMTPD_SASL_REALM "lmtpd_sasl_local_domain" 1701 #define DEF_LMTPD_SASL_REALM "$myhostname" 1702 extern char *var_lmtpd_sasl_realm; 1703 1704 /* 1705 * SASL authentication support, LMTP client side. 1706 */ 1707 #define VAR_LMTP_SASL_ENABLE "lmtp_sasl_auth_enable" 1708 #define DEF_LMTP_SASL_ENABLE 0 1709 extern bool var_lmtp_sasl_enable; 1710 1711 #define VAR_LMTP_SASL_PASSWD "lmtp_sasl_password_maps" 1712 #define DEF_LMTP_SASL_PASSWD "" 1713 extern char *var_lmtp_sasl_passwd; 1714 1715 #define VAR_LMTP_SASL_OPTS "lmtp_sasl_security_options" 1716 #define DEF_LMTP_SASL_OPTS "noplaintext, noanonymous" 1717 extern char *var_lmtp_sasl_opts; 1718 1719 #define VAR_LMTP_SASL_PATH "lmtp_sasl_path" 1720 #define DEF_LMTP_SASL_PATH "" 1721 extern char *var_lmtp_sasl_path; 1722 1723 #define VAR_LMTP_DUMMY_MAIL_AUTH "lmtp_send_dummy_mail_auth" 1724 #define DEF_LMTP_DUMMY_MAIL_AUTH 0 1725 extern bool var_lmtp_dummy_mail_auth; 1726 1727 /* 1728 * SASL-based relay etc. control. 1729 */ 1730 #define PERMIT_SASL_AUTH "permit_sasl_authenticated" 1731 1732 #define VAR_CYRUS_SASL_AUTHZID "send_cyrus_sasl_authzid" 1733 #define DEF_CYRUS_SASL_AUTHZID 0 1734 extern int var_cyrus_sasl_authzid; 1735 1736 /* 1737 * Special handling of AUTH 535 failures. 1738 */ 1739 #define VAR_SMTP_SASL_AUTH_SOFT_BOUNCE "smtp_sasl_auth_soft_bounce" 1740 #define DEF_SMTP_SASL_AUTH_SOFT_BOUNCE 1 1741 #define VAR_LMTP_SASL_AUTH_SOFT_BOUNCE "lmtp_sasl_auth_soft_bounce" 1742 #define DEF_LMTP_SASL_AUTH_SOFT_BOUNCE 1 1743 extern bool var_smtp_sasl_auth_soft_bounce; 1744 1745 #define VAR_SMTP_SASL_AUTH_CACHE_NAME "smtp_sasl_auth_cache_name" 1746 #define DEF_SMTP_SASL_AUTH_CACHE_NAME "" 1747 #define VAR_LMTP_SASL_AUTH_CACHE_NAME "lmtp_sasl_auth_cache_name" 1748 #define DEF_LMTP_SASL_AUTH_CACHE_NAME "" 1749 extern char *var_smtp_sasl_auth_cache_name; 1750 1751 #define VAR_SMTP_SASL_AUTH_CACHE_TIME "smtp_sasl_auth_cache_time" 1752 #define DEF_SMTP_SASL_AUTH_CACHE_TIME "90d" 1753 #define VAR_LMTP_SASL_AUTH_CACHE_TIME "lmtp_sasl_auth_cache_time" 1754 #define DEF_LMTP_SASL_AUTH_CACHE_TIME "90d" 1755 extern int var_smtp_sasl_auth_cache_time; 1756 1757 /* 1758 * LMTP client. Timeouts inspired by RFC 1123. The LMTP recipient limit 1759 * determines how many recipient addresses the LMTP client sends along with 1760 * each message. Unfortunately, some mailers misbehave and disconnect (smap) 1761 * when given more recipients than they are willing to handle. 1762 */ 1763 #define VAR_LMTP_TCP_PORT "lmtp_tcp_port" 1764 #define DEF_LMTP_TCP_PORT "24" 1765 extern char *var_lmtp_tcp_port; 1766 1767 #define VAR_LMTP_ASSUME_FINAL "lmtp_assume_final" 1768 #define DEF_LMTP_ASSUME_FINAL 0 1769 extern bool var_lmtp_assume_final; 1770 1771 #define VAR_LMTP_CACHE_CONN "lmtp_cache_connection" 1772 #define DEF_LMTP_CACHE_CONN 1 1773 extern bool var_lmtp_cache_conn; 1774 1775 #define VAR_LMTP_SKIP_QUIT_RESP "lmtp_skip_quit_response" 1776 #define DEF_LMTP_SKIP_QUIT_RESP 0 1777 extern bool var_lmtp_skip_quit_resp; 1778 1779 #define VAR_LMTP_CONN_TMOUT "lmtp_connect_timeout" 1780 #define DEF_LMTP_CONN_TMOUT "0s" 1781 extern int var_lmtp_conn_tmout; 1782 1783 #define VAR_LMTP_RSET_TMOUT "lmtp_rset_timeout" 1784 #define DEF_LMTP_RSET_TMOUT "20s" 1785 extern int var_lmtp_rset_tmout; 1786 1787 #define VAR_LMTP_LHLO_TMOUT "lmtp_lhlo_timeout" 1788 #define DEF_LMTP_LHLO_TMOUT "300s" 1789 extern int var_lmtp_lhlo_tmout; 1790 1791 #define VAR_LMTP_XFWD_TMOUT "lmtp_xforward_timeout" 1792 #define DEF_LMTP_XFWD_TMOUT "300s" 1793 extern int var_lmtp_xfwd_tmout; 1794 1795 #define VAR_LMTP_MAIL_TMOUT "lmtp_mail_timeout" 1796 #define DEF_LMTP_MAIL_TMOUT "300s" 1797 extern int var_lmtp_mail_tmout; 1798 1799 #define VAR_LMTP_RCPT_TMOUT "lmtp_rcpt_timeout" 1800 #define DEF_LMTP_RCPT_TMOUT "300s" 1801 extern int var_lmtp_rcpt_tmout; 1802 1803 #define VAR_LMTP_DATA0_TMOUT "lmtp_data_init_timeout" 1804 #define DEF_LMTP_DATA0_TMOUT "120s" 1805 extern int var_lmtp_data0_tmout; 1806 1807 #define VAR_LMTP_DATA1_TMOUT "lmtp_data_xfer_timeout" 1808 #define DEF_LMTP_DATA1_TMOUT "180s" 1809 extern int var_lmtp_data1_tmout; 1810 1811 #define VAR_LMTP_DATA2_TMOUT "lmtp_data_done_timeout" 1812 #define DEF_LMTP_DATA2_TMOUT "600s" 1813 extern int var_lmtp_data2_tmout; 1814 1815 #define VAR_LMTP_QUIT_TMOUT "lmtp_quit_timeout" 1816 #define DEF_LMTP_QUIT_TMOUT "300s" 1817 extern int var_lmtp_quit_tmout; 1818 1819 #define VAR_LMTP_SEND_XFORWARD "lmtp_send_xforward_command" 1820 #define DEF_LMTP_SEND_XFORWARD 0 1821 extern bool var_lmtp_send_xforward; 1822 1823 /* 1824 * Cleanup service. Header info that exceeds $header_size_limit bytes or 1825 * $header_address_token_limit tokens is discarded. 1826 */ 1827 #define VAR_HOPCOUNT_LIMIT "hopcount_limit" 1828 #define DEF_HOPCOUNT_LIMIT 50 1829 extern int var_hopcount_limit; 1830 1831 #define VAR_HEADER_LIMIT "header_size_limit" 1832 #define DEF_HEADER_LIMIT 102400 1833 extern int var_header_limit; 1834 1835 #define VAR_TOKEN_LIMIT "header_address_token_limit" 1836 #define DEF_TOKEN_LIMIT 10240 1837 extern int var_token_limit; 1838 1839 #define VAR_VIRT_RECUR_LIMIT "virtual_alias_recursion_limit" 1840 #define DEF_VIRT_RECUR_LIMIT 1000 1841 extern int var_virt_recur_limit; 1842 1843 #define VAR_VIRT_EXPAN_LIMIT "virtual_alias_expansion_limit" 1844 #define DEF_VIRT_EXPAN_LIMIT 1000 1845 extern int var_virt_expan_limit; 1846 1847 /* 1848 * Message/queue size limits. 1849 */ 1850 #define VAR_MESSAGE_LIMIT "message_size_limit" 1851 #define DEF_MESSAGE_LIMIT 10240000 1852 extern long var_message_limit; 1853 1854 #define VAR_QUEUE_MINFREE "queue_minfree" 1855 #define DEF_QUEUE_MINFREE 0 1856 extern int var_queue_minfree; 1857 1858 #define VAR_HEADER_CHECKS "header_checks" 1859 #define DEF_HEADER_CHECKS "" 1860 extern char *var_header_checks; 1861 1862 #define VAR_MIMEHDR_CHECKS "mime_header_checks" 1863 #define DEF_MIMEHDR_CHECKS "$header_checks" 1864 extern char *var_mimehdr_checks; 1865 1866 #define VAR_NESTHDR_CHECKS "nested_header_checks" 1867 #define DEF_NESTHDR_CHECKS "$header_checks" 1868 extern char *var_nesthdr_checks; 1869 1870 #define VAR_BODY_CHECKS "body_checks" 1871 #define DEF_BODY_CHECKS "" 1872 extern char *var_body_checks; 1873 1874 #define VAR_BODY_CHECK_LEN "body_checks_size_limit" 1875 #define DEF_BODY_CHECK_LEN (50*1024) 1876 extern int var_body_check_len; 1877 1878 /* 1879 * Bounce service: truncate bounce message that exceed $bounce_size_limit. 1880 */ 1881 #define VAR_BOUNCE_LIMIT "bounce_size_limit" 1882 #define DEF_BOUNCE_LIMIT 50000 1883 extern int var_bounce_limit; 1884 1885 /* 1886 * Bounce service: reserved sender address for double bounces. The local 1887 * delivery service discards undeliverable double bounces. 1888 */ 1889 #define VAR_DOUBLE_BOUNCE "double_bounce_sender" 1890 #define DEF_DOUBLE_BOUNCE "double-bounce" 1891 extern char *var_double_bounce_sender; 1892 1893 /* 1894 * When forking a process, how often to try and how long to wait. 1895 */ 1896 #define VAR_FORK_TRIES "fork_attempts" 1897 #define DEF_FORK_TRIES 5 1898 extern int var_fork_tries; 1899 1900 #define VAR_FORK_DELAY "fork_delay" 1901 #define DEF_FORK_DELAY "1s" 1902 extern int var_fork_delay; 1903 1904 /* 1905 * When locking a mailbox, how often to try and how long to wait. 1906 */ 1907 #define VAR_FLOCK_TRIES "deliver_lock_attempts" 1908 #define DEF_FLOCK_TRIES 20 1909 extern int var_flock_tries; 1910 1911 #define VAR_FLOCK_DELAY "deliver_lock_delay" 1912 #define DEF_FLOCK_DELAY "1s" 1913 extern int var_flock_delay; 1914 1915 #define VAR_FLOCK_STALE "stale_lock_time" 1916 #define DEF_FLOCK_STALE "500s" 1917 extern int var_flock_stale; 1918 1919 #define VAR_MAILTOOL_COMPAT "sun_mailtool_compatibility" 1920 #define DEF_MAILTOOL_COMPAT 0 1921 extern int var_mailtool_compat; 1922 1923 /* 1924 * How long a daemon command may take to receive or deliver a message etc. 1925 * before we assume it is wegded (should never happen). 1926 */ 1927 #define VAR_DAEMON_TIMEOUT "daemon_timeout" 1928 #define DEF_DAEMON_TIMEOUT "18000s" 1929 extern int var_daemon_timeout; 1930 1931 #define VAR_QMGR_DAEMON_TIMEOUT "qmgr_daemon_timeout" 1932 #define DEF_QMGR_DAEMON_TIMEOUT "1000s" 1933 extern int var_qmgr_daemon_timeout; 1934 1935 /* 1936 * How long an intra-mail command may take before we assume the mail system 1937 * is in deadlock (should never happen). 1938 */ 1939 #define VAR_IPC_TIMEOUT "ipc_timeout" 1940 #define DEF_IPC_TIMEOUT "3600s" 1941 extern int var_ipc_timeout; 1942 1943 #define VAR_QMGR_IPC_TIMEOUT "qmgr_ipc_timeout" 1944 #define DEF_QMGR_IPC_TIMEOUT "60s" 1945 extern int var_qmgr_ipc_timeout; 1946 1947 /* 1948 * Time limit on intra-mail triggers. 1949 */ 1950 #define VAR_TRIGGER_TIMEOUT "trigger_timeout" 1951 #define DEF_TRIGGER_TIMEOUT "10s" 1952 extern int var_trigger_timeout; 1953 1954 /* 1955 * SMTP server restrictions. What networks I am willing to relay from, what 1956 * domains I am willing to forward mail from or to, what clients I refuse to 1957 * talk to, and what domains I never want to see in the sender address. 1958 */ 1959 #define VAR_MYNETWORKS "mynetworks" 1960 extern char *var_mynetworks; 1961 1962 #define VAR_MYNETWORKS_STYLE "mynetworks_style" 1963 #define DEF_MYNETWORKS_STYLE MYNETWORKS_STYLE_SUBNET 1964 extern char *var_mynetworks_style; 1965 1966 #define MYNETWORKS_STYLE_CLASS "class" 1967 #define MYNETWORKS_STYLE_SUBNET "subnet" 1968 #define MYNETWORKS_STYLE_HOST "host" 1969 1970 #define VAR_RELAY_DOMAINS "relay_domains" 1971 #define DEF_RELAY_DOMAINS "$mydestination" 1972 extern char *var_relay_domains; 1973 1974 #define VAR_RELAY_TRANSPORT "relay_transport" 1975 #define DEF_RELAY_TRANSPORT MAIL_SERVICE_RELAY 1976 extern char *var_relay_transport; 1977 1978 #define VAR_RELAY_RCPT_MAPS "relay_recipient_maps" 1979 #define DEF_RELAY_RCPT_MAPS "" 1980 extern char *var_relay_rcpt_maps; 1981 1982 #define VAR_RELAY_RCPT_CODE "unknown_relay_recipient_reject_code" 1983 #define DEF_RELAY_RCPT_CODE 550 1984 extern int var_relay_rcpt_code; 1985 1986 #define VAR_RELAY_CCERTS "relay_clientcerts" 1987 #define DEF_RELAY_CCERTS "" 1988 extern char *var_smtpd_relay_ccerts; 1989 1990 #define VAR_CLIENT_CHECKS "smtpd_client_restrictions" 1991 #define DEF_CLIENT_CHECKS "" 1992 extern char *var_client_checks; 1993 1994 #define VAR_HELO_REQUIRED "smtpd_helo_required" 1995 #define DEF_HELO_REQUIRED 0 1996 extern bool var_helo_required; 1997 1998 #define VAR_HELO_CHECKS "smtpd_helo_restrictions" 1999 #define DEF_HELO_CHECKS "" 2000 extern char *var_helo_checks; 2001 2002 #define VAR_MAIL_CHECKS "smtpd_sender_restrictions" 2003 #define DEF_MAIL_CHECKS "" 2004 extern char *var_mail_checks; 2005 2006 #define VAR_RELAY_CHECKS "smtpd_relay_restrictions" 2007 #define DEF_RELAY_CHECKS PERMIT_MYNETWORKS ", " \ 2008 PERMIT_SASL_AUTH ", " \ 2009 DEFER_UNAUTH_DEST 2010 extern char *var_relay_checks; 2011 2012 #define VAR_RCPT_CHECKS "smtpd_recipient_restrictions" 2013 #define DEF_RCPT_CHECKS "" 2014 extern char *var_rcpt_checks; 2015 2016 #define VAR_ETRN_CHECKS "smtpd_etrn_restrictions" 2017 #define DEF_ETRN_CHECKS "" 2018 extern char *var_etrn_checks; 2019 2020 #define VAR_DATA_CHECKS "smtpd_data_restrictions" 2021 #define DEF_DATA_CHECKS "" 2022 extern char *var_data_checks; 2023 2024 #define VAR_EOD_CHECKS "smtpd_end_of_data_restrictions" 2025 #define DEF_EOD_CHECKS "" 2026 extern char *var_eod_checks; 2027 2028 #define VAR_REST_CLASSES "smtpd_restriction_classes" 2029 #define DEF_REST_CLASSES "" 2030 extern char *var_rest_classes; 2031 2032 #define VAR_ALLOW_UNTRUST_ROUTE "allow_untrusted_routing" 2033 #define DEF_ALLOW_UNTRUST_ROUTE 0 2034 extern bool var_allow_untrust_route; 2035 2036 /* 2037 * Names of specific restrictions, and the corresponding configuration 2038 * parameters that control the status codes sent in response to rejected 2039 * requests. 2040 */ 2041 #define PERMIT_ALL "permit" 2042 #define REJECT_ALL "reject" 2043 #define VAR_REJECT_CODE "reject_code" 2044 #define DEF_REJECT_CODE 554 2045 extern int var_reject_code; 2046 2047 #define DEFER_ALL "defer" 2048 #define VAR_DEFER_CODE "defer_code" 2049 #define DEF_DEFER_CODE 450 2050 extern int var_defer_code; 2051 2052 #define DEFER_IF_PERMIT "defer_if_permit" 2053 #define DEFER_IF_REJECT "defer_if_reject" 2054 2055 #define VAR_REJECT_TMPF_ACT "reject_tempfail_action" 2056 #define DEF_REJECT_TMPF_ACT DEFER_IF_PERMIT 2057 extern char *var_reject_tmpf_act; 2058 2059 #define SLEEP "sleep" 2060 2061 #define REJECT_PLAINTEXT_SESSION "reject_plaintext_session" 2062 #define VAR_PLAINTEXT_CODE "plaintext_reject_code" 2063 #define DEF_PLAINTEXT_CODE 450 2064 extern int var_plaintext_code; 2065 2066 #define REJECT_UNKNOWN_CLIENT "reject_unknown_client" 2067 #define REJECT_UNKNOWN_CLIENT_HOSTNAME "reject_unknown_client_hostname" 2068 #define REJECT_UNKNOWN_REVERSE_HOSTNAME "reject_unknown_reverse_client_hostname" 2069 #define REJECT_UNKNOWN_FORWARD_HOSTNAME "reject_unknown_forward_client_hostname" 2070 #define VAR_UNK_CLIENT_CODE "unknown_client_reject_code" 2071 #define DEF_UNK_CLIENT_CODE 450 2072 extern int var_unk_client_code; 2073 2074 #define PERMIT_INET_INTERFACES "permit_inet_interfaces" 2075 2076 #define PERMIT_MYNETWORKS "permit_mynetworks" 2077 2078 #define PERMIT_NAKED_IP_ADDR "permit_naked_ip_address" 2079 2080 #define REJECT_INVALID_HELO_HOSTNAME "reject_invalid_helo_hostname" 2081 #define REJECT_INVALID_HOSTNAME "reject_invalid_hostname" 2082 #define VAR_BAD_NAME_CODE "invalid_hostname_reject_code" 2083 #define DEF_BAD_NAME_CODE 501 /* SYNTAX */ 2084 extern int var_bad_name_code; 2085 2086 #define REJECT_UNKNOWN_HELO_HOSTNAME "reject_unknown_helo_hostname" 2087 #define REJECT_UNKNOWN_HOSTNAME "reject_unknown_hostname" 2088 #define VAR_UNK_NAME_CODE "unknown_hostname_reject_code" 2089 #define DEF_UNK_NAME_CODE 450 2090 extern int var_unk_name_code; 2091 2092 #define VAR_UNK_NAME_TF_ACT "unknown_helo_hostname_tempfail_action" 2093 #define DEF_UNK_NAME_TF_ACT "$" VAR_REJECT_TMPF_ACT 2094 extern char *var_unk_name_tf_act; 2095 2096 #define REJECT_NON_FQDN_HELO_HOSTNAME "reject_non_fqdn_helo_hostname" 2097 #define REJECT_NON_FQDN_HOSTNAME "reject_non_fqdn_hostname" 2098 #define REJECT_NON_FQDN_SENDER "reject_non_fqdn_sender" 2099 #define REJECT_NON_FQDN_RCPT "reject_non_fqdn_recipient" 2100 #define VAR_NON_FQDN_CODE "non_fqdn_reject_code" 2101 #define DEF_NON_FQDN_CODE 504 /* POLICY */ 2102 extern int var_non_fqdn_code; 2103 2104 #define REJECT_UNKNOWN_SENDDOM "reject_unknown_sender_domain" 2105 #define REJECT_UNKNOWN_RCPTDOM "reject_unknown_recipient_domain" 2106 #define REJECT_UNKNOWN_ADDRESS "reject_unknown_address" 2107 #define REJECT_UNLISTED_SENDER "reject_unlisted_sender" 2108 #define REJECT_UNLISTED_RCPT "reject_unlisted_recipient" 2109 #define CHECK_RCPT_MAPS "check_recipient_maps" 2110 2111 #define VAR_UNK_ADDR_CODE "unknown_address_reject_code" 2112 #define DEF_UNK_ADDR_CODE 450 2113 extern int var_unk_addr_code; 2114 2115 #define VAR_UNK_ADDR_TF_ACT "unknown_address_tempfail_action" 2116 #define DEF_UNK_ADDR_TF_ACT "$" VAR_REJECT_TMPF_ACT 2117 extern char *var_unk_addr_tf_act; 2118 2119 #define VAR_SMTPD_REJ_UNL_FROM "smtpd_reject_unlisted_sender" 2120 #define DEF_SMTPD_REJ_UNL_FROM 0 2121 extern bool var_smtpd_rej_unl_from; 2122 2123 #define VAR_SMTPD_REJ_UNL_RCPT "smtpd_reject_unlisted_recipient" 2124 #define DEF_SMTPD_REJ_UNL_RCPT 1 2125 extern bool var_smtpd_rej_unl_rcpt; 2126 2127 #define REJECT_UNVERIFIED_RECIP "reject_unverified_recipient" 2128 #define VAR_UNV_RCPT_RCODE "unverified_recipient_reject_code" 2129 #define DEF_UNV_RCPT_RCODE 450 2130 extern int var_unv_rcpt_rcode; 2131 2132 #define REJECT_UNVERIFIED_SENDER "reject_unverified_sender" 2133 #define VAR_UNV_FROM_RCODE "unverified_sender_reject_code" 2134 #define DEF_UNV_FROM_RCODE 450 2135 extern int var_unv_from_rcode; 2136 2137 #define VAR_UNV_RCPT_DCODE "unverified_recipient_defer_code" 2138 #define DEF_UNV_RCPT_DCODE 450 2139 extern int var_unv_rcpt_dcode; 2140 2141 #define VAR_UNV_FROM_DCODE "unverified_sender_defer_code" 2142 #define DEF_UNV_FROM_DCODE 450 2143 extern int var_unv_from_dcode; 2144 2145 #define VAR_UNV_RCPT_TF_ACT "unverified_recipient_tempfail_action" 2146 #define DEF_UNV_RCPT_TF_ACT "$" VAR_REJECT_TMPF_ACT 2147 extern char *var_unv_rcpt_tf_act; 2148 2149 #define VAR_UNV_FROM_TF_ACT "unverified_sender_tempfail_action" 2150 #define DEF_UNV_FROM_TF_ACT "$" VAR_REJECT_TMPF_ACT 2151 extern char *var_unv_from_tf_act; 2152 2153 #define VAR_UNV_RCPT_WHY "unverified_recipient_reject_reason" 2154 #define DEF_UNV_RCPT_WHY "" 2155 extern char *var_unv_rcpt_why; 2156 2157 #define VAR_UNV_FROM_WHY "unverified_sender_reject_reason" 2158 #define DEF_UNV_FROM_WHY "" 2159 extern char *var_unv_from_why; 2160 2161 #define REJECT_MUL_RCPT_BOUNCE "reject_multi_recipient_bounce" 2162 #define VAR_MUL_RCPT_CODE "multi_recipient_bounce_reject_code" 2163 #define DEF_MUL_RCPT_CODE 550 2164 extern int var_mul_rcpt_code; 2165 2166 #define PERMIT_AUTH_DEST "permit_auth_destination" 2167 #define REJECT_UNAUTH_DEST "reject_unauth_destination" 2168 #define DEFER_UNAUTH_DEST "defer_unauth_destination" 2169 #define CHECK_RELAY_DOMAINS "check_relay_domains" 2170 #define PERMIT_TLS_CLIENTCERTS "permit_tls_clientcerts" 2171 #define PERMIT_TLS_ALL_CLIENTCERTS "permit_tls_all_clientcerts" 2172 #define VAR_RELAY_CODE "relay_domains_reject_code" 2173 #define DEF_RELAY_CODE 554 2174 extern int var_relay_code; 2175 2176 #define PERMIT_MX_BACKUP "permit_mx_backup" 2177 2178 #define VAR_PERM_MX_NETWORKS "permit_mx_backup_networks" 2179 #define DEF_PERM_MX_NETWORKS "" 2180 extern char *var_perm_mx_networks; 2181 2182 #define VAR_MAP_REJECT_CODE "access_map_reject_code" 2183 #define DEF_MAP_REJECT_CODE 554 2184 extern int var_map_reject_code; 2185 2186 #define VAR_MAP_DEFER_CODE "access_map_defer_code" 2187 #define DEF_MAP_DEFER_CODE 450 2188 extern int var_map_defer_code; 2189 2190 #define CHECK_CLIENT_ACL "check_client_access" 2191 #define CHECK_REVERSE_CLIENT_ACL "check_reverse_client_hostname_access" 2192 #define CHECK_CCERT_ACL "check_ccert_access" 2193 #define CHECK_SASL_ACL "check_sasl_access" 2194 #define CHECK_HELO_ACL "check_helo_access" 2195 #define CHECK_SENDER_ACL "check_sender_access" 2196 #define CHECK_RECIP_ACL "check_recipient_access" 2197 #define CHECK_ETRN_ACL "check_etrn_access" 2198 2199 #define CHECK_CLIENT_MX_ACL "check_client_mx_access" 2200 #define CHECK_REVERSE_CLIENT_MX_ACL "check_reverse_client_hostname_mx_access" 2201 #define CHECK_HELO_MX_ACL "check_helo_mx_access" 2202 #define CHECK_SENDER_MX_ACL "check_sender_mx_access" 2203 #define CHECK_RECIP_MX_ACL "check_recipient_mx_access" 2204 #define CHECK_CLIENT_NS_ACL "check_client_ns_access" 2205 #define CHECK_REVERSE_CLIENT_NS_ACL "check_reverse_client_hostname_ns_access" 2206 #define CHECK_HELO_NS_ACL "check_helo_ns_access" 2207 #define CHECK_SENDER_NS_ACL "check_sender_ns_access" 2208 #define CHECK_RECIP_NS_ACL "check_recipient_ns_access" 2209 2210 #define WARN_IF_REJECT "warn_if_reject" 2211 2212 #define REJECT_RBL "reject_rbl" /* LaMont compatibility */ 2213 #define REJECT_RBL_CLIENT "reject_rbl_client" 2214 #define REJECT_RHSBL_CLIENT "reject_rhsbl_client" 2215 #define REJECT_RHSBL_REVERSE_CLIENT "reject_rhsbl_reverse_client" 2216 #define REJECT_RHSBL_HELO "reject_rhsbl_helo" 2217 #define REJECT_RHSBL_SENDER "reject_rhsbl_sender" 2218 #define REJECT_RHSBL_RECIPIENT "reject_rhsbl_recipient" 2219 2220 #define PERMIT_DNSWL_CLIENT "permit_dnswl_client" 2221 #define PERMIT_RHSWL_CLIENT "permit_rhswl_client" 2222 2223 #define VAR_RBL_REPLY_MAPS "rbl_reply_maps" 2224 #define DEF_RBL_REPLY_MAPS "" 2225 extern char *var_rbl_reply_maps; 2226 2227 #define VAR_DEF_RBL_REPLY "default_rbl_reply" 2228 #define DEF_DEF_RBL_REPLY "$rbl_code Service unavailable; $rbl_class [$rbl_what] blocked using $rbl_domain${rbl_reason?; $rbl_reason}" 2229 extern char *var_def_rbl_reply; 2230 2231 #define REJECT_MAPS_RBL "reject_maps_rbl" /* backwards compat */ 2232 #define VAR_MAPS_RBL_CODE "maps_rbl_reject_code" 2233 #define DEF_MAPS_RBL_CODE 554 2234 extern int var_maps_rbl_code; 2235 2236 #define VAR_MAPS_RBL_DOMAINS "maps_rbl_domains" /* backwards compat */ 2237 #define DEF_MAPS_RBL_DOMAINS "" 2238 extern char *var_maps_rbl_domains; 2239 2240 #define VAR_SMTPD_DELAY_REJECT "smtpd_delay_reject" 2241 #define DEF_SMTPD_DELAY_REJECT 1 2242 extern int var_smtpd_delay_reject; 2243 2244 #define REJECT_UNAUTH_PIPE "reject_unauth_pipelining" 2245 2246 #define VAR_SMTPD_NULL_KEY "smtpd_null_access_lookup_key" 2247 #define DEF_SMTPD_NULL_KEY "<>" 2248 extern char *var_smtpd_null_key; 2249 2250 #define VAR_SMTPD_EXP_FILTER "smtpd_expansion_filter" 2251 #define DEF_SMTPD_EXP_FILTER "\\t\\40!\"#$%&'()*+,-./0123456789:;<=>?@\ 2252 ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\\\]^_`\ 2253 abcdefghijklmnopqrstuvwxyz{|}~" 2254 extern char *var_smtpd_exp_filter; 2255 2256 #define VAR_SMTPD_PEERNAME_LOOKUP "smtpd_peername_lookup" 2257 #define DEF_SMTPD_PEERNAME_LOOKUP 1 2258 extern bool var_smtpd_peername_lookup; 2259 2260 /* 2261 * Heuristic to reject unknown local recipients at the SMTP port. 2262 */ 2263 #define VAR_LOCAL_RCPT_MAPS "local_recipient_maps" 2264 #define DEF_LOCAL_RCPT_MAPS "proxy:unix:passwd.byname $" VAR_ALIAS_MAPS 2265 extern char *var_local_rcpt_maps; 2266 2267 #define VAR_LOCAL_RCPT_CODE "unknown_local_recipient_reject_code" 2268 #define DEF_LOCAL_RCPT_CODE 550 2269 extern int var_local_rcpt_code; 2270 2271 /* 2272 * List of pre-approved maps that are OK to open with the proxymap service. 2273 */ 2274 #define VAR_PROXY_READ_MAPS "proxy_read_maps" 2275 #define DEF_PROXY_READ_MAPS "$" VAR_LOCAL_RCPT_MAPS \ 2276 " $" VAR_MYDEST \ 2277 " $" VAR_VIRT_ALIAS_MAPS \ 2278 " $" VAR_VIRT_ALIAS_DOMS \ 2279 " $" VAR_VIRT_MAILBOX_MAPS \ 2280 " $" VAR_VIRT_MAILBOX_DOMS \ 2281 " $" VAR_RELAY_RCPT_MAPS \ 2282 " $" VAR_RELAY_DOMAINS \ 2283 " $" VAR_CANONICAL_MAPS \ 2284 " $" VAR_SEND_CANON_MAPS \ 2285 " $" VAR_RCPT_CANON_MAPS \ 2286 " $" VAR_RELOCATED_MAPS \ 2287 " $" VAR_TRANSPORT_MAPS \ 2288 " $" VAR_MYNETWORKS \ 2289 " $" VAR_SMTPD_SND_AUTH_MAPS \ 2290 " $" VAR_SEND_BCC_MAPS \ 2291 " $" VAR_RCPT_BCC_MAPS \ 2292 " $" VAR_SMTP_GENERIC_MAPS \ 2293 " $" VAR_LMTP_GENERIC_MAPS \ 2294 " $" VAR_ALIAS_MAPS 2295 extern char *var_proxy_read_maps; 2296 2297 #define VAR_PROXY_WRITE_MAPS "proxy_write_maps" 2298 #define DEF_PROXY_WRITE_MAPS "$" VAR_SMTP_SASL_AUTH_CACHE_NAME \ 2299 " $" VAR_LMTP_SASL_AUTH_CACHE_NAME \ 2300 " $" VAR_VERIFY_MAP \ 2301 " $" VAR_PSC_CACHE_MAP 2302 extern char *var_proxy_write_maps; 2303 2304 #define VAR_PROXY_READ_ACL "proxy_read_access_list" 2305 #define DEF_PROXY_READ_ACL "reject" 2306 extern char *var_proxy_read_acl; 2307 2308 #define VAR_PROXY_WRITE_ACL "proxy_write_access_list" 2309 #define DEF_PROXY_WRITE_ACL "reject" 2310 extern char *var_proxy_write_acl; 2311 2312 /* 2313 * Other. 2314 */ 2315 #define VAR_PROCNAME "process_name" 2316 extern char *var_procname; 2317 2318 #define VAR_PID "process_id" 2319 extern int var_pid; 2320 2321 #define VAR_DEBUG_COMMAND "debugger_command" 2322 2323 /* 2324 * Paranoia: save files instead of deleting them. 2325 */ 2326 #define VAR_DONT_REMOVE "dont_remove" 2327 #define DEF_DONT_REMOVE 0 2328 extern bool var_dont_remove; 2329 2330 /* 2331 * Paranoia: defer messages instead of bouncing them. 2332 */ 2333 #define VAR_SOFT_BOUNCE "soft_bounce" 2334 #define DEF_SOFT_BOUNCE 0 2335 extern bool var_soft_bounce; 2336 2337 /* 2338 * Give special treatment to owner- and -request. 2339 */ 2340 #define VAR_OWNREQ_SPECIAL "owner_request_special" 2341 #define DEF_OWNREQ_SPECIAL 1 2342 extern bool var_ownreq_special; 2343 2344 /* 2345 * Allow/disallow recipient addresses starting with `-'. 2346 */ 2347 #define VAR_ALLOW_MIN_USER "allow_min_user" 2348 #define DEF_ALLOW_MIN_USER 0 2349 extern bool var_allow_min_user; 2350 2351 extern void mail_params_init(void); 2352 2353 /* 2354 * Content inspection and filtering. 2355 */ 2356 #define VAR_FILTER_XPORT "content_filter" 2357 #define DEF_FILTER_XPORT "" 2358 extern char *var_filter_xport; 2359 2360 #define VAR_DEF_FILTER_NEXTHOP "default_filter_nexthop" 2361 #define DEF_DEF_FILTER_NEXTHOP "" 2362 extern char *var_def_filter_nexthop; 2363 2364 /* 2365 * Fast flush service support. 2366 */ 2367 #define VAR_FFLUSH_DOMAINS "fast_flush_domains" 2368 #define DEF_FFLUSH_DOMAINS "$relay_domains" 2369 extern char *var_fflush_domains; 2370 2371 #define VAR_FFLUSH_PURGE "fast_flush_purge_time" 2372 #define DEF_FFLUSH_PURGE "7d" 2373 extern int var_fflush_purge; 2374 2375 #define VAR_FFLUSH_REFRESH "fast_flush_refresh_time" 2376 #define DEF_FFLUSH_REFRESH "12h" 2377 extern int var_fflush_refresh; 2378 2379 /* 2380 * Environmental management - what Postfix imports from the external world, 2381 * and what Postfix exports to the external world. 2382 */ 2383 #define VAR_IMPORT_ENVIRON "import_environment" 2384 #define DEF_IMPORT_ENVIRON "MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG TZ XAUTHORITY DISPLAY LANG=C" 2385 extern char *var_import_environ; 2386 2387 #define VAR_EXPORT_ENVIRON "export_environment" 2388 #define DEF_EXPORT_ENVIRON "TZ MAIL_CONFIG LANG" 2389 extern char *var_export_environ; 2390 2391 /* 2392 * Tunables for the "virtual" local delivery agent 2393 */ 2394 #define VAR_VIRT_TRANSPORT "virtual_transport" 2395 #define DEF_VIRT_TRANSPORT MAIL_SERVICE_VIRTUAL 2396 extern char *var_virt_transport; 2397 2398 #define VAR_VIRT_MAILBOX_MAPS "virtual_mailbox_maps" 2399 #define DEF_VIRT_MAILBOX_MAPS "" 2400 extern char *var_virt_mailbox_maps; 2401 2402 #define VAR_VIRT_MAILBOX_DOMS "virtual_mailbox_domains" 2403 #define DEF_VIRT_MAILBOX_DOMS "$virtual_mailbox_maps" 2404 extern char *var_virt_mailbox_doms; 2405 2406 #define VAR_VIRT_MAILBOX_CODE "unknown_virtual_mailbox_reject_code" 2407 #define DEF_VIRT_MAILBOX_CODE 550 2408 extern int var_virt_mailbox_code; 2409 2410 #define VAR_VIRT_UID_MAPS "virtual_uid_maps" 2411 #define DEF_VIRT_UID_MAPS "" 2412 extern char *var_virt_uid_maps; 2413 2414 #define VAR_VIRT_GID_MAPS "virtual_gid_maps" 2415 #define DEF_VIRT_GID_MAPS "" 2416 extern char *var_virt_gid_maps; 2417 2418 #define VAR_VIRT_MINUID "virtual_minimum_uid" 2419 #define DEF_VIRT_MINUID 100 2420 extern int var_virt_minimum_uid; 2421 2422 #define VAR_VIRT_MAILBOX_BASE "virtual_mailbox_base" 2423 #define DEF_VIRT_MAILBOX_BASE "" 2424 extern char *var_virt_mailbox_base; 2425 2426 #define VAR_VIRT_MAILBOX_LIMIT "virtual_mailbox_limit" 2427 #define DEF_VIRT_MAILBOX_LIMIT (5 * DEF_MESSAGE_LIMIT) 2428 extern long var_virt_mailbox_limit; 2429 2430 #define VAR_VIRT_MAILBOX_LOCK "virtual_mailbox_lock" 2431 #define DEF_VIRT_MAILBOX_LOCK "fcntl, dotlock" 2432 extern char *var_virt_mailbox_lock; 2433 2434 /* 2435 * Distinct logging tag for multiple Postfix instances. 2436 */ 2437 #define VAR_SYSLOG_NAME "syslog_name" 2438 #if 1 2439 #define DEF_SYSLOG_NAME \ 2440 "${" VAR_MULTI_NAME ":postfix}${" VAR_MULTI_NAME "?$" VAR_MULTI_NAME "}" 2441 #else 2442 #define DEF_SYSLOG_NAME "postfix" 2443 #endif 2444 extern char *var_syslog_name; 2445 2446 /* 2447 * QMQPD 2448 */ 2449 #define VAR_QMQPD_CLIENTS "qmqpd_authorized_clients" 2450 #define DEF_QMQPD_CLIENTS "" 2451 extern char *var_qmqpd_clients; 2452 2453 #define VAR_QMTPD_TMOUT "qmqpd_timeout" 2454 #define DEF_QMTPD_TMOUT "300s" 2455 extern int var_qmqpd_timeout; 2456 2457 #define VAR_QMTPD_ERR_SLEEP "qmqpd_error_delay" 2458 #define DEF_QMTPD_ERR_SLEEP "1s" 2459 extern int var_qmqpd_err_sleep; 2460 2461 /* 2462 * VERP, more DJB intellectual cross-pollination. However, we prefer + as 2463 * the default recipient delimiter. 2464 */ 2465 #define VAR_VERP_DELIMS "default_verp_delimiters" 2466 #define DEF_VERP_DELIMS "+=" 2467 extern char *var_verp_delims; 2468 2469 #define VAR_VERP_FILTER "verp_delimiter_filter" 2470 #define DEF_VERP_FILTER "-=+" 2471 extern char *var_verp_filter; 2472 2473 #define VAR_VERP_BOUNCE_OFF "disable_verp_bounces" 2474 #define DEF_VERP_BOUNCE_OFF 0 2475 extern bool var_verp_bounce_off; 2476 2477 #define VAR_VERP_CLIENTS "smtpd_authorized_verp_clients" 2478 #define DEF_VERP_CLIENTS "$authorized_verp_clients" 2479 extern char *var_verp_clients; 2480 2481 /* 2482 * XCLIENT, for rule testing and fetchmail like apps. 2483 */ 2484 #define VAR_XCLIENT_HOSTS "smtpd_authorized_xclient_hosts" 2485 #define DEF_XCLIENT_HOSTS "" 2486 extern char *var_xclient_hosts; 2487 2488 /* 2489 * XFORWARD, for improved post-filter logging. 2490 */ 2491 #define VAR_XFORWARD_HOSTS "smtpd_authorized_xforward_hosts" 2492 #define DEF_XFORWARD_HOSTS "" 2493 extern char *var_xforward_hosts; 2494 2495 /* 2496 * Inbound mail flow control. This allows for a stiffer coupling between 2497 * receiving mail and sending mail. A sending process produces one token for 2498 * each message that it takes from the incoming queue; a receiving process 2499 * consumes one token for each message that it adds to the incoming queue. 2500 * When no token is available (Postfix receives more mail than it is able to 2501 * deliver) a receiving process pauses for $in_flow_delay seconds so that 2502 * the sending processes get a chance to access the disk. 2503 */ 2504 #define VAR_IN_FLOW_DELAY "in_flow_delay" 2505 #ifdef PIPES_CANT_FIONREAD 2506 #define DEF_IN_FLOW_DELAY "0s" 2507 #else 2508 #define DEF_IN_FLOW_DELAY "1s" 2509 #endif 2510 extern int var_in_flow_delay; 2511 2512 /* 2513 * Backwards compatibility: foo.com matches itself and names below foo.com. 2514 */ 2515 #define VAR_PAR_DOM_MATCH "parent_domain_matches_subdomains" 2516 #define DEF_PAR_DOM_MATCH VAR_DEBUG_PEER_LIST "," \ 2517 VAR_FFLUSH_DOMAINS "," \ 2518 VAR_MYNETWORKS "," \ 2519 VAR_PERM_MX_NETWORKS "," \ 2520 VAR_QMQPD_CLIENTS "," \ 2521 VAR_RELAY_DOMAINS "," \ 2522 SMTPD_ACCESS_MAPS 2523 extern char *var_par_dom_match; 2524 2525 #define SMTPD_ACCESS_MAPS "smtpd_access_maps" 2526 2527 /* 2528 * Run-time fault injection. 2529 */ 2530 #define VAR_FAULT_INJ_CODE "fault_injection_code" 2531 #define DEF_FAULT_INJ_CODE 0 2532 extern int var_fault_inj_code; 2533 2534 /* 2535 * Install/upgrade information. 2536 */ 2537 #define VAR_SENDMAIL_PATH "sendmail_path" 2538 #ifndef DEF_SENDMAIL_PATH 2539 #define DEF_SENDMAIL_PATH "/usr/sbin/sendmail" 2540 #endif 2541 2542 #define VAR_MAILQ_PATH "mailq_path" 2543 #ifndef DEF_MAILQ_PATH 2544 #define DEF_MAILQ_PATH "/usr/bin/mailq" 2545 #endif 2546 2547 #define VAR_NEWALIAS_PATH "newaliases_path" 2548 #ifndef DEF_NEWALIAS_PATH 2549 #define DEF_NEWALIAS_PATH "/usr/bin/newaliases" 2550 #endif 2551 2552 #define VAR_MANPAGE_DIR "manpage_directory" 2553 #ifndef DEF_MANPAGE_DIR 2554 #define DEF_MANPAGE_DIR "/usr/local/man" 2555 #endif 2556 2557 #define VAR_SAMPLE_DIR "sample_directory" 2558 #ifndef DEF_SAMPLE_DIR 2559 #define DEF_SAMPLE_DIR DEF_CONFIG_DIR 2560 #endif 2561 2562 #define VAR_README_DIR "readme_directory" 2563 #ifndef DEF_README_DIR 2564 #define DEF_README_DIR "no" 2565 #endif 2566 2567 #define VAR_HTML_DIR "html_directory" 2568 #ifndef DEF_HTML_DIR 2569 #define DEF_HTML_DIR "no" 2570 #endif 2571 2572 /* 2573 * Safety: resolve the address with unquoted localpart (default, but 2574 * technically incorrect), instead of resolving the address with quoted 2575 * localpart (technically correct, but unsafe). The default prevents mail 2576 * relay loopholes with "user@domain"@domain when relaying mail to a 2577 * Sendmail system. 2578 */ 2579 #define VAR_RESOLVE_DEQUOTED "resolve_dequoted_address" 2580 #define DEF_RESOLVE_DEQUOTED 1 2581 extern bool var_resolve_dequoted; 2582 2583 #define VAR_RESOLVE_NULLDOM "resolve_null_domain" 2584 #define DEF_RESOLVE_NULLDOM 0 2585 extern bool var_resolve_nulldom; 2586 2587 #define VAR_RESOLVE_NUM_DOM "resolve_numeric_domain" 2588 #define DEF_RESOLVE_NUM_DOM 0 2589 extern bool var_resolve_num_dom; 2590 2591 /* 2592 * Service names. The transport (TCP, FIFO or UNIX-domain) type is frozen 2593 * because you cannot simply mix them, and accessibility (private/public) is 2594 * frozen for security reasons. We list only the internal services, not the 2595 * externally visible SMTP server, or the delivery agents that can already 2596 * be chosen via transport mappings etc. 2597 */ 2598 #define VAR_BOUNCE_SERVICE "bounce_service_name" 2599 #define DEF_BOUNCE_SERVICE MAIL_SERVICE_BOUNCE 2600 extern char *var_bounce_service; 2601 2602 #define VAR_CLEANUP_SERVICE "cleanup_service_name" 2603 #define DEF_CLEANUP_SERVICE MAIL_SERVICE_CLEANUP 2604 extern char *var_cleanup_service; 2605 2606 #define VAR_DEFER_SERVICE "defer_service_name" 2607 #define DEF_DEFER_SERVICE MAIL_SERVICE_DEFER 2608 extern char *var_defer_service; 2609 2610 #define VAR_PICKUP_SERVICE "pickup_service_name" 2611 #define DEF_PICKUP_SERVICE MAIL_SERVICE_PICKUP 2612 extern char *var_pickup_service; 2613 2614 #define VAR_QUEUE_SERVICE "queue_service_name" 2615 #define DEF_QUEUE_SERVICE MAIL_SERVICE_QUEUE 2616 extern char *var_queue_service; 2617 2618 /* XXX resolve does not exist as a separate service */ 2619 2620 #define VAR_REWRITE_SERVICE "rewrite_service_name" 2621 #define DEF_REWRITE_SERVICE MAIL_SERVICE_REWRITE 2622 extern char *var_rewrite_service; 2623 2624 #define VAR_SHOWQ_SERVICE "showq_service_name" 2625 #define DEF_SHOWQ_SERVICE MAIL_SERVICE_SHOWQ 2626 extern char *var_showq_service; 2627 2628 #define VAR_ERROR_SERVICE "error_service_name" 2629 #define DEF_ERROR_SERVICE MAIL_SERVICE_ERROR 2630 extern char *var_error_service; 2631 2632 #define VAR_FLUSH_SERVICE "flush_service_name" 2633 #define DEF_FLUSH_SERVICE MAIL_SERVICE_FLUSH 2634 extern char *var_flush_service; 2635 2636 /* 2637 * Session cache service. 2638 */ 2639 #define VAR_SCACHE_SERVICE "connection_cache_service_name" 2640 #define DEF_SCACHE_SERVICE "scache" 2641 extern char *var_scache_service; 2642 2643 #define VAR_SCACHE_PROTO_TMOUT "connection_cache_protocol_timeout" 2644 #define DEF_SCACHE_PROTO_TMOUT "5s" 2645 extern int var_scache_proto_tmout; 2646 2647 #define VAR_SCACHE_TTL_LIM "connection_cache_ttl_limit" 2648 #define DEF_SCACHE_TTL_LIM "2s" 2649 extern int var_scache_ttl_lim; 2650 2651 #define VAR_SCACHE_STAT_TIME "connection_cache_status_update_time" 2652 #define DEF_SCACHE_STAT_TIME "600s" 2653 extern int var_scache_stat_time; 2654 2655 /* 2656 * Address verification service. 2657 */ 2658 #define VAR_VERIFY_SERVICE "address_verify_service_name" 2659 #define DEF_VERIFY_SERVICE MAIL_SERVICE_VERIFY 2660 extern char *var_verify_service; 2661 2662 #define VAR_VERIFY_MAP "address_verify_map" 2663 #define DEF_VERIFY_MAP "btree:$data_directory/verify_cache" 2664 extern char *var_verify_map; 2665 2666 #define VAR_VERIFY_POS_EXP "address_verify_positive_expire_time" 2667 #define DEF_VERIFY_POS_EXP "31d" 2668 extern int var_verify_pos_exp; 2669 2670 #define VAR_VERIFY_POS_TRY "address_verify_positive_refresh_time" 2671 #define DEF_VERIFY_POS_TRY "7d" 2672 extern int var_verify_pos_try; 2673 2674 #define VAR_VERIFY_NEG_EXP "address_verify_negative_expire_time" 2675 #define DEF_VERIFY_NEG_EXP "3d" 2676 extern int var_verify_neg_exp; 2677 2678 #define VAR_VERIFY_NEG_TRY "address_verify_negative_refresh_time" 2679 #define DEF_VERIFY_NEG_TRY "3h" 2680 extern int var_verify_neg_try; 2681 2682 #define VAR_VERIFY_NEG_CACHE "address_verify_negative_cache" 2683 #define DEF_VERIFY_NEG_CACHE 1 2684 extern bool var_verify_neg_cache; 2685 2686 #define VAR_VERIFY_SCAN_CACHE "address_verify_cache_cleanup_interval" 2687 #define DEF_VERIFY_SCAN_CACHE "12h" 2688 extern int var_verify_scan_cache; 2689 2690 #define VAR_VERIFY_SENDER "address_verify_sender" 2691 #define DEF_VERIFY_SENDER "$" VAR_DOUBLE_BOUNCE 2692 extern char *var_verify_sender; 2693 2694 #define VAR_VERIFY_SENDER_TTL "address_verify_sender_ttl" 2695 #define DEF_VERIFY_SENDER_TTL "0s" 2696 extern int var_verify_sender_ttl; 2697 2698 #define VAR_VERIFY_POLL_COUNT "address_verify_poll_count" 2699 #define DEF_VERIFY_POLL_COUNT "${stress?1}${stress:3}" 2700 extern int var_verify_poll_count; 2701 2702 #define VAR_VERIFY_POLL_DELAY "address_verify_poll_delay" 2703 #define DEF_VERIFY_POLL_DELAY "3s" 2704 extern int var_verify_poll_delay; 2705 2706 #define VAR_VRFY_LOCAL_XPORT "address_verify_local_transport" 2707 #define DEF_VRFY_LOCAL_XPORT "$" VAR_LOCAL_TRANSPORT 2708 extern char *var_vrfy_local_xport; 2709 2710 #define VAR_VRFY_VIRT_XPORT "address_verify_virtual_transport" 2711 #define DEF_VRFY_VIRT_XPORT "$" VAR_VIRT_TRANSPORT 2712 extern char *var_vrfy_virt_xport; 2713 2714 #define VAR_VRFY_RELAY_XPORT "address_verify_relay_transport" 2715 #define DEF_VRFY_RELAY_XPORT "$" VAR_RELAY_TRANSPORT 2716 extern char *var_vrfy_relay_xport; 2717 2718 #define VAR_VRFY_DEF_XPORT "address_verify_default_transport" 2719 #define DEF_VRFY_DEF_XPORT "$" VAR_DEF_TRANSPORT 2720 extern char *var_vrfy_def_xport; 2721 2722 #define VAR_VRFY_SND_DEF_XPORT_MAPS "address_verify_" VAR_SND_DEF_XPORT_MAPS 2723 #define DEF_VRFY_SND_DEF_XPORT_MAPS "$" VAR_SND_DEF_XPORT_MAPS 2724 extern char *var_snd_def_xport_maps; 2725 2726 #define VAR_VRFY_RELAYHOST "address_verify_relayhost" 2727 #define DEF_VRFY_RELAYHOST "$" VAR_RELAYHOST 2728 extern char *var_vrfy_relayhost; 2729 2730 #define VAR_VRFY_RELAY_MAPS "address_verify_sender_dependent_relayhost_maps" 2731 #define DEF_VRFY_RELAY_MAPS "$" VAR_SND_RELAY_MAPS 2732 extern char *var_vrfy_relay_maps; 2733 2734 #define VAR_VRFY_XPORT_MAPS "address_verify_transport_maps" 2735 #define DEF_VRFY_XPORT_MAPS "$" VAR_TRANSPORT_MAPS 2736 extern char *var_vrfy_xport_maps; 2737 2738 /* 2739 * Message delivery trace service. 2740 */ 2741 #define VAR_TRACE_SERVICE "trace_service_name" 2742 #define DEF_TRACE_SERVICE MAIL_SERVICE_TRACE 2743 extern char *var_trace_service; 2744 2745 /* 2746 * Proxymappers. 2747 */ 2748 #define VAR_PROXYMAP_SERVICE "proxymap_service_name" 2749 #define DEF_PROXYMAP_SERVICE MAIL_SERVICE_PROXYMAP 2750 extern char *var_proxymap_service; 2751 2752 #define VAR_PROXYWRITE_SERVICE "proxywrite_service_name" 2753 #define DEF_PROXYWRITE_SERVICE MAIL_SERVICE_PROXYWRITE 2754 extern char *var_proxywrite_service; 2755 2756 /* 2757 * Mailbox/maildir delivery errors that cause delivery to be tried again. 2758 */ 2759 #define VAR_MBX_DEFER_ERRS "mailbox_defer_errors" 2760 #define DEF_MBX_DEFER_ERRS "eagain, enospc, estale" 2761 extern char *var_mbx_defer_errs; 2762 2763 #define VAR_MDR_DEFER_ERRS "maildir_defer_errors" 2764 #define DEF_MDR_DEFER_ERRS "enospc, estale" 2765 extern char *var_mdr_defer_errs; 2766 2767 /* 2768 * Berkeley DB memory pool sizes. 2769 */ 2770 #define VAR_DB_CREATE_BUF "berkeley_db_create_buffer_size" 2771 #define DEF_DB_CREATE_BUF (16 * 1024 *1024) 2772 extern int var_db_create_buf; 2773 2774 #define VAR_DB_READ_BUF "berkeley_db_read_buffer_size" 2775 #define DEF_DB_READ_BUF (128 *1024) 2776 extern int var_db_read_buf; 2777 2778 /* 2779 * OpenLDAP LMDB settings. 2780 */ 2781 #define VAR_LMDB_MAP_SIZE "lmdb_map_size" 2782 #define DEF_LMDB_MAP_SIZE (16 * 1024 *1024) 2783 extern long var_lmdb_map_size; 2784 2785 /* 2786 * Named queue file attributes. 2787 */ 2788 #define VAR_QATTR_COUNT_LIMIT "queue_file_attribute_count_limit" 2789 #define DEF_QATTR_COUNT_LIMIT 100 2790 extern int var_qattr_count_limit; 2791 2792 /* 2793 * MIME support. 2794 */ 2795 #define VAR_MIME_MAXDEPTH "mime_nesting_limit" 2796 #define DEF_MIME_MAXDEPTH 100 2797 extern int var_mime_maxdepth; 2798 2799 #define VAR_MIME_BOUND_LEN "mime_boundary_length_limit" 2800 #define DEF_MIME_BOUND_LEN 2048 2801 extern int var_mime_bound_len; 2802 2803 #define VAR_DISABLE_MIME_INPUT "disable_mime_input_processing" 2804 #define DEF_DISABLE_MIME_INPUT 0 2805 extern bool var_disable_mime_input; 2806 2807 #define VAR_DISABLE_MIME_OCONV "disable_mime_output_conversion" 2808 #define DEF_DISABLE_MIME_OCONV 0 2809 extern bool var_disable_mime_oconv; 2810 2811 #define VAR_STRICT_8BITMIME "strict_8bitmime" 2812 #define DEF_STRICT_8BITMIME 0 2813 extern bool var_strict_8bitmime; 2814 2815 #define VAR_STRICT_7BIT_HDRS "strict_7bit_headers" 2816 #define DEF_STRICT_7BIT_HDRS 0 2817 extern bool var_strict_7bit_hdrs; 2818 2819 #define VAR_STRICT_8BIT_BODY "strict_8bitmime_body" 2820 #define DEF_STRICT_8BIT_BODY 0 2821 extern bool var_strict_8bit_body; 2822 2823 #define VAR_STRICT_ENCODING "strict_mime_encoding_domain" 2824 #define DEF_STRICT_ENCODING 0 2825 extern bool var_strict_encoding; 2826 2827 #define VAR_AUTO_8BIT_ENC_HDR "detect_8bit_encoding_header" 2828 #define DEF_AUTO_8BIT_ENC_HDR 1 2829 extern int var_auto_8bit_enc_hdr; 2830 2831 /* 2832 * Bizarre. 2833 */ 2834 #define VAR_SENDER_ROUTING "sender_based_routing" 2835 #define DEF_SENDER_ROUTING 0 2836 extern bool var_sender_routing; 2837 2838 #define VAR_XPORT_NULL_KEY "transport_null_address_lookup_key" 2839 #define DEF_XPORT_NULL_KEY "<>" 2840 extern char *var_xport_null_key; 2841 2842 /* 2843 * Bounce service controls. 2844 */ 2845 #define VAR_OLDLOG_COMPAT "backwards_bounce_logfile_compatibility" 2846 #define DEF_OLDLOG_COMPAT 1 2847 extern bool var_oldlog_compat; 2848 2849 /* 2850 * SMTPD content proxy. 2851 */ 2852 #define VAR_SMTPD_PROXY_FILT "smtpd_proxy_filter" 2853 #define DEF_SMTPD_PROXY_FILT "" 2854 extern char *var_smtpd_proxy_filt; 2855 2856 #define VAR_SMTPD_PROXY_EHLO "smtpd_proxy_ehlo" 2857 #define DEF_SMTPD_PROXY_EHLO "$" VAR_MYHOSTNAME 2858 extern char *var_smtpd_proxy_ehlo; 2859 2860 #define VAR_SMTPD_PROXY_TMOUT "smtpd_proxy_timeout" 2861 #define DEF_SMTPD_PROXY_TMOUT "100s" 2862 extern int var_smtpd_proxy_tmout; 2863 2864 #define VAR_SMTPD_PROXY_OPTS "smtpd_proxy_options" 2865 #define DEF_SMTPD_PROXY_OPTS "" 2866 extern char *var_smtpd_proxy_opts; 2867 2868 /* 2869 * Transparency options for mail input interfaces and for the cleanup server 2870 * behind them. These should turn off stuff we don't want to happen, because 2871 * the default is to do a lot of things. 2872 */ 2873 #define VAR_INPUT_TRANSP "receive_override_options" 2874 #define DEF_INPUT_TRANSP "" 2875 extern char *var_smtpd_input_transp; 2876 2877 /* 2878 * SMTP server policy delegation. 2879 */ 2880 #define VAR_SMTPD_POLICY_TMOUT "smtpd_policy_service_timeout" 2881 #define DEF_SMTPD_POLICY_TMOUT "100s" 2882 extern int var_smtpd_policy_tmout; 2883 2884 #define VAR_SMTPD_POLICY_IDLE "smtpd_policy_service_max_idle" 2885 #define DEF_SMTPD_POLICY_IDLE "300s" 2886 extern int var_smtpd_policy_idle; 2887 2888 #define VAR_SMTPD_POLICY_TTL "smtpd_policy_service_max_ttl" 2889 #define DEF_SMTPD_POLICY_TTL "1000s" 2890 extern int var_smtpd_policy_ttl; 2891 2892 #define CHECK_POLICY_SERVICE "check_policy_service" 2893 2894 /* 2895 * Client rate control. 2896 */ 2897 #define VAR_SMTPD_CRATE_LIMIT "smtpd_client_connection_rate_limit" 2898 #define DEF_SMTPD_CRATE_LIMIT 0 2899 extern int var_smtpd_crate_limit; 2900 2901 #define VAR_SMTPD_CCONN_LIMIT "smtpd_client_connection_count_limit" 2902 #define DEF_SMTPD_CCONN_LIMIT ((DEF_PROC_LIMIT + 1) / 2) 2903 extern int var_smtpd_cconn_limit; 2904 2905 #define VAR_SMTPD_CMAIL_LIMIT "smtpd_client_message_rate_limit" 2906 #define DEF_SMTPD_CMAIL_LIMIT 0 2907 extern int var_smtpd_cmail_limit; 2908 2909 #define VAR_SMTPD_CRCPT_LIMIT "smtpd_client_recipient_rate_limit" 2910 #define DEF_SMTPD_CRCPT_LIMIT 0 2911 extern int var_smtpd_crcpt_limit; 2912 2913 #define VAR_SMTPD_CNTLS_LIMIT "smtpd_client_new_tls_session_rate_limit" 2914 #define DEF_SMTPD_CNTLS_LIMIT 0 2915 extern int var_smtpd_cntls_limit; 2916 2917 #define VAR_SMTPD_HOGGERS "smtpd_client_event_limit_exceptions" 2918 #define DEF_SMTPD_HOGGERS "${smtpd_client_connection_limit_exceptions:$" VAR_MYNETWORKS "}" 2919 extern char *var_smtpd_hoggers; 2920 2921 #define VAR_ANVIL_TIME_UNIT "anvil_rate_time_unit" 2922 #define DEF_ANVIL_TIME_UNIT "60s" 2923 extern int var_anvil_time_unit; 2924 2925 #define VAR_ANVIL_STAT_TIME "anvil_status_update_time" 2926 #define DEF_ANVIL_STAT_TIME "600s" 2927 extern int var_anvil_stat_time; 2928 2929 /* 2930 * Temporary stop gap. 2931 */ 2932 #if 0 2933 #include <anvil_clnt.h> 2934 2935 #define VAR_ANVIL_SERVICE "client_connection_rate_service_name" 2936 #define DEF_ANVIL_SERVICE "local:" ANVIL_CLASS "/" ANVIL_SERVICE 2937 extern char *var_anvil_service; 2938 2939 #endif 2940 2941 /* 2942 * What domain names to assume when no valid domain context exists. 2943 */ 2944 #define VAR_REM_RWR_DOMAIN "remote_header_rewrite_domain" 2945 #define DEF_REM_RWR_DOMAIN "" 2946 extern char *var_remote_rwr_domain; 2947 2948 #define CHECK_ADDR_MAP "check_address_map" 2949 2950 #define VAR_LOC_RWR_CLIENTS "local_header_rewrite_clients" 2951 #define DEF_LOC_RWR_CLIENTS PERMIT_INET_INTERFACES 2952 extern char *var_local_rwr_clients; 2953 2954 /* 2955 * EHLO keyword filter. 2956 */ 2957 #define VAR_SMTPD_EHLO_DIS_WORDS "smtpd_discard_ehlo_keywords" 2958 #define DEF_SMTPD_EHLO_DIS_WORDS "" 2959 extern char *var_smtpd_ehlo_dis_words; 2960 2961 #define VAR_SMTPD_EHLO_DIS_MAPS "smtpd_discard_ehlo_keyword_address_maps" 2962 #define DEF_SMTPD_EHLO_DIS_MAPS "" 2963 extern char *var_smtpd_ehlo_dis_maps; 2964 2965 #define VAR_SMTP_EHLO_DIS_WORDS "smtp_discard_ehlo_keywords" 2966 #define DEF_SMTP_EHLO_DIS_WORDS "" 2967 #define VAR_LMTP_EHLO_DIS_WORDS "lmtp_discard_lhlo_keywords" 2968 #define DEF_LMTP_EHLO_DIS_WORDS "" 2969 extern char *var_smtp_ehlo_dis_words; 2970 2971 #define VAR_SMTP_EHLO_DIS_MAPS "smtp_discard_ehlo_keyword_address_maps" 2972 #define DEF_SMTP_EHLO_DIS_MAPS "" 2973 #define VAR_LMTP_EHLO_DIS_MAPS "lmtp_discard_lhlo_keyword_address_maps" 2974 #define DEF_LMTP_EHLO_DIS_MAPS "" 2975 extern char *var_smtp_ehlo_dis_maps; 2976 2977 /* 2978 * gcc workaround for warnings about empty or null format strings. 2979 */ 2980 extern const char null_format_string[1]; 2981 2982 /* 2983 * Characters to reject or strip. 2984 */ 2985 #define VAR_MSG_REJECT_CHARS "message_reject_characters" 2986 #define DEF_MSG_REJECT_CHARS "" 2987 extern char *var_msg_reject_chars; 2988 2989 #define VAR_MSG_STRIP_CHARS "message_strip_characters" 2990 #define DEF_MSG_STRIP_CHARS "" 2991 extern char *var_msg_strip_chars; 2992 2993 /* 2994 * Local forwarding complexity controls. 2995 */ 2996 #define VAR_FROZEN_DELIVERED "frozen_delivered_to" 2997 #define DEF_FROZEN_DELIVERED 1 2998 extern bool var_frozen_delivered; 2999 3000 #define VAR_RESET_OWNER_ATTR "reset_owner_alias" 3001 #define DEF_RESET_OWNER_ATTR 0 3002 extern bool var_reset_owner_attr; 3003 3004 /* 3005 * Delay logging time roundup. 3006 */ 3007 #define VAR_DELAY_MAX_RES "delay_logging_resolution_limit" 3008 #define MAX_DELAY_MAX_RES 6 3009 #define DEF_DELAY_MAX_RES 2 3010 #define MIN_DELAY_MAX_RES 0 3011 extern int var_delay_max_res; 3012 3013 /* 3014 * Bounce message templates. 3015 */ 3016 #define VAR_BOUNCE_TMPL "bounce_template_file" 3017 #define DEF_BOUNCE_TMPL "" 3018 extern char *var_bounce_tmpl; 3019 3020 /* 3021 * Sender-dependent authentication. 3022 */ 3023 #define VAR_SMTP_SENDER_AUTH "smtp_sender_dependent_authentication" 3024 #define DEF_SMTP_SENDER_AUTH 0 3025 #define VAR_LMTP_SENDER_AUTH "lmtp_sender_dependent_authentication" 3026 #define DEF_LMTP_SENDER_AUTH 0 3027 extern bool var_smtp_sender_auth; 3028 3029 /* 3030 * Allow CNAME lookup result to override the server hostname. 3031 */ 3032 #define VAR_SMTP_CNAME_OVERR "smtp_cname_overrides_servername" 3033 #define DEF_SMTP_CNAME_OVERR 0 3034 #define VAR_LMTP_CNAME_OVERR "lmtp_cname_overrides_servername" 3035 #define DEF_LMTP_CNAME_OVERR 0 3036 extern bool var_smtp_cname_overr; 3037 3038 /* 3039 * TLS cipherlists 3040 */ 3041 #ifdef USE_TLS 3042 #include <openssl/opensslv.h> 3043 #if OPENSSL_VERSION_NUMBER >= 0x1000000fL 3044 #define PREFER_aNULL "aNULL:-aNULL:" 3045 #else 3046 #define PREFER_aNULL "" 3047 #endif 3048 #else 3049 #define PREFER_aNULL "" 3050 #endif 3051 3052 #define VAR_TLS_HIGH_CLIST "tls_high_cipherlist" 3053 #define DEF_TLS_HIGH_CLIST PREFER_aNULL "ALL:!EXPORT:!LOW:!MEDIUM:+RC4:@STRENGTH" 3054 extern char *var_tls_high_clist; 3055 3056 #define VAR_TLS_MEDIUM_CLIST "tls_medium_cipherlist" 3057 #define DEF_TLS_MEDIUM_CLIST PREFER_aNULL "ALL:!EXPORT:!LOW:+RC4:@STRENGTH" 3058 extern char *var_tls_medium_clist; 3059 3060 #define VAR_TLS_LOW_CLIST "tls_low_cipherlist" 3061 #define DEF_TLS_LOW_CLIST PREFER_aNULL "ALL:!EXPORT:+RC4:@STRENGTH" 3062 extern char *var_tls_low_clist; 3063 3064 #define VAR_TLS_EXPORT_CLIST "tls_export_cipherlist" 3065 #define DEF_TLS_EXPORT_CLIST PREFER_aNULL "ALL:+RC4:@STRENGTH" 3066 extern char *var_tls_export_clist; 3067 3068 #define VAR_TLS_NULL_CLIST "tls_null_cipherlist" 3069 #define DEF_TLS_NULL_CLIST "eNULL:!aNULL" 3070 extern char *var_tls_null_clist; 3071 3072 #define VAR_TLS_EECDH_STRONG "tls_eecdh_strong_curve" 3073 #define DEF_TLS_EECDH_STRONG "prime256v1" 3074 extern char *var_tls_eecdh_strong; 3075 3076 #define VAR_TLS_EECDH_ULTRA "tls_eecdh_ultra_curve" 3077 #define DEF_TLS_EECDH_ULTRA "secp384r1" 3078 extern char *var_tls_eecdh_ultra; 3079 3080 #define VAR_TLS_PREEMPT_CLIST "tls_preempt_cipherlist" 3081 #define DEF_TLS_PREEMPT_CLIST 0 3082 extern bool var_tls_preempt_clist; 3083 3084 #define VAR_TLS_MULTI_WILDCARD "tls_wildcard_matches_multiple_labels" 3085 #define DEF_TLS_MULTI_WILDCARD 1 3086 extern bool var_tls_multi_wildcard; 3087 3088 /* The tweak for CVE-2010-4180 is needed in some versions prior to 1.0.1 */ 3089 /* The tweak for CVE-2005-2969 is needed in some versions prior to 1.0.0 */ 3090 #if defined(USE_TLS) && (OPENSSL_VERSION_NUMBER < 0x1000100fL) 3091 #if (OPENSSL_VERSION_NUMBER < 0x1000000fL) 3092 #define TLS_BUG_TWEAKS "CVE-2005-2969 CVE-2010-4180" 3093 #else 3094 #define TLS_BUG_TWEAKS "CVE-2010-4180" 3095 #endif 3096 #else 3097 #define TLS_BUG_TWEAKS "" 3098 #endif 3099 3100 #define VAR_TLS_BUG_TWEAKS "tls_disable_workarounds" 3101 #define DEF_TLS_BUG_TWEAKS TLS_BUG_TWEAKS 3102 extern char *var_tls_bug_tweaks; 3103 3104 #define VAR_TLS_SSL_OPTIONS "tls_ssl_options" 3105 #define DEF_TLS_SSL_OPTIONS "" 3106 extern char *var_tls_ssl_options; 3107 3108 #define VAR_TLS_BC_PKEY_FPRINT "tls_legacy_public_key_fingerprints" 3109 #define DEF_TLS_BC_PKEY_FPRINT 0 3110 extern bool var_tls_bc_pkey_fprint; 3111 3112 /* 3113 * Ordered list of DANE digest algorithms. 3114 */ 3115 #define TLS_DANE_AGILITY_OFF "off" 3116 #define TLS_DANE_AGILITY_ON "on" 3117 #define TLS_DANE_AGILITY_MAYBE "maybe" 3118 #define VAR_TLS_DANE_AGILITY "tls_dane_digest_agility" 3119 #define DEF_TLS_DANE_AGILITY TLS_DANE_AGILITY_ON 3120 extern char *var_tls_dane_agility; 3121 3122 /* 3123 * Ordered list of DANE digest algorithms. 3124 */ 3125 #define VAR_TLS_DANE_DIGESTS "tls_dane_digests" 3126 #define DEF_TLS_DANE_DIGESTS "sha512 sha256" 3127 extern char *var_tls_dane_digests; 3128 3129 /* 3130 * External interface for enabling trust-anchor digests, which are risky 3131 * when the corresponding certificate is missing from the peer chain (this 3132 * can't happen with the leaf certificate). 3133 */ 3134 #define VAR_TLS_DANE_TAA_DGST "tls_dane_trust_anchor_digest_enable" 3135 #define DEF_TLS_DANE_TAA_DGST 1 3136 extern bool var_tls_dane_taa_dgst; 3137 3138 /* 3139 * Sendmail-style mail filter support. 3140 */ 3141 #define VAR_SMTPD_MILTERS "smtpd_milters" 3142 #define DEF_SMTPD_MILTERS "" 3143 extern char *var_smtpd_milters; 3144 3145 #define VAR_CLEANUP_MILTERS "non_smtpd_milters" 3146 #define DEF_CLEANUP_MILTERS "" 3147 extern char *var_cleanup_milters; 3148 3149 #define VAR_MILT_DEF_ACTION "milter_default_action" 3150 #define DEF_MILT_DEF_ACTION "tempfail" 3151 extern char *var_milt_def_action; 3152 3153 #define VAR_MILT_CONN_MACROS "milter_connect_macros" 3154 #define DEF_MILT_CONN_MACROS "j {daemon_name} v" 3155 extern char *var_milt_conn_macros; 3156 3157 #define VAR_MILT_HELO_MACROS "milter_helo_macros" 3158 #define DEF_MILT_HELO_MACROS "{tls_version} {cipher} {cipher_bits}" \ 3159 " {cert_subject} {cert_issuer}" 3160 extern char *var_milt_helo_macros; 3161 3162 #define VAR_MILT_MAIL_MACROS "milter_mail_macros" 3163 #define DEF_MILT_MAIL_MACROS "i {auth_type} {auth_authen}" \ 3164 " {auth_author} {mail_addr}" \ 3165 " {mail_host} {mail_mailer}" 3166 extern char *var_milt_mail_macros; 3167 3168 #define VAR_MILT_RCPT_MACROS "milter_rcpt_macros" 3169 #define DEF_MILT_RCPT_MACROS "i {rcpt_addr} {rcpt_host}" \ 3170 " {rcpt_mailer}" 3171 extern char *var_milt_rcpt_macros; 3172 3173 #define VAR_MILT_DATA_MACROS "milter_data_macros" 3174 #define DEF_MILT_DATA_MACROS "i" 3175 extern char *var_milt_data_macros; 3176 3177 #define VAR_MILT_UNK_MACROS "milter_unknown_command_macros" 3178 #define DEF_MILT_UNK_MACROS "" 3179 extern char *var_milt_unk_macros; 3180 3181 #define VAR_MILT_EOH_MACROS "milter_end_of_header_macros" 3182 #define DEF_MILT_EOH_MACROS "i" 3183 extern char *var_milt_eoh_macros; 3184 3185 #define VAR_MILT_EOD_MACROS "milter_end_of_data_macros" 3186 #define DEF_MILT_EOD_MACROS "i" 3187 extern char *var_milt_eod_macros; 3188 3189 #define VAR_MILT_CONN_TIME "milter_connect_timeout" 3190 #define DEF_MILT_CONN_TIME "30s" 3191 extern int var_milt_conn_time; 3192 3193 #define VAR_MILT_CMD_TIME "milter_command_timeout" 3194 #define DEF_MILT_CMD_TIME "30s" 3195 extern int var_milt_cmd_time; 3196 3197 #define VAR_MILT_MSG_TIME "milter_content_timeout" 3198 #define DEF_MILT_MSG_TIME "300s" 3199 extern int var_milt_msg_time; 3200 3201 #define VAR_MILT_PROTOCOL "milter_protocol" 3202 #define DEF_MILT_PROTOCOL "6" 3203 extern char *var_milt_protocol; 3204 3205 #define VAR_MILT_DEF_ACTION "milter_default_action" 3206 #define DEF_MILT_DEF_ACTION "tempfail" 3207 extern char *var_milt_def_action; 3208 3209 #define VAR_MILT_DAEMON_NAME "milter_macro_daemon_name" 3210 #define DEF_MILT_DAEMON_NAME "$" VAR_MYHOSTNAME 3211 extern char *var_milt_daemon_name; 3212 3213 #define VAR_MILT_V "milter_macro_v" 3214 #define DEF_MILT_V "$" VAR_MAIL_NAME " $" VAR_MAIL_VERSION 3215 extern char *var_milt_v; 3216 3217 #define VAR_MILT_HEAD_CHECKS "milter_header_checks" 3218 #define DEF_MILT_HEAD_CHECKS "" 3219 extern char *var_milt_head_checks; 3220 3221 /* 3222 * What internal mail do we inspect/stamp/etc.? This is not yet safe enough 3223 * to enable world-wide. 3224 */ 3225 #define INT_FILT_CLASS_NONE "" 3226 #define INT_FILT_CLASS_NOTIFY "notify" 3227 #define INT_FILT_CLASS_BOUNCE "bounce" 3228 3229 #define VAR_INT_FILT_CLASSES "internal_mail_filter_classes" 3230 #define DEF_INT_FILT_CLASSES INT_FILT_CLASS_NONE 3231 extern char *var_int_filt_classes; 3232 3233 /* 3234 * This could break logfile processors, so it's off by default. 3235 */ 3236 #define VAR_SMTPD_CLIENT_PORT_LOG "smtpd_client_port_logging" 3237 #define DEF_SMTPD_CLIENT_PORT_LOG 0 3238 extern bool var_smtpd_client_port_log; 3239 3240 #define VAR_QMQPD_CLIENT_PORT_LOG "qmqpd_client_port_logging" 3241 #define DEF_QMQPD_CLIENT_PORT_LOG 0 3242 extern bool var_qmqpd_client_port_log; 3243 3244 /* 3245 * Header/body checks in delivery agents. 3246 */ 3247 #define VAR_SMTP_HEAD_CHKS "smtp_header_checks" 3248 #define DEF_SMTP_HEAD_CHKS "" 3249 extern char *var_smtp_head_chks; 3250 3251 #define VAR_SMTP_MIME_CHKS "smtp_mime_header_checks" 3252 #define DEF_SMTP_MIME_CHKS "" 3253 extern char *var_smtp_mime_chks; 3254 3255 #define VAR_SMTP_NEST_CHKS "smtp_nested_header_checks" 3256 #define DEF_SMTP_NEST_CHKS "" 3257 extern char *var_smtp_nest_chks; 3258 3259 #define VAR_SMTP_BODY_CHKS "smtp_body_checks" 3260 #define DEF_SMTP_BODY_CHKS "" 3261 extern char *var_smtp_body_chks; 3262 3263 #define VAR_LMTP_HEAD_CHKS "lmtp_header_checks" 3264 #define DEF_LMTP_HEAD_CHKS "" 3265 #define VAR_LMTP_MIME_CHKS "lmtp_mime_header_checks" 3266 #define DEF_LMTP_MIME_CHKS "" 3267 #define VAR_LMTP_NEST_CHKS "lmtp_nested_header_checks" 3268 #define DEF_LMTP_NEST_CHKS "" 3269 #define VAR_LMTP_BODY_CHKS "lmtp_body_checks" 3270 #define DEF_LMTP_BODY_CHKS "" 3271 3272 #define VAR_SMTP_ADDR_PREF "smtp_address_preference" 3273 #ifdef HAS_IPV6 3274 #define DEF_SMTP_ADDR_PREF INET_PROTO_NAME_ANY 3275 #else 3276 #define DEF_SMTP_ADDR_PREF INET_PROTO_NAME_IPV4 3277 #endif 3278 extern char *var_smtp_addr_pref; 3279 3280 #define VAR_LMTP_ADDR_PREF "lmtp_address_preference" 3281 #define DEF_LMTP_ADDR_PREF DEF_SMTP_ADDR_PREF 3282 3283 /* 3284 * Scheduler concurrency feedback algorithms. 3285 */ 3286 #define VAR_CONC_POS_FDBACK "default_destination_concurrency_positive_feedback" 3287 #define _CONC_POS_FDBACK "_destination_concurrency_positive_feedback" 3288 #define DEF_CONC_POS_FDBACK "1" 3289 extern char *var_conc_pos_feedback; 3290 3291 #define VAR_CONC_NEG_FDBACK "default_destination_concurrency_negative_feedback" 3292 #define _CONC_NEG_FDBACK "_destination_concurrency_negative_feedback" 3293 #define DEF_CONC_NEG_FDBACK "1" 3294 extern char *var_conc_neg_feedback; 3295 3296 #define CONC_FDBACK_NAME_WIN "concurrency" 3297 #define CONC_FDBACK_NAME_SQRT_WIN "sqrt_concurrency" 3298 3299 #define VAR_CONC_COHORT_LIM "default_destination_concurrency_failed_cohort_limit" 3300 #define _CONC_COHORT_LIM "_destination_concurrency_failed_cohort_limit" 3301 #define DEF_CONC_COHORT_LIM 1 3302 extern int var_conc_cohort_limit; 3303 3304 #define VAR_CONC_FDBACK_DEBUG "destination_concurrency_feedback_debug" 3305 #define DEF_CONC_FDBACK_DEBUG 0 3306 extern bool var_conc_feedback_debug; 3307 3308 #define VAR_DEST_RATE_DELAY "default_destination_rate_delay" 3309 #define _DEST_RATE_DELAY "_destination_rate_delay" 3310 #define DEF_DEST_RATE_DELAY "0s" 3311 extern int var_dest_rate_delay; 3312 3313 /* 3314 * Stress handling. 3315 */ 3316 #define VAR_STRESS "stress" 3317 #define DEF_STRESS "" 3318 extern char *var_stress; 3319 3320 /* 3321 * Mailbox ownership. 3322 */ 3323 #define VAR_STRICT_MBOX_OWNER "strict_mailbox_ownership" 3324 #define DEF_STRICT_MBOX_OWNER 1 3325 extern bool var_strict_mbox_owner; 3326 3327 /* 3328 * Window scaling workaround. 3329 */ 3330 #define VAR_INET_WINDOW "tcp_windowsize" 3331 #define DEF_INET_WINDOW 0 3332 extern int var_inet_windowsize; 3333 3334 /* 3335 * Plug-in multi-instance support. Only the first two paramaters are used by 3336 * Postfix itself; the other ones are reserved for the instance manager. 3337 */ 3338 #define VAR_MULTI_CONF_DIRS "multi_instance_directories" 3339 #define DEF_MULTI_CONF_DIRS "" 3340 extern char *var_multi_conf_dirs; 3341 3342 #define VAR_MULTI_WRAPPER "multi_instance_wrapper" 3343 #define DEF_MULTI_WRAPPER "" 3344 extern char *var_multi_wrapper; 3345 3346 #define VAR_MULTI_NAME "multi_instance_name" 3347 #define DEF_MULTI_NAME "" 3348 extern char *var_multi_name; 3349 3350 #define VAR_MULTI_GROUP "multi_instance_group" 3351 #define DEF_MULTI_GROUP "" 3352 extern char *var_multi_group; 3353 3354 #define VAR_MULTI_ENABLE "multi_instance_enable" 3355 #define DEF_MULTI_ENABLE 0 3356 extern bool var_multi_enable; 3357 3358 /* 3359 * postmulti(1) instance manager 3360 */ 3361 #define VAR_MULTI_START_CMDS "postmulti_start_commands" 3362 #define DEF_MULTI_START_CMDS "start" 3363 extern char *var_multi_start_cmds; 3364 3365 #define VAR_MULTI_STOP_CMDS "postmulti_stop_commands" 3366 #define DEF_MULTI_STOP_CMDS "stop abort drain quick-stop" 3367 extern char *var_multi_stop_cmds; 3368 3369 #define VAR_MULTI_CNTRL_CMDS "postmulti_control_commands" 3370 #define DEF_MULTI_CNTRL_CMDS "reload flush" 3371 extern char *var_multi_cntrl_cmds; 3372 3373 /* 3374 * postscreen(8) 3375 */ 3376 #define VAR_PSC_CACHE_MAP "postscreen_cache_map" 3377 #define DEF_PSC_CACHE_MAP "btree:$data_directory/postscreen_cache" 3378 extern char *var_psc_cache_map; 3379 3380 #define VAR_SMTPD_SERVICE "smtpd_service_name" 3381 #define DEF_SMTPD_SERVICE "smtpd" 3382 extern char *var_smtpd_service; 3383 3384 #define VAR_PSC_POST_QLIMIT "postscreen_post_queue_limit" 3385 #define DEF_PSC_POST_QLIMIT "$" VAR_PROC_LIMIT 3386 extern int var_psc_post_queue_limit; 3387 3388 #define VAR_PSC_PRE_QLIMIT "postscreen_pre_queue_limit" 3389 #define DEF_PSC_PRE_QLIMIT "$" VAR_PROC_LIMIT 3390 extern int var_psc_pre_queue_limit; 3391 3392 #define VAR_PSC_CACHE_RET "postscreen_cache_retention_time" 3393 #define DEF_PSC_CACHE_RET "7d" 3394 extern int var_psc_cache_ret; 3395 3396 #define VAR_PSC_CACHE_SCAN "postscreen_cache_cleanup_interval" 3397 #define DEF_PSC_CACHE_SCAN "12h" 3398 extern int var_psc_cache_scan; 3399 3400 #define VAR_PSC_GREET_WAIT "postscreen_greet_wait" 3401 #define DEF_PSC_GREET_WAIT "${stress?2}${stress:6}s" 3402 extern int var_psc_greet_wait; 3403 3404 #define VAR_PSC_PREGR_BANNER "postscreen_greet_banner" 3405 #define DEF_PSC_PREGR_BANNER "$" VAR_SMTPD_BANNER 3406 extern char *var_psc_pregr_banner; 3407 3408 #define VAR_PSC_PREGR_ENABLE "postscreen_greet_enable" 3409 #define DEF_PSC_PREGR_ENABLE no 3410 extern char *var_psc_pregr_enable; 3411 3412 #define VAR_PSC_PREGR_ACTION "postscreen_greet_action" 3413 #define DEF_PSC_PREGR_ACTION "ignore" 3414 extern char *var_psc_pregr_action; 3415 3416 #define VAR_PSC_PREGR_TTL "postscreen_greet_ttl" 3417 #define DEF_PSC_PREGR_TTL "1d" 3418 extern int var_psc_pregr_ttl; 3419 3420 #define VAR_PSC_DNSBL_SITES "postscreen_dnsbl_sites" 3421 #define DEF_PSC_DNSBL_SITES "" 3422 extern char *var_psc_dnsbl_sites; 3423 3424 #define VAR_PSC_DNSBL_THRESH "postscreen_dnsbl_threshold" 3425 #define DEF_PSC_DNSBL_THRESH 1 3426 extern int var_psc_dnsbl_thresh; 3427 3428 #define VAR_PSC_DNSBL_WTHRESH "postscreen_dnsbl_whitelist_threshold" 3429 #define DEF_PSC_DNSBL_WTHRESH 0 3430 extern int var_psc_dnsbl_wthresh; 3431 3432 #define VAR_PSC_DNSBL_ENABLE "postscreen_dnsbl_enable" 3433 #define DEF_PSC_DNSBL_ENABLE 0 3434 extern char *var_psc_dnsbl_enable; 3435 3436 #define VAR_PSC_DNSBL_ACTION "postscreen_dnsbl_action" 3437 #define DEF_PSC_DNSBL_ACTION "ignore" 3438 extern char *var_psc_dnsbl_action; 3439 3440 #define VAR_PSC_DNSBL_TTL "postscreen_dnsbl_ttl" 3441 #define DEF_PSC_DNSBL_TTL "1h" 3442 extern int var_psc_dnsbl_ttl; 3443 3444 #define VAR_PSC_DNSBL_REPLY "postscreen_dnsbl_reply_map" 3445 #define DEF_PSC_DNSBL_REPLY "" 3446 extern char *var_psc_dnsbl_reply; 3447 3448 #define VAR_PSC_PIPEL_ENABLE "postscreen_pipelining_enable" 3449 #define DEF_PSC_PIPEL_ENABLE 0 3450 extern bool var_psc_pipel_enable; 3451 3452 #define VAR_PSC_PIPEL_ACTION "postscreen_pipelining_action" 3453 #define DEF_PSC_PIPEL_ACTION "enforce" 3454 extern char *var_psc_pipel_action; 3455 3456 #define VAR_PSC_PIPEL_TTL "postscreen_pipelining_ttl" 3457 #define DEF_PSC_PIPEL_TTL "30d" 3458 extern int var_psc_pipel_ttl; 3459 3460 #define VAR_PSC_NSMTP_ENABLE "postscreen_non_smtp_command_enable" 3461 #define DEF_PSC_NSMTP_ENABLE 0 3462 extern bool var_psc_nsmtp_enable; 3463 3464 #define VAR_PSC_NSMTP_ACTION "postscreen_non_smtp_command_action" 3465 #define DEF_PSC_NSMTP_ACTION "drop" 3466 extern char *var_psc_nsmtp_action; 3467 3468 #define VAR_PSC_NSMTP_TTL "postscreen_non_smtp_command_ttl" 3469 #define DEF_PSC_NSMTP_TTL "30d" 3470 extern int var_psc_nsmtp_ttl; 3471 3472 #define VAR_PSC_BARLF_ENABLE "postscreen_bare_newline_enable" 3473 #define DEF_PSC_BARLF_ENABLE 0 3474 extern bool var_psc_barlf_enable; 3475 3476 #define VAR_PSC_BARLF_ACTION "postscreen_bare_newline_action" 3477 #define DEF_PSC_BARLF_ACTION "ignore" 3478 extern char *var_psc_barlf_action; 3479 3480 #define VAR_PSC_BARLF_TTL "postscreen_bare_newline_ttl" 3481 #define DEF_PSC_BARLF_TTL "30d" 3482 extern int var_psc_barlf_ttl; 3483 3484 #define VAR_PSC_BLIST_ACTION "postscreen_blacklist_action" 3485 #define DEF_PSC_BLIST_ACTION "ignore" 3486 extern char *var_psc_blist_nets; 3487 3488 #define VAR_PSC_CMD_COUNT "postscreen_command_count_limit" 3489 #define DEF_PSC_CMD_COUNT 20 3490 extern int var_psc_cmd_count; 3491 3492 #define VAR_PSC_CMD_TIME "postscreen_command_time_limit" 3493 #define DEF_PSC_CMD_TIME DEF_SMTPD_TMOUT 3494 extern char *var_psc_cmd_time; 3495 3496 #define VAR_PSC_WATCHDOG "postscreen_watchdog_timeout" 3497 #define DEF_PSC_WATCHDOG "10s" 3498 extern int var_psc_watchdog; 3499 3500 #define VAR_PSC_EHLO_DIS_WORDS "postscreen_discard_ehlo_keywords" 3501 #define DEF_PSC_EHLO_DIS_WORDS "$" VAR_SMTPD_EHLO_DIS_WORDS 3502 extern char *var_psc_ehlo_dis_words; 3503 3504 #define VAR_PSC_EHLO_DIS_MAPS "postscreen_discard_ehlo_keyword_address_maps" 3505 #define DEF_PSC_EHLO_DIS_MAPS "$" VAR_SMTPD_EHLO_DIS_MAPS 3506 extern char *var_psc_ehlo_dis_maps; 3507 3508 #define VAR_PSC_TLS_LEVEL "postscreen_tls_security_level" 3509 #define DEF_PSC_TLS_LEVEL "$" VAR_SMTPD_TLS_LEVEL 3510 extern char *var_psc_tls_level; 3511 3512 #define VAR_PSC_USE_TLS "postscreen_use_tls" 3513 #define DEF_PSC_USE_TLS "$" VAR_SMTPD_USE_TLS 3514 extern bool var_psc_use_tls; 3515 3516 #define VAR_PSC_ENFORCE_TLS "postscreen_enforce_tls" 3517 #define DEF_PSC_ENFORCE_TLS "$" VAR_SMTPD_ENFORCE_TLS 3518 extern bool var_psc_enforce_tls; 3519 3520 #define VAR_PSC_FORBID_CMDS "postscreen_forbidden_commands" 3521 #define DEF_PSC_FORBID_CMDS "$" VAR_SMTPD_FORBID_CMDS 3522 extern char *var_psc_forbid_cmds; 3523 3524 #define VAR_PSC_HELO_REQUIRED "postscreen_helo_required" 3525 #define DEF_PSC_HELO_REQUIRED "$" VAR_HELO_REQUIRED 3526 extern bool var_psc_helo_required; 3527 3528 #define VAR_PSC_DISABLE_VRFY "postscreen_disable_vrfy_command" 3529 #define DEF_PSC_DISABLE_VRFY "$" VAR_DISABLE_VRFY_CMD 3530 extern bool var_psc_disable_vrfy; 3531 3532 #define VAR_PSC_CCONN_LIMIT "postscreen_client_connection_count_limit" 3533 #define DEF_PSC_CCONN_LIMIT "$" VAR_SMTPD_CCONN_LIMIT 3534 extern int var_psc_cconn_limit; 3535 3536 #define VAR_PSC_REJ_FOOTER "postscreen_reject_footer" 3537 #define DEF_PSC_REJ_FOOTER "$" VAR_SMTPD_REJ_FOOTER 3538 extern char *var_psc_rej_footer; 3539 3540 #define VAR_PSC_EXP_FILTER "postscreen_expansion_filter" 3541 #define DEF_PSC_EXP_FILTER "$" VAR_SMTPD_EXP_FILTER 3542 extern char *var_psc_exp_filter; 3543 3544 #define VAR_PSC_CMD_FILTER "postscreen_command_filter" 3545 #define DEF_PSC_CMD_FILTER "" 3546 extern char *var_psc_cmd_filter; 3547 3548 #define VAR_PSC_ACL "postscreen_access_list" 3549 #define DEF_PSC_ACL SERVER_ACL_NAME_WL_MYNETWORKS 3550 extern char *var_psc_acl; 3551 3552 #define VAR_PSC_WLIST_IF "postscreen_whitelist_interfaces" 3553 #define DEF_PSC_WLIST_IF "static:all" 3554 extern char *var_psc_wlist_if; 3555 3556 #define NOPROXY_PROTO_NAME "" 3557 3558 #define VAR_PSC_UPROXY_PROTO "postscreen_upstream_proxy_protocol" 3559 #define DEF_PSC_UPROXY_PROTO NOPROXY_PROTO_NAME 3560 extern char *var_psc_uproxy_proto; 3561 3562 #define VAR_PSC_UPROXY_TMOUT "postscreen_upstream_proxy_timeout" 3563 #define DEF_PSC_UPROXY_TMOUT "5s" 3564 extern int var_psc_uproxy_tmout; 3565 3566 #define VAR_DNSBLOG_SERVICE "dnsblog_service_name" 3567 #define DEF_DNSBLOG_SERVICE MAIL_SERVICE_DNSBLOG 3568 extern char *var_dnsblog_service; 3569 3570 #define VAR_DNSBLOG_DELAY "dnsblog_reply_delay" 3571 #define DEF_DNSBLOG_DELAY "0s" 3572 extern int var_dnsblog_delay; 3573 3574 #define VAR_TLSPROXY_SERVICE "tlsproxy_service_name" 3575 #define DEF_TLSPROXY_SERVICE MAIL_SERVICE_TLSPROXY 3576 extern char *var_tlsproxy_service; 3577 3578 #define VAR_TLSP_WATCHDOG "tlsproxy_watchdog_timeout" 3579 #define DEF_TLSP_WATCHDOG "10s" 3580 extern int var_tlsp_watchdog; 3581 3582 #define VAR_TLSP_TLS_LEVEL "tlsproxy_tls_security_level" 3583 #define DEF_TLSP_TLS_LEVEL "$" VAR_SMTPD_TLS_LEVEL 3584 extern char *var_tlsp_tls_level; 3585 3586 #define VAR_TLSP_USE_TLS "tlsproxy_use_tls" 3587 #define DEF_TLSP_USE_TLS "$" VAR_SMTPD_USE_TLS 3588 extern bool var_tlsp_use_tls; 3589 3590 #define VAR_TLSP_ENFORCE_TLS "tlsproxy_enforce_tls" 3591 #define DEF_TLSP_ENFORCE_TLS "$" VAR_SMTPD_ENFORCE_TLS 3592 extern bool var_tlsp_enforce_tls; 3593 3594 #define VAR_TLSP_TLS_ACERT "tlsproxy_tls_ask_ccert" 3595 #define DEF_TLSP_TLS_ACERT "$" VAR_SMTPD_TLS_ACERT 3596 extern bool var_tlsp_tls_ask_ccert; 3597 3598 #define VAR_TLSP_TLS_RCERT "tlsproxy_tls_req_ccert" 3599 #define DEF_TLSP_TLS_RCERT "$" VAR_SMTPD_TLS_RCERT 3600 extern bool var_tlsp_tls_req_ccert; 3601 3602 #define VAR_TLSP_TLS_CCERT_VD "tlsproxy_tls_ccert_verifydepth" 3603 #define DEF_TLSP_TLS_CCERT_VD "$" VAR_SMTPD_TLS_CCERT_VD 3604 extern int var_tlsp_tls_ccert_vd; 3605 3606 #define VAR_TLSP_TLS_CERT_FILE "tlsproxy_tls_cert_file" 3607 #define DEF_TLSP_TLS_CERT_FILE "$" VAR_SMTPD_TLS_CERT_FILE 3608 extern char *var_tlsp_tls_cert_file; 3609 3610 #define VAR_TLSP_TLS_KEY_FILE "tlsproxy_tls_key_file" 3611 #define DEF_TLSP_TLS_KEY_FILE "$" VAR_SMTPD_TLS_KEY_FILE 3612 extern char *var_tlsp_tls_key_file; 3613 3614 #define VAR_TLSP_TLS_DCERT_FILE "tlsproxy_tls_dcert_file" 3615 #define DEF_TLSP_TLS_DCERT_FILE "$" VAR_SMTPD_TLS_DCERT_FILE 3616 extern char *var_tlsp_tls_dcert_file; 3617 3618 #define VAR_TLSP_TLS_DKEY_FILE "tlsproxy_tls_dkey_file" 3619 #define DEF_TLSP_TLS_DKEY_FILE "$" VAR_SMTPD_TLS_DKEY_FILE 3620 extern char *var_tlsp_tls_dkey_file; 3621 3622 #define VAR_TLSP_TLS_ECCERT_FILE "tlsproxy_tls_eccert_file" 3623 #define DEF_TLSP_TLS_ECCERT_FILE "$" VAR_SMTPD_TLS_ECCERT_FILE 3624 extern char *var_tlsp_tls_eccert_file; 3625 3626 #define VAR_TLSP_TLS_ECKEY_FILE "tlsproxy_tls_eckey_file" 3627 #define DEF_TLSP_TLS_ECKEY_FILE "$" VAR_SMTPD_TLS_ECKEY_FILE 3628 extern char *var_tlsp_tls_eckey_file; 3629 3630 #define DEF_TLSP_TLS_ECKEY_FILE "$" VAR_SMTPD_TLS_ECKEY_FILE 3631 extern char *var_tlsp_tls_eckey_file; 3632 3633 #define VAR_TLSP_TLS_CA_FILE "tlsproxy_tls_CAfile" 3634 #define DEF_TLSP_TLS_CA_FILE "$" VAR_SMTPD_TLS_CA_FILE 3635 extern char *var_tlsp_tls_CAfile; 3636 3637 #define VAR_TLSP_TLS_CA_PATH "tlsproxy_tls_CApath" 3638 #define DEF_TLSP_TLS_CA_PATH "$" VAR_SMTPD_TLS_CA_PATH 3639 extern char *var_tlsp_tls_CApath; 3640 3641 #define VAR_TLSP_TLS_PROTO "tlsproxy_tls_protocols" 3642 #define DEF_TLSP_TLS_PROTO "$" VAR_SMTPD_TLS_PROTO 3643 extern char *var_tlsp_tls_proto; 3644 3645 #define VAR_TLSP_TLS_MAND_PROTO "tlsproxy_tls_mandatory_protocols" 3646 #define DEF_TLSP_TLS_MAND_PROTO "$" VAR_SMTPD_TLS_MAND_PROTO 3647 extern char *var_tlsp_tls_mand_proto; 3648 3649 #define VAR_TLSP_TLS_CIPH "tlsproxy_tls_ciphers" 3650 #define DEF_TLSP_TLS_CIPH "$" VAR_SMTPD_TLS_CIPH 3651 extern char *var_tlsp_tls_ciph; 3652 3653 #define VAR_TLSP_TLS_MAND_CIPH "tlsproxy_tls_mandatory_ciphers" 3654 #define DEF_TLSP_TLS_MAND_CIPH "$" VAR_SMTPD_TLS_MAND_CIPH 3655 extern char *var_tlsp_tls_mand_ciph; 3656 3657 #define VAR_TLSP_TLS_EXCL_CIPH "tlsproxy_tls_exclude_ciphers" 3658 #define DEF_TLSP_TLS_EXCL_CIPH "$" VAR_SMTPD_TLS_EXCL_CIPH 3659 extern char *var_tlsp_tls_excl_ciph; 3660 3661 #define VAR_TLSP_TLS_MAND_EXCL "tlsproxy_tls_mandatory_exclude_ciphers" 3662 #define DEF_TLSP_TLS_MAND_EXCL "$" VAR_SMTPD_TLS_MAND_EXCL 3663 extern char *var_tlsp_tls_mand_excl; 3664 3665 #define VAR_TLSP_TLS_FPT_DGST "tlsproxy_tls_fingerprint_digest" 3666 #define DEF_TLSP_TLS_FPT_DGST "$" VAR_SMTPD_TLS_FPT_DGST 3667 extern char *var_tlsp_tls_fpt_dgst; 3668 3669 #define VAR_TLSP_TLS_512_FILE "tlsproxy_tls_dh512_param_file" 3670 #define DEF_TLSP_TLS_512_FILE "$" VAR_SMTPD_TLS_512_FILE 3671 extern char *var_tlsp_tls_dh512_param_file; 3672 3673 #define VAR_TLSP_TLS_1024_FILE "tlsproxy_tls_dh1024_param_file" 3674 #define DEF_TLSP_TLS_1024_FILE "$" VAR_SMTPD_TLS_1024_FILE 3675 extern char *var_tlsp_tls_dh1024_param_file; 3676 3677 #define VAR_TLSP_TLS_EECDH "tlsproxy_tls_eecdh_grade" 3678 #define DEF_TLSP_TLS_EECDH "$" VAR_SMTPD_TLS_EECDH 3679 extern char *var_tlsp_tls_eecdh; 3680 3681 #define VAR_TLSP_TLS_LOGLEVEL "tlsproxy_tls_loglevel" 3682 #define DEF_TLSP_TLS_LOGLEVEL "$" VAR_SMTPD_TLS_LOGLEVEL 3683 extern char *var_tlsp_tls_loglevel; 3684 3685 #define VAR_TLSP_TLS_RECHEAD "tlsproxy_tls_received_header" 3686 #define DEF_TLSP_TLS_RECHEAD "$" VAR_SMTPD_TLS_RECHEAD 3687 extern bool var_tlsp_tls_received_header; 3688 3689 #define VAR_TLSP_TLS_SET_SESSID "tlsproxy_tls_always_issue_session_ids" 3690 #define DEF_TLSP_TLS_SET_SESSID "$" VAR_SMTPD_TLS_SET_SESSID 3691 extern bool var_tlsp_tls_set_sessid; 3692 3693 /* 3694 * SMTPD "reject" contact info. 3695 */ 3696 #define VAR_SMTPD_REJ_FOOTER "smtpd_reject_footer" 3697 #define DEF_SMTPD_REJ_FOOTER "" 3698 extern char *var_smtpd_rej_footer; 3699 3700 /* 3701 * Per-record time limit support. 3702 */ 3703 #define VAR_SMTPD_REC_DEADLINE "smtpd_per_record_deadline" 3704 #define DEF_SMTPD_REC_DEADLINE "${stress?yes}${stress:no}" 3705 extern bool var_smtpd_rec_deadline; 3706 3707 #define VAR_SMTP_REC_DEADLINE "smtp_per_record_deadline" 3708 #define DEF_SMTP_REC_DEADLINE 0 3709 #define VAR_LMTP_REC_DEADLINE "lmtp_per_record_deadline" 3710 #define DEF_LMTP_REC_DEADLINE 0 3711 extern bool var_smtp_rec_deadline; 3712 3713 /* 3714 * Permit logging. 3715 */ 3716 #define VAR_SMTPD_ACL_PERM_LOG "smtpd_log_access_permit_actions" 3717 #define DEF_SMTPD_ACL_PERM_LOG "" 3718 extern char *var_smtpd_acl_perm_log; 3719 3720 /* 3721 * Before-smtpd proxy support. 3722 */ 3723 #define VAR_SMTPD_UPROXY_PROTO "smtpd_upstream_proxy_protocol" 3724 #define DEF_SMTPD_UPROXY_PROTO "" 3725 extern char *var_smtpd_uproxy_proto; 3726 3727 #define VAR_SMTPD_UPROXY_TMOUT "smtpd_upstream_proxy_timeout" 3728 #define DEF_SMTPD_UPROXY_TMOUT "5s" 3729 extern int var_smtpd_uproxy_tmout; 3730 3731 /* 3732 * Postfix sendmail command compatibility features. 3733 */ 3734 #define SM_FIX_EOL_STRICT "strict" 3735 #define SM_FIX_EOL_NEVER "never" 3736 #define SM_FIX_EOL_ALWAYS "always" 3737 3738 #define VAR_SM_FIX_EOL "sendmail_fix_line_endings" 3739 #define DEF_SM_FIX_EOL SM_FIX_EOL_ALWAYS 3740 extern char *var_sm_fix_eol; 3741 3742 /* 3743 * Gradual degradation, or fatal exit after table open error? 3744 */ 3745 #define VAR_DAEMON_OPEN_FATAL "daemon_table_open_error_is_fatal" 3746 #define DEF_DAEMON_OPEN_FATAL 0 3747 extern bool var_daemon_open_fatal; 3748 3749 /* LICENSE 3750 /* .ad 3751 /* .fi 3752 /* The Secure Mailer license must be distributed with this software. 3753 /* AUTHOR(S) 3754 /* Wietse Venema 3755 /* IBM T.J. Watson Research 3756 /* P.O. Box 704 3757 /* Yorktown Heights, NY 10598, USA 3758 /*--*/ 3759 3760 #endif 3761