--- smf-sav.c +++ smf-sav.c @@ -68,11 +68,16 @@ #define hash_size(x) ((unsigned long) 1 << x) #define hash_mask(x) (hash_size(x) - 1) -#define CONFIG_FILE "/etc/mail/smfs/smf-sav.conf" +#ifndef CONFDIR +#define CONFDIR "/etc/mail/smfs" +#endif +#define CONFIG_FILE CONFDIR "/smf-sav.conf" #define PUBLIC_NAME "yourhost.yourdomain.tld" #define SAFE_CALLBACK "postmaster@yourdomain.tld" #define SYSLOG_FACILITY LOG_MAIL #define SAV 1 +#define RAV 0 +#define ACCEPT_RAV_TEMPFAIL 0 #define IGNORE_TEMPFAIL 0 #define BLOCK_IGNORANTS 0 #define FROM_PASS_TTL 86400 @@ -81,9 +86,15 @@ #define TO_PASS_TTL 3600 #define TO_TEMPFAIL_TTL 300 #define TO_FAIL_TTL 3600 -#define WORK_SPACE "/var/run/smfs" +#ifndef DATADIR +#define DATADIR "/var/run/smfs" +#endif +#define WORK_SPACE DATADIR +#define PID_FILE WORK_SPACE "/smf-sav.pid" #define OCONN "unix:" WORK_SPACE "/smf-sav.sock" +#ifndef USER #define USER "smfs" +#endif #define DNS_RETRANS 7 #define DNS_RETRY 4 @@ -184,6 +195,12 @@ typedef struct STR { struct STR *next; } STR; +typedef struct ADDR { + in_addr_t addr; + struct ADDR *next; + +} ADDR; + typedef struct config { char *public_name; char *safe_callback; @@ -194,8 +211,14 @@ typedef struct config { STR *ptrs; STR *froms; STR *tos; + STR *local_mailers; + STR *smtp_mailers; + ADDR *rav_skip_mxs; int syslog_facility; int sav; + int rav; + int accept_rav_tempfail; + char *pid_file; int ignore_tempfail; int block_ignorants; unsigned long from_pass_ttl; @@ -250,6 +273,8 @@ static sfsistat smf_envrcpt(SMFICTX *, c static sfsistat smf_eoh(SMFICTX *ctx); static sfsistat smf_close(SMFICTX *); +static in_addr_t to_addr(const char *); + static void strscpy(register char *dst, register const char *src, size_t size) { register size_t i; @@ -388,6 +413,7 @@ static void free_config(void) { SAFE_FREE(conf.mail_store); SAFE_FREE(conf.run_as_user); SAFE_FREE(conf.sendmail_socket); + SAFE_FREE(conf.pid_file); if (conf.cidrs) { CIDR *it = conf.cidrs, *it_next; @@ -427,6 +453,35 @@ static void free_config(void) { it = it_next; } } + if (conf.local_mailers) { + STR *it = conf.local_mailers, *it_next; + + while (it) { + it_next = it->next; + SAFE_FREE(it->str); + SAFE_FREE(it); + it = it_next; + } + } + if (conf.smtp_mailers) { + STR *it = conf.smtp_mailers, *it_next; + + while (it) { + it_next = it->next; + SAFE_FREE(it->str); + SAFE_FREE(it); + it = it_next; + } + } + if (conf.rav_skip_mxs) { + ADDR *it = conf.rav_skip_mxs, *it_next; + + while (it) { + it_next = it->next; + SAFE_FREE(it); + it = it_next; + } + } } static int load_config(void) { @@ -438,7 +493,10 @@ static int load_config(void) { conf.run_as_user = strdup(USER); conf.sendmail_socket = strdup(OCONN); conf.syslog_facility = SYSLOG_FACILITY; + conf.pid_file = strdup(PID_FILE); conf.sav = SAV; + conf.rav = RAV; + conf.accept_rav_tempfail = ACCEPT_RAV_TEMPFAIL; conf.ignore_tempfail = IGNORE_TEMPFAIL; conf.block_ignorants = BLOCK_IGNORANTS; conf.from_pass_ttl = FROM_PASS_TTL; @@ -456,6 +514,19 @@ static int load_config(void) { if ((p = strchr(buf, '#'))) *p = '\0'; if (!(strlen(buf))) continue; if (sscanf(buf, "%127s %127s", key, val) != 2) continue; + if (!strcasecmp(key, "rav") && !strcasecmp(val, "on")) { + conf.rav = 1; + continue; + } + if (!strcasecmp(key, "acceptravtempfail") && !strcasecmp(val, "on")) { + conf.accept_rav_tempfail = 1; + continue; + } + if (!strcasecmp(key, "pidfile")) { + SAFE_FREE(conf.pid_file); + conf.pid_file = strdup(val); + continue; + } if (!strcasecmp(key, "whitelistip")) { char *slash = NULL; unsigned short int mask = 32; @@ -542,6 +613,19 @@ static int load_config(void) { conf.sav = 0; continue; } + if (!strcasecmp(key, "rav") && !strcasecmp(val, "on")) { + conf.rav = 1; + continue; + } + if (!strcasecmp(key, "acceptravtempfail") && !strcasecmp(val, "on")) { + conf.accept_rav_tempfail = 1; + continue; + } + if (!strcasecmp(key, "pidfile")) { + SAFE_FREE(conf.pid_file); + conf.pid_file = strdup(val); + continue; + } if (!strcasecmp(key, "ignoretempfail") && !strcasecmp(val, "on")) { conf.ignore_tempfail = 1; continue; @@ -555,6 +639,53 @@ static int load_config(void) { conf.mail_store = strdup(val); continue; } + if (!strcasecmp(key, "localmailer")) { + STR *it = NULL; + + if (!conf.local_mailers) + conf.local_mailers = (STR *) calloc(1, sizeof(STR)); + else + if ((it = (STR *) calloc(1, sizeof(STR)))) { + it->next = conf.local_mailers; + conf.local_mailers = it; + } + if (conf.local_mailers && !conf.local_mailers->str) { + strtolower(val); + conf.local_mailers->str = strdup(val); + } + continue; + } + if (!strcasecmp(key, "smtpmailer")) { + STR *it = NULL; + + if (!conf.smtp_mailers) + conf.smtp_mailers = (STR *) calloc(1, sizeof(STR)); + else + if ((it = (STR *) calloc(1, sizeof(STR)))) { + it->next = conf.smtp_mailers; + conf.smtp_mailers = it; + } + if (conf.smtp_mailers && !conf.smtp_mailers->str) { + strtolower(val); + conf.smtp_mailers->str = strdup(val); + } + continue; + } + if (!strcasecmp(key, "skipmx")) { + ADDR *it = NULL; + + if (!conf.rav_skip_mxs) + conf.rav_skip_mxs = (ADDR *) calloc(1, sizeof(ADDR)); + else + if ((it = (ADDR *) calloc(1, sizeof(ADDR)))) { + it->next = conf.rav_skip_mxs; + conf.rav_skip_mxs = it; + } + if (conf.rav_skip_mxs && !conf.rav_skip_mxs->addr) { + conf.rav_skip_mxs->addr = to_addr(val); + } + continue; + } if (!strcasecmp(key, "frompassttl")) { conf.from_pass_ttl = translate(val); continue; @@ -655,6 +786,32 @@ static int to_check(const char *to) { return 0; } +typedef enum { + MAILER_LOCAL = 1, + MAILER_SMTP +} mailer_types_t; + +static int mailer_check(mailer_types_t mailer_type, const char *mailer) { + STR *it = NULL; + + switch (mailer_type) { + case MAILER_LOCAL: + it = conf.local_mailers; + break; + case MAILER_SMTP: + it = conf.smtp_mailers; + break; + default: + return 0; + } + + while (it) { + if (it->str && !strcasecmp(mailer, it->str)) return 1; + it = it->next; + } + return 0; +} + static void time_humanize(register char *dst, time_t tm) { register int h, m, s; @@ -868,7 +1025,7 @@ static void smtp_quit(int sock) { smtp_chat(sock, cmd); } -static int mailer(const char *rcpt, const char *mxhost) { +static int mailer(const char *rcpt, const in_addr_t mxhost) { struct sockaddr_in address; char cmd[MAXLINE]; char ipaddr[MAXLINE]; @@ -877,36 +1034,15 @@ static int mailer(const char *rcpt, cons socklen_t optlen = sizeof(optval); memset(&address, 0, sizeof(address)); - if (!regexec(&re_ipv4, mxhost, 0, NULL, 0)) { - char host[32]; + address.sin_addr.s_addr = mxhost; - strscpy(host, mxhost, sizeof(host) - 1); - if (host[strlen(host) - 1] == '.') host[strlen(host) - 1] = '\0'; - address.sin_addr.s_addr = inet_addr(host); - } - else { - struct addrinfo *ai = NULL; - struct addrinfo hints; - - memset(&hints, 0, sizeof(hints)); - hints.ai_family = AF_INET; - hints.ai_socktype = SOCK_STREAM; - hints.ai_protocol = IPPROTO_TCP; - if (getaddrinfo(mxhost, NULL, &hints, &ai)) { - if (ai) freeaddrinfo(ai); - return QUIT_FAIL; - } - address.sin_addr.s_addr = *(uint32_t *) &((struct sockaddr_in *)ai->ai_addr)->sin_addr; - freeaddrinfo(ai); - } - snprintf(ipaddr,MAXLINE,"%u.%u.%u.%u", (address.sin_addr.s_addr&0x000000ff)>>0, (address.sin_addr.s_addr&0x0000ff00)>>8, (address.sin_addr.s_addr&0x00ff0000)>>16, (address.sin_addr.s_addr&0xff000000)>>24); - syslog(LOG_INFO, "MX check at %s [%s]",mxhost,ipaddr); + syslog(LOG_INFO, "MX check at %s [%s]",inet_ntoa(address.sin_addr),ipaddr); if (address.sin_addr.s_addr == 0x0100007f || address.sin_addr.s_addr == 0xffffffff) return QUIT_FAIL; if (conf.mail_store && strcmp(ipaddr,conf.mail_store)==0) return QUIT_OK; @@ -1007,8 +1143,36 @@ quit_fail: } +static in_addr_t to_addr(const char *mxhost) { + in_addr_t addr = 0; + + if (!regexec(&re_ipv4, mxhost, 0, NULL, 0)) { + char host[24]; -static int get_mx_rr(const char *host, char *MXHostBuf, char **mxhosts, querybuf *answer) { + strscpy(host, mxhost, sizeof(host) - 1); + if (host[strlen(host) - 1] == '.') host[strlen(host) - 1] = '\0'; + addr = inet_addr(host); + } + else { + struct addrinfo *ai = NULL; + struct addrinfo hints; + + memset(&hints, 0, sizeof(hints)); + hints.ai_family = AF_INET; + hints.ai_socktype = SOCK_STREAM; + hints.ai_protocol = IPPROTO_TCP; + if (getaddrinfo(mxhost, NULL, &hints, &ai)) { + if (ai) freeaddrinfo(ai); + return QUIT_FAIL; + } + addr = *(uint32_t *) &((struct sockaddr_in *)ai->ai_addr)->sin_addr; + freeaddrinfo(ai); + } + return addr; +} + + +static int get_mx_rr(const char *host, char *MXHostBuf, in_addr_t *mxhosts, querybuf *answer, int rav) { unsigned char *eom, *cp; unsigned short pref, type, prefs[MAXMX]; int i, j, n, ttl, ancount, qdcount, buflen, weight[MAXMX], nmx = 0; @@ -1060,7 +1224,15 @@ static int get_mx_rr(const char *host, c if (n == 0) continue; weight[nmx] = hash_code(bp) & 0xff; prefs[nmx] = pref; - mxhosts[nmx++] = bp; + mxhosts[nmx++] = to_addr((const char *)bp); +#if DEBUG + { + struct in_addr x; + x.s_addr = mxhosts[nmx - 1]; + + syslog(LOG_DEBUG, "get_mx_rr got mx for host %s: n:%s, a:%s, p:%d, w:%d", host, bp, inet_ntoa(x), prefs[nmx - 1], weight[nmx - 1]); + } +#endif bp += n; if (bp[-1] != '.') { *bp++ = '.'; @@ -1074,7 +1246,7 @@ static int get_mx_rr(const char *host, c for (j = i + 1; j < nmx; j++) if (prefs[i] > prefs[j] || (prefs[i] == prefs[j] && weight[i] > weight[j])) { int temp; - char *temp1; + in_addr_t temp1; temp = prefs[i]; prefs[i] = prefs[j]; @@ -1086,17 +1258,55 @@ static int get_mx_rr(const char *host, c weight[i] = weight[j]; weight[j] = temp; } +#if DEBUG + for (i = 0; i < nmx; i++) { + struct in_addr x; + x.s_addr = mxhosts[i]; + syslog(LOG_DEBUG, "get_mx_rr sorted mx list for host %s: a:%s, p:%d, w:%d", host, inet_ntoa(x), prefs[i], weight[i]); + } +#endif + if (rav) + for (i = 0; i < nmx; i++) { + ADDR *it = conf.rav_skip_mxs; + + while (it) { +#if DEBUG + { + struct in_addr x,y; + x.s_addr = mxhosts[i]; + y.s_addr = it->addr; + + syslog(LOG_DEBUG, "get_mx_rr checking mx for host %s: mx:%s, skip:%s", host, inet_ntoa(x), inet_ntoa(y)); + } +#endif + if (it->addr && it->addr == mxhosts[i]) { + mxhosts[i] = 0; + prefs[i] = 0; + weight[i] = 0; + nmx = i; + } + it = it->next; + } + } if (nmx == 0) { done: strscpy(MXHostBuf, host, MXBUFFER - 1); - mxhosts[nmx++] = MXHostBuf; + mxhosts[nmx++] = to_addr((const char *)MXHostBuf); + } +#if DEBUG + for (i = 0; i < nmx; i++) { + struct in_addr x; + x.s_addr = mxhosts[i]; + syslog(LOG_DEBUG, "get_mx_rr final mx list for host %s: a:%s, p:%d, w:%d", host, inet_ntoa(x), prefs[i], weight[i]); } +#endif return nmx; } static int check_sender(const char *sender) { querybuf *answer; - char *MXHostBuf, *mxhosts[MAXMX + 1]; + char *MXHostBuf; + in_addr_t mxhosts[MAXMX + 1]; int mxcount, i, rc; if (!(MXHostBuf = calloc(1, MXBUFFER))) { @@ -1108,7 +1318,7 @@ static int check_sender(const char *send free(MXHostBuf); return -1; } - if ((mxcount = get_mx_rr(strchr(sender, '@') + 1, MXHostBuf, mxhosts, answer)) <= 0) { + if ((mxcount = get_mx_rr(strchr(sender, '@') + 1, MXHostBuf, mxhosts, answer, 0)) <= 0) { free(MXHostBuf); free(answer); return -1; @@ -1130,14 +1340,15 @@ static int check_recipient(const char *r strscpy(wildcardmxhost, p + 1, sizeof(wildcardmxhost) - 1); if ((p = strrchr(wildcardmxhost, ']'))) *p = '\0'; - return mailer(recipient, wildcardmxhost); + return mailer(recipient, to_addr((const char *)wildcardmxhost)); } - return mailer(recipient, host); + return mailer(recipient, to_addr(host)); } static int check_recipient_by_mx(const char *recipient, const char *domain) { querybuf *answer; - char *MXHostBuf, *mxhosts[MAXMX + 1]; + char *MXHostBuf; + in_addr_t mxhosts[MAXMX + 1]; int mxcount, i, rc; if (!(MXHostBuf = calloc(1, MXBUFFER))) { @@ -1149,7 +1360,7 @@ static int check_recipient_by_mx(const c free(MXHostBuf); return -1; } - if ((mxcount = get_mx_rr(domain, MXHostBuf, mxhosts, answer)) <= 0) { + if ((mxcount = get_mx_rr(domain, MXHostBuf, mxhosts, answer, 1)) <= 0) { free(MXHostBuf); free(answer); return -1; @@ -1310,14 +1521,19 @@ static sfsistat smf_envrcpt(SMFICTX *ctx char human_time[10]; time_t tstart, tend; int ret = 1; - + int skip_local_mailers = 0; + + if (!conf.rav) return SMFIS_CONTINUE; if (*args) strscpy(context->rcpt, *args, sizeof(context->rcpt) - 1); if (!address_preparation(context->recipient, context->rcpt)) { smfi_setreply(ctx, "550", "5.1.3", "Recipient address does not conform to RFC-2821 syntax"); return SMFIS_REJECT; } strtolower(context->recipient); - if (!conf.mail_store) goto penalty; +#if DEBUG + syslog(LOG_DEBUG, "smf_envrcpt, i=%s, m=%s, h=%s, a=%s", interface, rcpt_mailer, rcpt_host, rcpt_addr); +#endif + if (!conf.mail_store || !strcasecmp(conf.mail_store, "none")) skip_local_mailers = 1; if (context->slowdown) do_sleep(SLOW_DOWN_SLICE * context->slowdown); if (cache) { cache_item_status status; @@ -1328,7 +1544,7 @@ static sfsistat smf_envrcpt(SMFICTX *ctx switch (status) { case RECIPIENT_PASS: syslog(LOG_INFO, "recipient check succeeded (cached): from=%s, to=%s, %s [%s], id=%s", context->from, context->rcpt, context->fqdn, context->addr,queueid); - goto penalty; + return SMFIS_CONTINUE; case RECIPIENT_FAIL: context->slowdown++; do_sleep(1); @@ -1345,21 +1561,40 @@ static sfsistat smf_envrcpt(SMFICTX *ctx } } time(&tstart); - if (rcpt_mailer && !strcasecmp(rcpt_mailer, "local")) { - // Don't check local adresses - goto penalty; - } - else + if (rcpt_mailer && mailer_check(MAILER_LOCAL, rcpt_mailer)) { + if (!skip_local_mailers) { +#if DEBUG + syslog(LOG_DEBUG, "rcpt check: local mailer '%s'", rcpt_mailer); +#endif + ret = check_recipient(context->recipient, conf.mail_store); + } else { +#if DEBUG + syslog(LOG_DEBUG, "skipping rcpt check: local mailer '%s'", rcpt_mailer); +#endif + return SMFIS_CONTINUE; + } + } else if (rcpt_mailer && rcpt_host && rcpt_addr) - if (!strcasecmp(rcpt_mailer, "smtp") || !strcasecmp(rcpt_mailer, "esmtp")) { - if (strchr(rcpt_host, '[')) + if (mailer_check(MAILER_SMTP, rcpt_mailer)) { + if (strchr(rcpt_host, '[')) { +#if DEBUG + syslog(LOG_DEBUG, "rcpt check: mailer '%s', checking by host %s", rcpt_mailer, rcpt_host); +#endif ret = check_recipient(rcpt_addr, rcpt_host); - else + } else { +#if DEBUG + syslog(LOG_DEBUG, "rcpt check: mailer '%s', checking by mx", rcpt_mailer); +#endif ret = check_recipient_by_mx(rcpt_addr, rcpt_host); + } } time(&tend); time_humanize(human_time, tend - tstart); if (ret == 0) { + if (conf.tos && to_check(context->recipient)) { + syslog(LOG_INFO, "recipient check failed, forcing accept by whitelist: %s, %s, %s, %s, [%s]", context->rcpt, context->addr, context->fqdn, context->from, human_time); + return SMFIS_CONTINUE; + } context->slowdown++; if (cache && conf.to_fail_ttl) { mutex_lock(&cache_mutex); @@ -1367,18 +1602,22 @@ static sfsistat smf_envrcpt(SMFICTX *ctx mutex_unlock(&cache_mutex); } do_sleep(1); - syslog(LOG_NOTICE, "recipient check failed: from=%s, to=%s, %s [%s], [%s], id=%s", context->from, context->rcpt, context->fqdn, context->addr, human_time,queueid); + syslog(LOG_INFO, "recipient check failed: from=%s, to=%s, %s [%s], [%s], id=%s", context->from, context->rcpt, context->fqdn, context->addr, human_time,queueid); smfi_setreply(ctx, "550", "5.1.1", "Sorry, no mailbox here by that name or mailbox is over quota"); return SMFIS_REJECT; } if (ret < 0) { + if (conf.accept_rav_tempfail || (conf.tos && to_check(context->recipient))) { + syslog(LOG_INFO, "recipient check tempfailed, forcing accept: %s, %s, %s, %s, [%s]", context->rcpt, context->addr, context->fqdn, context->from, human_time); + return SMFIS_CONTINUE; + } if (cache && conf.to_tempfail_ttl) { mutex_lock(&cache_mutex); cache_put(context->recipient, conf.to_tempfail_ttl, RECIPIENTS, RECIPIENT_TEMPFAIL, CACHE_KEEP); mutex_unlock(&cache_mutex); } do_sleep(1); - syslog(LOG_NOTICE, "recipient check tempfailed: from=%s, to=%s, %s [%s], [%s], id=%s", context->from, context->rcpt, context->fqdn, context->addr, human_time,queueid); + syslog(LOG_INFO, "recipient check tempfailed: from=%s, to=%s, %s [%s], [%s], id=%s", context->from, context->rcpt, context->fqdn, context->addr, human_time,queueid); smfi_setreply(ctx, "451", "4.2.1", "Mailbox is not available now, try again later"); return SMFIS_TEMPFAIL; } @@ -1388,9 +1627,7 @@ static sfsistat smf_envrcpt(SMFICTX *ctx mutex_unlock(&cache_mutex); } syslog(LOG_INFO, "recipient check succeeded: from=%s, to=%s, %s [%s], [%s], id=%s", context->from, context->rcpt, context->fqdn, context->addr, human_time,queueid); -penalty: - if (to_check(context->recipient)) return SMFIS_ACCEPT; - + return SMFIS_CONTINUE; } @@ -1404,6 +1641,55 @@ static sfsistat smf_close(SMFICTX *ctx) return SMFIS_CONTINUE; } +static int check_pid() { + FILE *f = NULL; + char pid_str[32]; + unsigned int pid; + + if ((f = fopen(conf.pid_file, "r")) != NULL) { + /* pid_file already exists */ + if (fgets(pid_str, 30, f) != NULL) { + pid = atoi(pid_str); + if (pid != 0) { + fclose(f); + if ((kill(pid, 0) != 0) && (errno == ESRCH)) { + /* stale pid_file */ + syslog(LOG_INFO, "Stale pid file %s from process %u", + conf.pid_file, pid); + unlink(conf.pid_file); + return 0; + } else { + syslog(LOG_ERR, "smf-sav instance is already running (pid %u)", + pid); + return 1; + } + } + } + fclose(f); + unlink(conf.pid_file); + } + return 0; +} + +static int write_pid() +{ + FILE *f = NULL; + mode_t prev_mask; + + prev_mask = umask(022); + if ((f = fopen(conf.pid_file, "w")) != NULL) { + fprintf(f, "%u\n", getpid()); + fclose(f); + umask(prev_mask); + return 0; + } else { + syslog(LOG_ERR, "Can't open pid file %s for writing (%s)", + conf.pid_file, strerror(errno)); + umask(prev_mask); + return -1; + } +} + struct smfiDesc smfilter = { "smf-sav", SMFI_VERSION, // if not able so start, change this to 2 @@ -1441,6 +1727,9 @@ int main(int argc, char **argv) { if (!load_config()) fprintf(stderr, "Warning: smf-sav configuration file load failed\n"); tzset(); openlog("smf-sav", LOG_PID|LOG_NDELAY, conf.syslog_facility); + if (check_pid()) { + exit(1); + } if (!strncmp(conf.sendmail_socket, "unix:", 5)) ofile = conf.sendmail_socket + 5; else @@ -1475,6 +1764,9 @@ int main(int argc, char **argv) { fprintf(stderr, "daemonize failed: %s\n", strerror(errno)); goto done; } + if (write_pid() < 0) { + exit(1); + } if (pthread_mutex_init(&cache_mutex, 0)) { fprintf(stderr, "pthread_mutex_init failed\n"); goto done; --- smf-sav.conf +++ smf-sav.conf @@ -137,6 +137,21 @@ SAV on # (on|off) # Recipient e-Mail Address Verification # +# (on|off) +# +# Default: off +# +#RAV off + +# Wether to accept recipients on temporary failure +# Set to 'on' if this host is acting as mail hub for clients without permanent internet link +# and is the best MX for them (f.e. uses mailertable with 'esmtp:' for SMTP delivery to them) +# +# Default: off +# +#AcceptRAVTempFail off + +# # Primary authoritative e-Mail store hostname (IP address) or # the hostname (IP address) associated with the interface # of an incoming connection of your Sendmail daemon @@ -182,3 +197,57 @@ Socket unix:/var/run/smfs/smf-sav.sock # Default: mail # #Syslog mail # (daemon|mail|local0...local7) + +# Which mailers are considered 'local' +# +# Recipient Address Verification will be skipped for addresses than resolve to +# these mailers (only if 'MailStore' is unset or set to 'none' or connection is +# originated from local host) to prevent loops. +# +# Default: none +# +LocalMailer local +LocalMailer virtual +LocalMailer cyrusv2 +LocalMailer cyrusv2d + +# Which mailers are considered 'smtp' +# Recipient Address Verification will be done only for addresses than resolve to +# these mailers. +# +# Default: none +# +SMTPMailer smtp +SMTPMailer esmtp +SMTPMailer smtp8 +SMTPMailer dsmtp +SMTPMailer relay + +# Skip all MXs with pref greater or equal than addresses from this list (if any) +# when doing Recipient Address Verification. Useful in the case of unsyncronized +# DNS <-> mailertable entries, f.e. +# DNS: +# test.com. IN MX 5 a.test.com. +# IN MX 10 b.test.com. +# a.test.com. IN A 10.10.10.1 +# b.test.com. IN A 10.10.10.2 +# mailertable: +# test2.com esmtp:test.com +# and 10.10.10.1 is our address +# +# Use this list to prevent loops when +# this host is the best MX for domain and the final delivery is done without DNS +# (f.e. via mailertable lookup). Also this list could help to prevent loops with +# other MXs for domain this host is MX for (by stripping MXs with greater or equal +# pref because that hosts could try this host if they have smf-sav enabled :) ). +# +# Use only IP addresses here, as a case of multiple A records for a name is +# currently unhandled. +# +# Default: none +# +SkipMX 127.0.0.1 +SkipMX 192.168.15.4 +SkipMX 10.1.1.5 + +PidFile /var/run/smfs/smf-sav.pid