svn commit: r275719 - in vendor/sendmail/dist: . cf cf/cf cf/feature cf/hack cf/m4 contrib devtools/bin doc/op editmap include/sendmail include/sm libmilter libsm libsmdb src
Gregory Neil Shapiro
gshapiro at FreeBSD.org
Fri Dec 12 04:10:54 UTC 2014
Author: gshapiro
Date: Fri Dec 12 04:10:50 2014
New Revision: 275719
URL: https://svnweb.freebsd.org/changeset/base/275719
Log:
Import sendmail 8.15.1
Added:
vendor/sendmail/dist/cf/feature/bcc.m4 (contents, props changed)
vendor/sendmail/dist/cf/feature/nopercenthack.m4 (contents, props changed)
vendor/sendmail/dist/cf/feature/prefixmod.m4 (contents, props changed)
vendor/sendmail/dist/cf/hack/xconnect.m4 (contents, props changed)
vendor/sendmail/dist/contrib/AuthRealm.p0 (contents, props changed)
Deleted:
vendor/sendmail/dist/libsm/path.c
Modified:
vendor/sendmail/dist/FAQ
vendor/sendmail/dist/INSTALL
vendor/sendmail/dist/KNOWNBUGS
vendor/sendmail/dist/README
vendor/sendmail/dist/RELEASE_NOTES
vendor/sendmail/dist/cf/README
vendor/sendmail/dist/cf/cf/generic-bsd4.4.cf
vendor/sendmail/dist/cf/cf/generic-hpux10.cf
vendor/sendmail/dist/cf/cf/generic-hpux9.cf
vendor/sendmail/dist/cf/cf/generic-linux.cf
vendor/sendmail/dist/cf/cf/generic-mpeix.cf
vendor/sendmail/dist/cf/cf/generic-nextstep3.3.cf
vendor/sendmail/dist/cf/cf/generic-osf1.cf
vendor/sendmail/dist/cf/cf/generic-solaris.cf
vendor/sendmail/dist/cf/cf/generic-sunos4.1.cf
vendor/sendmail/dist/cf/cf/generic-ultrix4.cf
vendor/sendmail/dist/cf/cf/submit.cf
vendor/sendmail/dist/cf/feature/ldap_routing.m4
vendor/sendmail/dist/cf/m4/proto.m4
vendor/sendmail/dist/cf/m4/version.m4
vendor/sendmail/dist/devtools/bin/Build
vendor/sendmail/dist/doc/op/op.me
vendor/sendmail/dist/doc/op/op.ps
vendor/sendmail/dist/editmap/editmap.c
vendor/sendmail/dist/include/sendmail/sendmail.h
vendor/sendmail/dist/include/sm/bdb.h
vendor/sendmail/dist/include/sm/cdefs.h
vendor/sendmail/dist/include/sm/conf.h
vendor/sendmail/dist/include/sm/errstring.h
vendor/sendmail/dist/include/sm/fdset.h
vendor/sendmail/dist/libmilter/engine.c
vendor/sendmail/dist/libmilter/handler.c
vendor/sendmail/dist/libmilter/listener.c
vendor/sendmail/dist/libmilter/signal.c
vendor/sendmail/dist/libmilter/worker.c
vendor/sendmail/dist/libsm/Makefile.m4
vendor/sendmail/dist/libsm/errstring.c
vendor/sendmail/dist/libsm/local.h
vendor/sendmail/dist/libsm/mbdb.c
vendor/sendmail/dist/libsm/refill.c
vendor/sendmail/dist/libsm/stdio.c
vendor/sendmail/dist/libsm/vfprintf.c
vendor/sendmail/dist/libsmdb/smdb.c
vendor/sendmail/dist/src/README
vendor/sendmail/dist/src/TRACEFLAGS
vendor/sendmail/dist/src/TUNING
vendor/sendmail/dist/src/bf.c
vendor/sendmail/dist/src/collect.c
vendor/sendmail/dist/src/conf.c
vendor/sendmail/dist/src/daemon.c
vendor/sendmail/dist/src/deliver.c
vendor/sendmail/dist/src/envelope.c
vendor/sendmail/dist/src/err.c
vendor/sendmail/dist/src/headers.c
vendor/sendmail/dist/src/main.c
vendor/sendmail/dist/src/map.c
vendor/sendmail/dist/src/mci.c
vendor/sendmail/dist/src/milter.c
vendor/sendmail/dist/src/parseaddr.c
vendor/sendmail/dist/src/queue.c
vendor/sendmail/dist/src/readcf.c
vendor/sendmail/dist/src/recipient.c
vendor/sendmail/dist/src/savemail.c
vendor/sendmail/dist/src/sendmail.0
vendor/sendmail/dist/src/sendmail.8
vendor/sendmail/dist/src/sendmail.h
vendor/sendmail/dist/src/sfsasl.c
vendor/sendmail/dist/src/sm_resolve.c
vendor/sendmail/dist/src/srvrsmtp.c
vendor/sendmail/dist/src/tls.c
vendor/sendmail/dist/src/usersmtp.c
vendor/sendmail/dist/src/util.c
vendor/sendmail/dist/src/version.c
Modified: vendor/sendmail/dist/FAQ
==============================================================================
--- vendor/sendmail/dist/FAQ Fri Dec 12 03:58:51 2014 (r275718)
+++ vendor/sendmail/dist/FAQ Fri Dec 12 04:10:50 2014 (r275719)
@@ -1,8 +1,4 @@
The FAQ is no longer maintained with the sendmail release. It is
available at http://www.sendmail.org/faq/ .
-A plain-text version of the questions only, with URLs referring to
-the answers, is posted to comp.mail.sendmail on the 10th and 25th
-of each month.
-
-$Revision: 8.24 $, Last updated $Date: 1999-02-07 03:21:03 $
+$Revision: 8.25 $, Last updated $Date: 2014-01-27 12:49:52 $
Modified: vendor/sendmail/dist/INSTALL
==============================================================================
--- vendor/sendmail/dist/INSTALL Fri Dec 12 03:58:51 2014 (r275718)
+++ vendor/sendmail/dist/INSTALL Fri Dec 12 04:10:50 2014 (r275719)
@@ -28,8 +28,9 @@ sendmail/SECURITY for more installation
/etc/mail/submit.cf. This can be done in the cf/cf by using
"sh ./Build install-cf".
- Please read sendmail/SECURITY before continuing; you have to create a
- new user smmsp and a new group smmsp for the default installation.
+ Please read sendmail/SECURITY before continuing; you may have to create
+ a new user smmsp and a new group smmsp for the default installation
+ if you are updating from a really old version.
Then install the sendmail binary built in step 3 by cd-ing back to
sendmail/ and running "sh ./Build install".
Modified: vendor/sendmail/dist/KNOWNBUGS
==============================================================================
--- vendor/sendmail/dist/KNOWNBUGS Fri Dec 12 03:58:51 2014 (r275718)
+++ vendor/sendmail/dist/KNOWNBUGS Fri Dec 12 04:10:50 2014 (r275719)
@@ -62,9 +62,9 @@ This list is not guaranteed to be comple
libmilter and hence the communication fails. This can be avoided by
increasing the constant MILTER_CHUNK_SIZE in
include/libmilter/mfdef.h and recompiling sendmail, libmilter, and
- all (statically linked) milters (or by using an undocumented compile
- time option: _FFR_MAXDATASIZE; you have to read the source code in
- order to use this properly).
+ all (statically linked) milters (or by using undocumented compile
+ time options: _FFR_MAXDATASIZE/_FFR_MDS_NEGOTIATE; you have to
+ read the source code in order to use these properly).
* Sender addresses whose domain part cause a temporary A record lookup
failure but have a valid MX record will be temporarily rejected in
@@ -102,6 +102,11 @@ Kresolve sequence dnsmx canon
Header addresses that have the \231 character (and possibly others
in the range \201 - \237) behave in odd and usually unexpected ways.
+* AuthRealm for Cyrus SASL may not work as expected. The man page
+ and the actual usage for sasl_server_new() seem to differ.
+ Feedback for the "correct" usage is welcome, a patch to match
+ the description of the man page is in contrib/AuthRealm.p0.
+
* accept() problem on SVR4.
Apparently, the sendmail daemon loop (doing accept()s on the network)
@@ -252,7 +257,7 @@ Kresolve sequence dnsmx canon
* Race condition for delivery to set-user-ID files
- Sendmail will deliver to a fail if the file is owned by the DefaultUser
+ Sendmail will deliver to a file if the file is owned by the DefaultUser
or has the set-user-ID bit set. Unfortunately, some systems clear that bit
when a file is modified. Sendmail compensates by resetting the file mode
back to it's original settings. Unfortunately, there's still a
Modified: vendor/sendmail/dist/README
==============================================================================
--- vendor/sendmail/dist/README Fri Dec 12 03:58:51 2014 (r275718)
+++ vendor/sendmail/dist/README Fri Dec 12 04:10:50 2014 (r275719)
@@ -211,29 +211,11 @@ There are other files you should read.
+--------------+
There are several related RFCs that you may wish to read -- they are
-available via anonymous FTP to several sites. For a list of the
-primary repositories see:
-
- http://www.isi.edu/in-notes/rfc-retrieval.txt
-
-They are also online at:
+available from several sites, see
+ http://www.rfc-editor.org/
http://www.ietf.org/
-They can also be retrieved via electronic mail by sending
-email to one of:
-
- mail-server at nisc.sri.com
- Put "send rfcNNN" in message body
- nis-info at nis.nsf.net
- Put "send RFCnnn.TXT-1" in message body
- sendrfc at jvnc.net
- Put "RFCnnn" as Subject: line
-
-For further instructions see:
-
- http://www.isi.edu/in-notes/rfc-editor/rfc-info
-
Important RFCs for electronic mail are:
RFC821 SMTP protocol
Modified: vendor/sendmail/dist/RELEASE_NOTES
==============================================================================
--- vendor/sendmail/dist/RELEASE_NOTES Fri Dec 12 03:58:51 2014 (r275718)
+++ vendor/sendmail/dist/RELEASE_NOTES Fri Dec 12 04:10:50 2014 (r275719)
@@ -5,6 +5,124 @@ This listing shows the version of the se
of the sendmail configuration files, the date of release, and a
summary of the changes in that release.
+8.15.1/8.15.1 2014/12/06
+ SECURITY: Properly set the close-on-exec flag for file descriptors
+ (except stdin, stdout, and stderr) before executing mailers.
+ If header rewriting fails due to a temporary map lookup failure,
+ queue the mail for later retry instead of sending it
+ without rewriting the header. Note: this is done
+ while the mail is being sent and hence the transaction
+ is aborted, which only works for SMTP/LMTP mailers
+ hence the handling of temporary map failures is
+ suppressed for other mailers. SMTP/LMTP servers may
+ complain about aborted transactions when this problem
+ occurs.
+ See also "DNS Lookups" in sendmail/TUNING.
+ Incompatible Change: Use uncompressed IPv6 addresses by default,
+ i.e., they will not contain "::". For example,
+ instead of ::1 it will be 0:0:0:0:0:0:0:1. This
+ permits a zero subnet to have a more specific match,
+ such as different map entries for IPv6:0:0 vs IPv6:0.
+ This change requires that configuration data
+ (including maps, files, classes, custom ruleset,
+ etc) must use the same format, so make certain such
+ configuration data is updated before using 8.15.
+ As a very simple check search for patterns like
+ 'IPv6:[0-9a-fA-F:]*::' and 'IPv6::'. If necessary,
+ the prior format can be retained by compiling with:
+ APPENDDEF(`conf_sendmail_ENVDEF', `-DIPV6_FULL=0')
+ in your devtools/Site/site.config.m4 file.
+ If debugging is turned on (-d0.14) also print the OpenSSL
+ versions, both build time and run time
+ (provided STARTTLS is compiled in).
+ If a connection to the MTA is dropped by the client before its
+ hostname can be validated, treat it as "may be forged",
+ so that the unvalidated hostname is not passed to a
+ milter in xxfi_connect().
+ Add a timeout for communication with socket map servers
+ which can be specified using the -d option.
+ Add a compile time option HESIOD_ALLOW_NUMERIC_LOGIN to allow
+ numeric logins even if HESIOD is enabled.
+ The new option CertFingerprintAlgorithm specifies the finger-
+ print algorithm (digest) to use for the presented cert.
+ If the option is not set, md5 is used and the macro
+ {cert_md5} contains the cert fingerprint.
+ However, if the option is set, the specified algorithm
+ (e.g., sha1) is used and the macro {cert_fp} contains
+ the cert fingerprint.
+ That is, as long as the option is not set, the behaviour
+ does not change, but otherwise, {cert_md5} is superseded
+ by {cert_fp} even if you set CertFingerprintAlgorithm
+ to md5.
+ The options ServerSSLOptions and ClientSSLOptions can be used
+ to set SSL options for the server and client side
+ respectively. See SSL_CTX_set_options(3) for a list.
+ Note: this change turns on SSL_OP_NO_SSLv2 and
+ SSL_OP_NO_TICKET for the client. See doc/op/op.me
+ for details.
+ The option CipherList sets the list of ciphers for STARTTLS.
+ See ciphers(1) for possible values.
+ Do not log "STARTTLS: internal error: tls_verify_cb: ssl == NULL"
+ if a CRLFfile is in use (and LogLevel is 14 or higher.)
+ Store a more specific TLS protocol version in ${tls_version}
+ instead of a generic one, e.g., TLSv1 instead of
+ TLSv1/SSLv3.
+ Properly set {client_port} value on little endian machines.
+ Patch from Kelsey Cummings of Sonic.net.
+ Per RFC 3848, indicate in the Received: header whether SSL or
+ SMTP AUTH was negotiated by setting the protocol clause
+ to ESMTPS, ESMTPA, or ESMTPSA instead of ESMTP.
+ If the 'C' flag is listed as TLSSrvOptions the requirement for the
+ TLS server to have a cert is removed. This only works
+ under very specific circumstances and should only be used
+ if the consequences are understood, e.g., clients
+ may not work with a server using this.
+ The options ClientCertFile, ClientKeyFile, ServerCertFile, and
+ ServerKeyFile can take a second file name, which must be
+ separated from the first with a comma (note: do not use
+ any spaces) to set up a second cert/key pair. This can
+ be used to have certs of different types, e.g., RSA
+ and DSA.
+ A new map type "arpa" is available to reverse an IP (IPv4 or IPv6)
+ address. It returns the string for the PTR lookup, but
+ without trailing {ip6,in-addr}.arpa.
+ New operation mode 'C' just checks the configuration file, e.g.,
+ sendmail -C new.cf -bC
+ will perform a basic syntax/consistency check of new.cf.
+ The mailer flag 'I' is deprecated and will be removed in a
+ future version.
+ Allow local (not just TCP) socket connections to the server, e.g.,
+ O DaemonPortOptions=Family=local, Addr=/var/mta/server.sock
+ can be used.
+ If the new option MaxQueueAge is set to a value greater than zero,
+ entries in the queue will be retried during a queue run
+ only if the individual retry time has been reached which
+ is doubled for each attempt. The maximum retry time is
+ limited by the specified value.
+ New DontBlameSendmail option GroupReadableDefaultAuthInfoFile
+ to relax requirement for DefaultAuthInfo file.
+ Reset timeout after receiving a message to appropriate value if
+ STARTTLS is in use. Based on patch by Kelsey Cummings
+ of Sonic.net.
+ Report correct error messages from the LDAP library for a range of
+ small negative return values covering those used by OpenLDAP.
+ Fix compilation with Berkeley DB 5.0 and 6.0. Patch from
+ Allan E Johannesen of Worcester Polytechnic Institute.
+ CONFIG: FEATURE(`nopercenthack') takes one parameter: reject or
+ nospecial which describes whether to disallow "%" in the
+ local part of an address.
+ DEVTOOLS: Fix regression in auto-detection of libraries when only
+ shared libraries are available. Problem reported by
+ Bryan Costales.
+ LIBMILTER: Mark communication socket as close-on-exec in case
+ a user's filter starts other applications.
+ Based on patch from Paul Howarth.
+ Portability:
+ SunOS 5.12 has changed the API for sigwait(2) to conform
+ with XPG7. Based on patch from Roger Faulkner of Oracle.
+ Deleted Files:
+ libsm/path.c
+
8.14.9/8.14.9 2014/05/21
SECURITY: Properly set the close-on-exec flag for file descriptors
(except stdin, stdout, and stderr) before executing mailers.
@@ -681,7 +799,7 @@ summary of the changes in that release.
LIBMILTER: The "hostname" argument of the xxfi_connect() callback
previously was the equivalent of {client_ptr}. However,
this did not match the documentation of the function, hence
- it has been changed to {client_name}. See doc/op/op.*
+ it has been changed to {client_name}. See doc/op/op.me
about these macros.
8.13.7/8.13.7 2006/06/14
@@ -3509,11 +3627,11 @@ summary of the changes in that release.
Add new STARTTLS related options CACERTPath, CACERTFile,
ClientCertFile, ClientKeyFile, DHParameters, RandFile,
ServerCertFile, and ServerKeyFile. These are documented in
- cf/README and doc/op/op.*.
+ cf/README and doc/op/op.me.
New STARTTLS related macros: ${cert_issuer}, ${cert_subject},
${tls_version}, ${cipher}, ${cipher_bits}, ${verify},
${server_name}, and ${server_addr}. These are documented
- in cf/README and doc/op/op.*.
+ in cf/README and doc/op/op.me.
Add support for the Entropy Gathering Daemon (EGD) for better
random data.
New DontBlameSendmail option InsufficientEntropy for systems which
Modified: vendor/sendmail/dist/cf/README
==============================================================================
--- vendor/sendmail/dist/cf/README Fri Dec 12 03:58:51 2014 (r275718)
+++ vendor/sendmail/dist/cf/README Fri Dec 12 04:10:50 2014 (r275719)
@@ -397,6 +397,10 @@ SMTP_MAILER_CHARSET [undefined] If defin
that ARRIVE from an address that resolves to one of
the SMTP mailers and which are converted to MIME will
be labeled with this character set.
+RELAY_MAILER_CHARSET [undefined] If defined, messages containing 8-bit data
+ that ARRIVE from an address that resolves to the
+ relay mailers and which are converted to MIME will
+ be labeled with this character set.
SMTP_MAILER_LL [990] The maximum line length for SMTP mailers
(except the relay mailer).
RELAY_MAILER_LL [2040] The maximum line length for the relay mailer.
@@ -743,6 +747,16 @@ nouucp Don't route UUCP addresses. Thi
2. don't remove "!" from OperatorChars if `reject' is
given as parameter.
+nopercenthack Don't treat % as routing character. This feature takes one
+ parameter:
+ `reject': reject addresses which have % in the local
+ part unless it originates from a system
+ that is allowed to relay.
+ `nospecial': don't do anything special with %.
+ Warnings: 1. See the notice in the anti-spam section.
+ 2. Don't remove % from OperatorChars if `reject' is
+ given as parameter.
+
nocanonify Don't pass addresses to $[ ... $] for canonification
by default, i.e., host/domain names are considered canonical,
except for unqualified names, which must not be used in this
@@ -2442,17 +2456,19 @@ should only be used for sites which have
that they provide a gateway for. Use this FEATURE with caution as it
can allow spammers to relay through your server if not setup properly.
-NOTICE: It is possible to relay mail through a system which the anti-relay
-rules do not prevent: the case of a system that does use FEATURE(`nouucp',
-`nospecial') (system A) and relays local messages to a mail hub (e.g., via
-LOCAL_RELAY or LUSER_RELAY) (system B). If system B doesn't use
-FEATURE(`nouucp') at all, addresses of the form
-<example.net!user at local.host> would be relayed to <user at example.net>.
-System A doesn't recognize `!' as an address separator and therefore
-forwards it to the mail hub which in turns relays it because it came from
-a trusted local host. So if a mailserver allows UUCP (bang-format)
-addresses, all systems from which it allows relaying should do the same
-or reject those addresses.
+NOTICE: It is possible to relay mail through a system which the
+anti-relay rules do not prevent: the case of a system that does use
+FEATURE(`nouucp', `nospecial') / FEATURE(`nopercenthack', `nospecial')
+(system A) and relays local messages to a mail hub (e.g., via
+LOCAL_RELAY or LUSER_RELAY) (system B). If system B doesn't use the
+same feature (nouucp / nopercenthack) at all, addresses of the form
+<example.net!user at local.host> / <user%example.net at local.host>
+would be relayed to <user at example.net>.
+System A doesn't recognize `!' / `%' as an address separator and
+therefore forwards it to the mail hub which in turns relays it
+because it came from a trusted local host. So if a mailserver
+allows UUCP (bang-format) / %-hack addresses, all systems from which
+it allows relaying should do the same or reject those addresses.
As of 8.9, sendmail will refuse mail if the MAIL FROM: parameter has
an unresolvable domain (i.e., one that DNS, your local name service,
@@ -3990,6 +4006,13 @@ confWORK_TIME_FACTOR RetryFactor [90000]
confQUEUE_SORT_ORDER QueueSortOrder [Priority] Queue sort algorithm:
Priority, Host, Filename, Random,
Modification, or Time.
+confMAX_QUEUE_AGE MaxQueueAge [undefined] If set to a value greater
+ than zero, entries in the queue
+ will be retried during a queue run
+ only if the individual retry time
+ has been reached which is doubled
+ for each attempt. The maximum retry
+ time is limited by the specified value.
confMIN_QUEUE_AGE MinQueueAge [0] The minimum amount of time a job
must sit in the queue between queue
runs. This allows you to set the
@@ -4208,7 +4231,7 @@ confAUTH_MECHANISMS AuthMechanisms [GSSA
confAUTH_REALM AuthRealm [undefined] The authentication realm
that is passed to the Cyrus SASL
library. If no realm is specified,
- $j is used.
+ $j is used. See KNOWNBUGS.
confDEF_AUTH_INFO DefaultAuthInfo [undefined] Name of file that contains
authentication information for
outgoing connections. This file must
@@ -4241,6 +4264,14 @@ confTLS_SRV_OPTIONS TLSSrvOptions If thi
verification is performed, i.e.,
the server doesn't ask for a
certificate.
+confSERVER_SSL_OPTIONS ServerSSLOptions [undefined] SSL related
+ options for server side. See
+ SSL_CTX_set_options(3) for a list.
+confCLIENT_SSL_OPTIONS ClientSSLOptions [undefined] SSL related
+ options for client side. See
+ SSL_CTX_set_options(3) for a list.
+confCIPHER_LIST CipherList [undefined] Cipher list for TLS.
+ See ciphers(1) for possible values.
confLDAP_DEFAULT_SPEC LDAPDefaultSpec [undefined] Default map
specification for LDAP maps. The
value should only contain LDAP
@@ -4281,6 +4312,10 @@ confRAND_FILE RandFile [undefined] File
requires this option if the compile
flag HASURANDOM is not set (see
sendmail/README).
+confCERT_FINGERPRINT_ALGORITHM CertFingerprintAlgorithm
+ [undefined] The fingerprint algorithm
+ (digest) to use for the presented
+ cert.
confNICE_QUEUE_RUN NiceQueueRun [undefined] If set, the priority of
queue runners is set the given value
(nice(3)).
Modified: vendor/sendmail/dist/cf/cf/generic-bsd4.4.cf
==============================================================================
--- vendor/sendmail/dist/cf/cf/generic-bsd4.4.cf Fri Dec 12 03:58:51 2014 (r275718)
+++ vendor/sendmail/dist/cf/cf/generic-bsd4.4.cf Fri Dec 12 04:10:50 2014 (r275719)
@@ -16,8 +16,8 @@
#####
##### SENDMAIL CONFIGURATION FILE
#####
-##### built by ca at lab.smi.sendmail.com on Tue May 20 12:12:51 PDT 2014
-##### in /home/ca/sm8.git/sendmail/OpenSource/sendmail-8.14.9/cf/cf
+##### built by ca at sandman.dev-lab.sendmail.com on Tue Dec 2 16:21:20 PST 2014
+##### in /x/ca/sm8.git/sendmail/OpenSource/sendmail-8.15.1/cf/cf
##### using ../ as configuration include directory
#####
######################################################################
@@ -122,7 +122,7 @@ DnMAILER-DAEMON
CPREDIRECT
# Configuration version number
-DZ8.14.9
+DZ8.15.1
###############
@@ -259,6 +259,9 @@ O PrivacyOptions=authwarnings
# minimum time in queue before retry
#O MinQueueAge=30m
+# maximum time in queue before retry (if > 0; only for exponential delay)
+#O MaxQueueAge
+
# how many jobs can you process in the queue?
#O MaxQueueRunSize=0
@@ -509,6 +512,12 @@ O MaxHeadersLength=32768
# SMTP STARTTLS server options
#O TLSSrvOptions
+# SSL cipherlist
+#O CipherList
+# server side SSL options
+#O ServerSSLOptions
+# client side SSL options
+#O ClientSSLOptions
# Input mail filters
#O InputMailFilters
@@ -532,6 +541,8 @@ O MaxHeadersLength=32768
#O DHParameters
# Random data source (required for systems without /dev/urandom under OpenSSL)
#O RandFile
+# fingerprint algorithm (digest) to use for the presented cert
+#O CertFingerprintAlgorithm
# Maximum number of "useless" commands before slowing down
#O MaxNOOPCommands=20
@@ -539,6 +550,8 @@ O MaxHeadersLength=32768
# Name to use for EHLO (defaults to $j)
#O HeloName
+
+
############################
# QUEUE GROUP DEFINITIONS #
############################
@@ -651,6 +664,7 @@ R$* % $* $1 @ $2 First make them all
R$* @ $* @ $* $1 % $2 @ $3 Undo all but the last.
R$* @ $* $@ $>Canonify2 $1 < @ $2 > Insert < > and finish
+
# else we must be a local name
R$* $@ $>Canonify2 $1
@@ -783,6 +797,7 @@ R$* $=O $* < @ *LOCAL* >
$@ $>Parse0 $>canonify $1 $2 $3 ...@*LOCAL* -> ...
R$* < @ *LOCAL* > $: $1
+
#
# Parse1 -- the bottom half of ruleset 0.
#
@@ -820,6 +835,8 @@ R$* < @$* > $* $#esmtp $@ $2 $: $1 < @
R$=L $#local $: @ $1 special local names
R$+ $#local $: $1 regular local names
+
+
###########################################################################
### Ruleset 5 -- special rewriting after aliases have been expanded ###
###########################################################################
Modified: vendor/sendmail/dist/cf/cf/generic-hpux10.cf
==============================================================================
--- vendor/sendmail/dist/cf/cf/generic-hpux10.cf Fri Dec 12 03:58:51 2014 (r275718)
+++ vendor/sendmail/dist/cf/cf/generic-hpux10.cf Fri Dec 12 04:10:50 2014 (r275719)
@@ -16,8 +16,8 @@
#####
##### SENDMAIL CONFIGURATION FILE
#####
-##### built by ca at lab.smi.sendmail.com on Tue May 20 12:12:51 PDT 2014
-##### in /home/ca/sm8.git/sendmail/OpenSource/sendmail-8.14.9/cf/cf
+##### built by ca at sandman.dev-lab.sendmail.com on Tue Dec 2 16:21:20 PST 2014
+##### in /x/ca/sm8.git/sendmail/OpenSource/sendmail-8.15.1/cf/cf
##### using ../ as configuration include directory
#####
######################################################################
@@ -123,7 +123,7 @@ DnMAILER-DAEMON
CPREDIRECT
# Configuration version number
-DZ8.14.9
+DZ8.15.1
###############
@@ -260,6 +260,9 @@ O PrivacyOptions=authwarnings
# minimum time in queue before retry
#O MinQueueAge=30m
+# maximum time in queue before retry (if > 0; only for exponential delay)
+#O MaxQueueAge
+
# how many jobs can you process in the queue?
#O MaxQueueRunSize=0
@@ -510,6 +513,12 @@ O MaxHeadersLength=32768
# SMTP STARTTLS server options
#O TLSSrvOptions
+# SSL cipherlist
+#O CipherList
+# server side SSL options
+#O ServerSSLOptions
+# client side SSL options
+#O ClientSSLOptions
# Input mail filters
#O InputMailFilters
@@ -533,6 +542,8 @@ O MaxHeadersLength=32768
#O DHParameters
# Random data source (required for systems without /dev/urandom under OpenSSL)
#O RandFile
+# fingerprint algorithm (digest) to use for the presented cert
+#O CertFingerprintAlgorithm
# Maximum number of "useless" commands before slowing down
#O MaxNOOPCommands=20
@@ -540,6 +551,8 @@ O MaxHeadersLength=32768
# Name to use for EHLO (defaults to $j)
#O HeloName
+
+
############################
# QUEUE GROUP DEFINITIONS #
############################
@@ -652,6 +665,7 @@ R$* % $* $1 @ $2 First make them all
R$* @ $* @ $* $1 % $2 @ $3 Undo all but the last.
R$* @ $* $@ $>Canonify2 $1 < @ $2 > Insert < > and finish
+
# else we must be a local name
R$* $@ $>Canonify2 $1
@@ -784,6 +798,7 @@ R$* $=O $* < @ *LOCAL* >
$@ $>Parse0 $>canonify $1 $2 $3 ...@*LOCAL* -> ...
R$* < @ *LOCAL* > $: $1
+
#
# Parse1 -- the bottom half of ruleset 0.
#
@@ -821,6 +836,8 @@ R$* < @$* > $* $#esmtp $@ $2 $: $1 < @
R$=L $#local $: @ $1 special local names
R$+ $#local $: $1 regular local names
+
+
###########################################################################
### Ruleset 5 -- special rewriting after aliases have been expanded ###
###########################################################################
Modified: vendor/sendmail/dist/cf/cf/generic-hpux9.cf
==============================================================================
--- vendor/sendmail/dist/cf/cf/generic-hpux9.cf Fri Dec 12 03:58:51 2014 (r275718)
+++ vendor/sendmail/dist/cf/cf/generic-hpux9.cf Fri Dec 12 04:10:50 2014 (r275719)
@@ -16,8 +16,8 @@
#####
##### SENDMAIL CONFIGURATION FILE
#####
-##### built by ca at lab.smi.sendmail.com on Tue May 20 12:12:51 PDT 2014
-##### in /home/ca/sm8.git/sendmail/OpenSource/sendmail-8.14.9/cf/cf
+##### built by ca at sandman.dev-lab.sendmail.com on Tue Dec 2 16:21:20 PST 2014
+##### in /x/ca/sm8.git/sendmail/OpenSource/sendmail-8.15.1/cf/cf
##### using ../ as configuration include directory
#####
######################################################################
@@ -123,7 +123,7 @@ DnMAILER-DAEMON
CPREDIRECT
# Configuration version number
-DZ8.14.9
+DZ8.15.1
###############
@@ -260,6 +260,9 @@ O PrivacyOptions=authwarnings
# minimum time in queue before retry
#O MinQueueAge=30m
+# maximum time in queue before retry (if > 0; only for exponential delay)
+#O MaxQueueAge
+
# how many jobs can you process in the queue?
#O MaxQueueRunSize=0
@@ -510,6 +513,12 @@ O MaxHeadersLength=32768
# SMTP STARTTLS server options
#O TLSSrvOptions
+# SSL cipherlist
+#O CipherList
+# server side SSL options
+#O ServerSSLOptions
+# client side SSL options
+#O ClientSSLOptions
# Input mail filters
#O InputMailFilters
@@ -533,6 +542,8 @@ O MaxHeadersLength=32768
#O DHParameters
# Random data source (required for systems without /dev/urandom under OpenSSL)
#O RandFile
+# fingerprint algorithm (digest) to use for the presented cert
+#O CertFingerprintAlgorithm
# Maximum number of "useless" commands before slowing down
#O MaxNOOPCommands=20
@@ -540,6 +551,8 @@ O MaxHeadersLength=32768
# Name to use for EHLO (defaults to $j)
#O HeloName
+
+
############################
# QUEUE GROUP DEFINITIONS #
############################
@@ -652,6 +665,7 @@ R$* % $* $1 @ $2 First make them all
R$* @ $* @ $* $1 % $2 @ $3 Undo all but the last.
R$* @ $* $@ $>Canonify2 $1 < @ $2 > Insert < > and finish
+
# else we must be a local name
R$* $@ $>Canonify2 $1
@@ -784,6 +798,7 @@ R$* $=O $* < @ *LOCAL* >
$@ $>Parse0 $>canonify $1 $2 $3 ...@*LOCAL* -> ...
R$* < @ *LOCAL* > $: $1
+
#
# Parse1 -- the bottom half of ruleset 0.
#
@@ -821,6 +836,8 @@ R$* < @$* > $* $#esmtp $@ $2 $: $1 < @
R$=L $#local $: @ $1 special local names
R$+ $#local $: $1 regular local names
+
+
###########################################################################
### Ruleset 5 -- special rewriting after aliases have been expanded ###
###########################################################################
Modified: vendor/sendmail/dist/cf/cf/generic-linux.cf
==============================================================================
--- vendor/sendmail/dist/cf/cf/generic-linux.cf Fri Dec 12 03:58:51 2014 (r275718)
+++ vendor/sendmail/dist/cf/cf/generic-linux.cf Fri Dec 12 04:10:50 2014 (r275719)
@@ -16,8 +16,8 @@
#####
##### SENDMAIL CONFIGURATION FILE
#####
-##### built by ca at lab.smi.sendmail.com on Tue May 20 12:12:51 PDT 2014
-##### in /home/ca/sm8.git/sendmail/OpenSource/sendmail-8.14.9/cf/cf
+##### built by ca at sandman.dev-lab.sendmail.com on Tue Dec 2 16:21:20 PST 2014
+##### in /x/ca/sm8.git/sendmail/OpenSource/sendmail-8.15.1/cf/cf
##### using ../ as configuration include directory
#####
######################################################################
@@ -127,7 +127,7 @@ DnMAILER-DAEMON
CPREDIRECT
# Configuration version number
-DZ8.14.9
+DZ8.15.1
###############
@@ -264,6 +264,9 @@ O PrivacyOptions=authwarnings
# minimum time in queue before retry
#O MinQueueAge=30m
+# maximum time in queue before retry (if > 0; only for exponential delay)
+#O MaxQueueAge
+
# how many jobs can you process in the queue?
#O MaxQueueRunSize=0
@@ -514,6 +517,12 @@ O MaxHeadersLength=32768
# SMTP STARTTLS server options
#O TLSSrvOptions
+# SSL cipherlist
+#O CipherList
+# server side SSL options
+#O ServerSSLOptions
+# client side SSL options
+#O ClientSSLOptions
# Input mail filters
#O InputMailFilters
@@ -537,6 +546,8 @@ O MaxHeadersLength=32768
#O DHParameters
# Random data source (required for systems without /dev/urandom under OpenSSL)
#O RandFile
+# fingerprint algorithm (digest) to use for the presented cert
+#O CertFingerprintAlgorithm
# Maximum number of "useless" commands before slowing down
#O MaxNOOPCommands=20
@@ -544,6 +555,8 @@ O MaxHeadersLength=32768
# Name to use for EHLO (defaults to $j)
#O HeloName
+
+
############################
# QUEUE GROUP DEFINITIONS #
############################
@@ -656,6 +669,7 @@ R$* % $* $1 @ $2 First make them all
R$* @ $* @ $* $1 % $2 @ $3 Undo all but the last.
R$* @ $* $@ $>Canonify2 $1 < @ $2 > Insert < > and finish
+
# else we must be a local name
R$* $@ $>Canonify2 $1
@@ -788,6 +802,7 @@ R$* $=O $* < @ *LOCAL* >
$@ $>Parse0 $>canonify $1 $2 $3 ...@*LOCAL* -> ...
R$* < @ *LOCAL* > $: $1
+
#
# Parse1 -- the bottom half of ruleset 0.
#
@@ -825,6 +840,8 @@ R$* < @$* > $* $#esmtp $@ $2 $: $1 < @
R$=L $#local $: @ $1 special local names
R$+ $#local $: $1 regular local names
+
+
###########################################################################
### Ruleset 5 -- special rewriting after aliases have been expanded ###
###########################################################################
Modified: vendor/sendmail/dist/cf/cf/generic-mpeix.cf
==============================================================================
--- vendor/sendmail/dist/cf/cf/generic-mpeix.cf Fri Dec 12 03:58:51 2014 (r275718)
+++ vendor/sendmail/dist/cf/cf/generic-mpeix.cf Fri Dec 12 04:10:50 2014 (r275719)
@@ -16,8 +16,8 @@
#####
##### SENDMAIL CONFIGURATION FILE
#####
-##### built by ca at lab.smi.sendmail.com on Tue May 20 12:12:51 PDT 2014
-##### in /home/ca/sm8.git/sendmail/OpenSource/sendmail-8.14.9/cf/cf
+##### built by ca at sandman.dev-lab.sendmail.com on Tue Dec 2 16:21:20 PST 2014
+##### in /x/ca/sm8.git/sendmail/OpenSource/sendmail-8.15.1/cf/cf
##### using ../ as configuration include directory
#####
######################################################################
@@ -123,7 +123,7 @@ DnMAILER-DAEMON
CPREDIRECT
# Configuration version number
-DZ8.14.9
+DZ8.15.1
###############
@@ -260,6 +260,9 @@ O PrivacyOptions=authwarnings
# minimum time in queue before retry
#O MinQueueAge=30m
+# maximum time in queue before retry (if > 0; only for exponential delay)
+#O MaxQueueAge
+
# how many jobs can you process in the queue?
#O MaxQueueRunSize=0
@@ -510,6 +513,12 @@ O MaxHeadersLength=32768
# SMTP STARTTLS server options
#O TLSSrvOptions
+# SSL cipherlist
+#O CipherList
+# server side SSL options
+#O ServerSSLOptions
+# client side SSL options
+#O ClientSSLOptions
# Input mail filters
#O InputMailFilters
@@ -533,6 +542,8 @@ O MaxHeadersLength=32768
#O DHParameters
# Random data source (required for systems without /dev/urandom under OpenSSL)
#O RandFile
+# fingerprint algorithm (digest) to use for the presented cert
+#O CertFingerprintAlgorithm
# Maximum number of "useless" commands before slowing down
#O MaxNOOPCommands=20
@@ -540,6 +551,8 @@ O MaxHeadersLength=32768
# Name to use for EHLO (defaults to $j)
#O HeloName
+
+
############################
# QUEUE GROUP DEFINITIONS #
############################
@@ -652,6 +665,7 @@ R$* % $* $1 @ $2 First make them all
R$* @ $* @ $* $1 % $2 @ $3 Undo all but the last.
R$* @ $* $@ $>Canonify2 $1 < @ $2 > Insert < > and finish
+
# else we must be a local name
R$* $@ $>Canonify2 $1
@@ -784,6 +798,7 @@ R$* $=O $* < @ *LOCAL* >
$@ $>Parse0 $>canonify $1 $2 $3 ...@*LOCAL* -> ...
R$* < @ *LOCAL* > $: $1
+
#
# Parse1 -- the bottom half of ruleset 0.
#
@@ -821,6 +836,8 @@ R$* < @$* > $* $#esmtp $@ $2 $: $1 < @
R$=L $#local $: @ $1 special local names
R$+ $#local $: $1 regular local names
+
+
###########################################################################
### Ruleset 5 -- special rewriting after aliases have been expanded ###
###########################################################################
Modified: vendor/sendmail/dist/cf/cf/generic-nextstep3.3.cf
==============================================================================
--- vendor/sendmail/dist/cf/cf/generic-nextstep3.3.cf Fri Dec 12 03:58:51 2014 (r275718)
+++ vendor/sendmail/dist/cf/cf/generic-nextstep3.3.cf Fri Dec 12 04:10:50 2014 (r275719)
@@ -16,8 +16,8 @@
#####
##### SENDMAIL CONFIGURATION FILE
#####
-##### built by ca at lab.smi.sendmail.com on Tue May 20 12:12:51 PDT 2014
-##### in /home/ca/sm8.git/sendmail/OpenSource/sendmail-8.14.9/cf/cf
+##### built by ca at sandman.dev-lab.sendmail.com on Tue Dec 2 16:21:20 PST 2014
+##### in /x/ca/sm8.git/sendmail/OpenSource/sendmail-8.15.1/cf/cf
##### using ../ as configuration include directory
#####
######################################################################
@@ -122,7 +122,7 @@ DnMAILER-DAEMON
CPREDIRECT
# Configuration version number
-DZ8.14.9
+DZ8.15.1
###############
@@ -259,6 +259,9 @@ O PrivacyOptions=authwarnings
# minimum time in queue before retry
#O MinQueueAge=30m
+# maximum time in queue before retry (if > 0; only for exponential delay)
+#O MaxQueueAge
+
# how many jobs can you process in the queue?
#O MaxQueueRunSize=0
@@ -509,6 +512,12 @@ O MaxHeadersLength=32768
# SMTP STARTTLS server options
#O TLSSrvOptions
+# SSL cipherlist
+#O CipherList
+# server side SSL options
+#O ServerSSLOptions
+# client side SSL options
+#O ClientSSLOptions
# Input mail filters
#O InputMailFilters
@@ -532,6 +541,8 @@ O MaxHeadersLength=32768
#O DHParameters
# Random data source (required for systems without /dev/urandom under OpenSSL)
#O RandFile
+# fingerprint algorithm (digest) to use for the presented cert
+#O CertFingerprintAlgorithm
# Maximum number of "useless" commands before slowing down
#O MaxNOOPCommands=20
@@ -539,6 +550,8 @@ O MaxHeadersLength=32768
# Name to use for EHLO (defaults to $j)
#O HeloName
+
+
############################
# QUEUE GROUP DEFINITIONS #
############################
@@ -651,6 +664,7 @@ R$* % $* $1 @ $2 First make them all
R$* @ $* @ $* $1 % $2 @ $3 Undo all but the last.
R$* @ $* $@ $>Canonify2 $1 < @ $2 > Insert < > and finish
+
# else we must be a local name
R$* $@ $>Canonify2 $1
@@ -783,6 +797,7 @@ R$* $=O $* < @ *LOCAL* >
$@ $>Parse0 $>canonify $1 $2 $3 ...@*LOCAL* -> ...
R$* < @ *LOCAL* > $: $1
+
#
# Parse1 -- the bottom half of ruleset 0.
#
@@ -820,6 +835,8 @@ R$* < @$* > $* $#esmtp $@ $2 $: $1 < @
R$=L $#local $: @ $1 special local names
R$+ $#local $: $1 regular local names
+
+
###########################################################################
### Ruleset 5 -- special rewriting after aliases have been expanded ###
###########################################################################
Modified: vendor/sendmail/dist/cf/cf/generic-osf1.cf
==============================================================================
--- vendor/sendmail/dist/cf/cf/generic-osf1.cf Fri Dec 12 03:58:51 2014 (r275718)
+++ vendor/sendmail/dist/cf/cf/generic-osf1.cf Fri Dec 12 04:10:50 2014 (r275719)
@@ -16,8 +16,8 @@
#####
##### SENDMAIL CONFIGURATION FILE
#####
-##### built by ca at lab.smi.sendmail.com on Tue May 20 12:12:52 PDT 2014
-##### in /home/ca/sm8.git/sendmail/OpenSource/sendmail-8.14.9/cf/cf
+##### built by ca at sandman.dev-lab.sendmail.com on Tue Dec 2 16:21:20 PST 2014
+##### in /x/ca/sm8.git/sendmail/OpenSource/sendmail-8.15.1/cf/cf
##### using ../ as configuration include directory
#####
######################################################################
@@ -123,7 +123,7 @@ DnMAILER-DAEMON
CPREDIRECT
# Configuration version number
-DZ8.14.9
+DZ8.15.1
###############
@@ -260,6 +260,9 @@ O PrivacyOptions=authwarnings
# minimum time in queue before retry
#O MinQueueAge=30m
+# maximum time in queue before retry (if > 0; only for exponential delay)
+#O MaxQueueAge
+
# how many jobs can you process in the queue?
#O MaxQueueRunSize=0
@@ -510,6 +513,12 @@ O MaxHeadersLength=32768
# SMTP STARTTLS server options
#O TLSSrvOptions
+# SSL cipherlist
+#O CipherList
+# server side SSL options
+#O ServerSSLOptions
+# client side SSL options
+#O ClientSSLOptions
# Input mail filters
#O InputMailFilters
@@ -533,6 +542,8 @@ O MaxHeadersLength=32768
#O DHParameters
# Random data source (required for systems without /dev/urandom under OpenSSL)
#O RandFile
+# fingerprint algorithm (digest) to use for the presented cert
+#O CertFingerprintAlgorithm
# Maximum number of "useless" commands before slowing down
#O MaxNOOPCommands=20
@@ -540,6 +551,8 @@ O MaxHeadersLength=32768
# Name to use for EHLO (defaults to $j)
#O HeloName
+
+
############################
# QUEUE GROUP DEFINITIONS #
############################
@@ -652,6 +665,7 @@ R$* % $* $1 @ $2 First make them all
R$* @ $* @ $* $1 % $2 @ $3 Undo all but the last.
R$* @ $* $@ $>Canonify2 $1 < @ $2 > Insert < > and finish
+
# else we must be a local name
R$* $@ $>Canonify2 $1
@@ -784,6 +798,7 @@ R$* $=O $* < @ *LOCAL* >
$@ $>Parse0 $>canonify $1 $2 $3 ...@*LOCAL* -> ...
R$* < @ *LOCAL* > $: $1
+
#
# Parse1 -- the bottom half of ruleset 0.
#
@@ -821,6 +836,8 @@ R$* < @$* > $* $#esmtp $@ $2 $: $1 < @
R$=L $#local $: @ $1 special local names
R$+ $#local $: $1 regular local names
+
+
###########################################################################
### Ruleset 5 -- special rewriting after aliases have been expanded ###
###########################################################################
Modified: vendor/sendmail/dist/cf/cf/generic-solaris.cf
==============================================================================
--- vendor/sendmail/dist/cf/cf/generic-solaris.cf Fri Dec 12 03:58:51 2014 (r275718)
+++ vendor/sendmail/dist/cf/cf/generic-solaris.cf Fri Dec 12 04:10:50 2014 (r275719)
@@ -16,8 +16,8 @@
#####
##### SENDMAIL CONFIGURATION FILE
#####
-##### built by ca at lab.smi.sendmail.com on Tue May 20 12:12:52 PDT 2014
-##### in /home/ca/sm8.git/sendmail/OpenSource/sendmail-8.14.9/cf/cf
+##### built by ca at sandman.dev-lab.sendmail.com on Tue Dec 2 16:21:20 PST 2014
+##### in /x/ca/sm8.git/sendmail/OpenSource/sendmail-8.15.1/cf/cf
##### using ../ as configuration include directory
#####
######################################################################
@@ -122,7 +122,7 @@ DnMAILER-DAEMON
CPREDIRECT
# Configuration version number
-DZ8.14.9
+DZ8.15.1
###############
@@ -259,6 +259,9 @@ O PrivacyOptions=authwarnings
# minimum time in queue before retry
#O MinQueueAge=30m
+# maximum time in queue before retry (if > 0; only for exponential delay)
+#O MaxQueueAge
*** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
More information about the svn-src-all
mailing list