|
|
|
| この画面は http://home.jp.FreeBSD.org/~koga/cf/ から勝手に持って来て自分用に見易くしたものです。 原本の更新よりも古い可能性があります。 | ||
http://www.sendmail.org/m4/tweaking_config.html
詳細な設定 (confXXXX)通常では変更の必要がない数多くの設定用オプションがあります。 しかし、それらに変更を加えたいと思う場合、 以下に示す M4 マクロに値を設定することができます。以下のリストは 4 カラムで構成されています。 順に、 対象のマクロ名定義、 定義値のデフォルト、 有効に設定できるオプションあるいはマクロ (オプションとして Ox に、あるいはマクロとして Dx のいずれかに設定で きる)、 簡略説明です。 これらの意味については Installation and Operations Guide に詳しく載っています。 いくつかのオプションは、将来の版で推奨されなくなることがあります。 それは該当するオプションは古い版との後方互換性を提供するためだけに含まれるということです。 そのようなオプションには印として * が付いています。 以下に示すオプションは M4 の変数です。そのため、引用符で囲む必要があります。 とりわけ、コンマを含む引数は、 コンマが含まれることで生じる問題を防ぐために、 大抵の場合 ``コンマを含むこの例の様に, 二重に括る'' 必要があります。 alias ファイルの定義や読み出し時のタイムアウトの設定では通常このようにします。 M4 Variable Name Configuration Description & [Default] ================ ============= ======================= confMAILER_NAME $n macro [MAILER-DAEMON] The sender name used for internally generated outgoing messages.
confDOMAIN_NAME $j macro If defined, sets $j. This should
only be done if your system cannot
determine your local domain name,
and then it should be set to
$w.Foo.COM, where Foo.COM is your
domain name.
confCF_VERSION $Z macro If defined, this is appended to the
configuration version name.
confFROM_HEADER From: [$?x$x <$g>$|$g$.] The format of an
internally generated From: address.
confRECEIVED_HEADER Received:
[$?sfrom $s $.$?_($?s$|from $.$_)
$.$?{auth_type}(authenticated)
$.by $j ($v/$Z)$?r with $r$. id $i$?u
for $u; $|;
$.$b]
The format of the Received: header
in messages passed through this host.
It is unwise to try to change this.
confCW_FILE Fw class [/etc/mail/local-host-names] Name
of file used to get the local
additions to class {w} (local host
names).
confCT_FILE Ft class [/etc/mail/trusted-users] Name of
file used to get the local additions
to class {t} (trusted users).
confCR_FILE FR class [/etc/mail/relay-domains] Name of
file used to get the local additions
to class {R} (hosts allowed to relay).
confTRUSTED_USERS Ct class [no default] Names of users to add to
the list of trusted users. This list
always includes root, uucp, and daemon.
See also FEATURE(`use_ct_file').
confTRUSTED_USER TrustedUser [no default] Trusted user for file
ownership and starting the daemon.
Not to be confused with
confTRUSTED_USERS (see above).
confSMTP_MAILER - [esmtp] The mailer name used when
SMTP connectivity is required.
One of "smtp", "smtp8",
"esmtp", or "dsmtp".
confUUCP_MAILER - [uucp-old] The mailer to be used by
default for bang-format recipient
addresses. See also discussion of
class {U}, class {Y}, and class {Z}
in the MAILER(`uucp') section.
confLOCAL_MAILER - [local] The mailer name used when
local connectivity is required.
Almost always "local".
confRELAY_MAILER - [relay] The default mailer name used
for relaying any mail (e.g., to a
BITNET_RELAY, a SMART_HOST, or
whatever). This can reasonably be
"uucp-new" if you are on a
UUCP-connected site.
confSEVEN_BIT_INPUT SevenBitInput [False] Force input to seven bits?
confEIGHT_BIT_HANDLING EightBitMode [pass8] 8-bit data handling
confALIAS_WAIT AliasWait [10m] Time to wait for alias file
rebuild until you get bored and
decide that the apparently pending
rebuild failed.
confMIN_FREE_BLOCKS MinFreeBlocks [100] Minimum number of free blocks on
queue filesystem to accept SMTP mail.
(Prior to 8.7 this was minfree/maxsize,
where minfree was the number of free
blocks and maxsize was the maximum
message size. Use confMAX_MESSAGE_SIZE
for the second value now.)
confMAX_MESSAGE_SIZE MaxMessageSize [infinite] The maximum size of messages
that will be accepted (in bytes).
confBLANK_SUB BlankSub [.] Blank (space) substitution
character.
confCON_EXPENSIVE HoldExpensive [False] Avoid connecting immediately
to mailers marked expensive.
confCHECKPOINT_INTERVAL CheckpointInterval
[10] Checkpoint queue files every N
recipients.
confDELIVERY_MODE DeliveryMode [background] Default delivery mode.
confAUTO_REBUILD AutoRebuildAliases
[False] Automatically rebuild alias
file if needed.
There is a potential for a denial
of service attack if this is set.
This option is deprecated and will
be removed from a future version.
confERROR_MODE ErrorMode [print] Error message mode.
confERROR_MESSAGE ErrorHeader [undefined] Error message header/file.
confSAVE_FROM_LINES SaveFromLine Save extra leading From_ lines.
confTEMP_FILE_MODE TempFileMode [0600] Temporary file mode.
confMATCH_GECOS MatchGECOS [False] Match GECOS field.
confMAX_HOP MaxHopCount [25] Maximum hop count.
confIGNORE_DOTS* IgnoreDots [False; always False in -bs or -bd
mode] Ignore dot as terminator for
incoming messages?
confBIND_OPTS ResolverOptions [undefined] Default options for DNS
resolver.
confMIME_FORMAT_ERRORS* SendMimeErrors [True] Send error messages as MIME-
encapsulated messages per RFC 1344.
confFORWARD_PATH ForwardPath [$z/.forward.$w:$z/.forward]
The colon-separated list of places to
search for .forward files. N.B.: see
the Security Notes section.
confMCI_CACHE_SIZE ConnectionCacheSize
[2] Size of open connection cache.
confMCI_CACHE_TIMEOUT ConnectionCacheTimeout
[5m] Open connection cache timeout.
confHOST_STATUS_DIRECTORY HostStatusDirectory
[undefined] If set, host status is kept
on disk between sendmail runs in the
named directory tree. This need not be
a full pathname, in which case it is
interpreted relative to the queue
directory.
confSINGLE_THREAD_DELIVERY SingleThreadDelivery
[False] If this option and the
HostStatusDirectory option are both
set, single thread deliveries to other
hosts. That is, don't allow any two
sendmails on this host to connect
simultaneously to any other single
host. This can slow down delivery in
some cases, in particular since a
cached but otherwise idle connection
to a host will prevent other sendmails
from connecting to the other host.
confUSE_ERRORS_TO* UseErrorsTo [False] Use the Errors-To: header to
deliver error messages. This should
not be necessary because of general
acceptance of the envelope/header
distinction.
confLOG_LEVEL LogLevel [9] Log level.
confME_TOO MeToo [True] Include sender in group
expansions. This option is
deprecated and will be removed from
a future version.
confCHECK_ALIASES CheckAliases [False] Check RHS of aliases when
running newaliases. Since this does
DNS lookups on every address, it can
slow down the alias rebuild process
considerably on large alias files.
confOLD_STYLE_HEADERS* OldStyleHeaders [True] Assume that headers without
special chars are old style.
confCLIENT_OPTIONS ClientPortOptions
[none] Options for outgoing SMTP client
connections.
confPRIVACY_FLAGS PrivacyOptions [authwarnings] Privacy flags.例えば、これを設定する時は、 define(`confPRIVACY_FLAGS', ``authwarnings,noexpn,novrfy'')
等とする。引用符の向きと、数に注意。
confCOPY_ERRORS_TO PostmasterCopy [undefined] Address for additional copies of all error messages. confQUEUE_FACTOR QueueFactor [600000] Slope of queue-only function. confDONT_PRUNE_ROUTES DontPruneRoutes [False] Don't prune down route-addr syntax addresses to the minimum possible. confSAFE_QUEUE* SuperSafe [True] Commit all messages to disk before forking. confTO_INITIAL Timeout.initial [5m] The timeout waiting for a response on the initial connect. confTO_CONNECT Timeout.connect [0] The timeout waiting for an initial connect() to complete. This can only shorten connection timeouts; the kernel silently enforces an absolute maximum (which varies depending on the system). confTO_ICONNECT Timeout.iconnect [undefined] Like Timeout.connect, but applies only to the very first attempt to connect to a host in a message. This allows a single very fast pass followed by more careful delivery attempts in the future. confTO_HELO Timeout.helo [5m] The timeout waiting for a response to a HELO or EHLO command. confTO_MAIL Timeout.mail [10m] The timeout waiting for a response to the MAIL command. confTO_RCPT Timeout.rcpt [1h] The timeout waiting for a response to the RCPT command. confTO_DATAINIT Timeout.datainit [5m] The timeout waiting for a 354 response from the DATA command. confTO_DATABLOCK Timeout.datablock [1h] The timeout waiting for a block during DATA phase. confTO_DATAFINAL Timeout.datafinal [1h] The timeout waiting for a response to the final "." that terminates a message. confTO_RSET Timeout.rset [5m] The timeout waiting for a response to the RSET command. confTO_QUIT Timeout.quit [2m] The timeout waiting for a response to the QUIT command. confTO_MISC Timeout.misc [2m] The timeout waiting for a response to other SMTP commands. confTO_COMMAND Timeout.command [1h] In server SMTP, the timeout waiting for a command to be issued. confTO_IDENT Timeout.ident [5s] The timeout waiting for a response to an IDENT query. confTO_FILEOPEN Timeout.fileopen [60s] The timeout waiting for a file (e.g., :include: file) to be opened. confTO_CONTROL Timeout.control [2m] The timeout for a complete control socket transaction to complete. confTO_QUEUERETURN Timeout.queuereturn [5d] The timeout before a message is returned as undeliverable. confTO_QUEUERETURN_NORMAL Timeout.queuereturn.normal [undefined] As above, for normal priority messages. confTO_QUEUERETURN_URGENT Timeout.queuereturn.urgent [undefined] As above, for urgent priority messages. confTO_QUEUERETURN_NONURGENT Timeout.queuereturn.non-urgent [undefined] As above, for non-urgent (low) priority messages. confTO_QUEUEWARN Timeout.queuewarn [4h] The timeout before a warning message is sent to the sender telling them that the message has been deferred. confTO_QUEUEWARN_NORMAL Timeout.queuewarn.normal [undefined] As above, for normal priority messages. confTO_QUEUEWARN_URGENT Timeout.queuewarn.urgent [undefined] As above, for urgent priority messages. confTO_QUEUEWARN_NONURGENT Timeout.queuewarn.non-urgent [undefined] As above, for non-urgent (low) priority messages. confTO_HOSTSTATUS Timeout.hoststatus [30m] How long information about host statuses will be maintained before it is considered stale and the host should be retried. This applies both within a single queue run and to persistent information (see below). confTO_RESOLVER_RETRANS Timeout.resolver.retrans [varies] Sets the resolver's retransmition time interval (in seconds). Sets both Timeout.resolver.retrans.first and Timeout.resolver.retrans.normal. confTO_RESOLVER_RETRANS_FIRST Timeout.resolver.retrans.first [varies] Sets the resolver's retransmition time interval (in seconds) for the first attempt to deliver a message. confTO_RESOLVER_RETRANS_NORMAL Timeout.resolver.retrans.normal [varies] Sets the resolver's retransmition time interval (in seconds) for all resolver lookups except the first delivery attempt. confTO_RESOLVER_RETRY Timeout.resolver.retry [varies] Sets the number of times to retransmit a resolver query. Sets both Timeout.resolver.retry.first and Timeout.resolver.retry.normal. confTO_RESOLVER_RETRY_FIRST Timeout.resolver.retry.first [varies] Sets the number of times to retransmit a resolver query for the first attempt to deliver a message. confTO_RESOLVER_RETRY_NORMAL Timeout.resolver.retry.normal [varies] Sets the number of times to retransmit a resolver query for all resolver lookups except the first delivery attempt. confTIME_ZONE TimeZoneSpec [USE_SYSTEM] Time zone info -- can be USE_SYSTEM to use the system's idea, USE_TZ to use the user's TZ envariable, or something else to force that value. confDEF_USER_ID DefaultUser [1:1] Default user id. confUSERDB_SPEC UserDatabaseSpec [undefined] User database specification. confFALLBACK_MX FallbackMXhost [undefined] Fallback MX host. confTRY_NULL_MX_LIST TryNullMXList [False] If this host is the best MX for a host and other arrangements haven't been made, try connecting to the host directly; normally this would be a config error. confQUEUE_LA QueueLA [varies] Load average at which queue-only function kicks in. Default values is (8 * numproc) where numproc is the number of processors online (if that can be determined). confREFUSE_LA RefuseLA [varies] Load average at which incoming SMTP connections are refused. Default values is (12 * numproc) where numproc is the number of processors online (if that can be determined). confMAX_ALIAS_RECURSION MaxAliasRecursion [10] Maximum depth of alias recursion. confMAX_DAEMON_CHILDREN MaxDaemonChildren [undefined] The maximum number of children the daemon will permit. After this number, connections will be rejected. If not set or <= 0, there is no limit. confMAX_HEADERS_LENGTH MaxHeadersLength [32768] Maximum length of the sum of all headers. confMAX_MIME_HEADER_LENGTH MaxMimeHeaderLength [undefined] Maximum length of certain MIME header field values. confCONNECTION_RATE_THROTTLE ConnectionRateThrottle [undefined] The maximum number of connections permitted per second. After this many connections are accepted, further connections will be delayed. If not set or <= 0, there is no limit. confWORK_RECIPIENT_FACTOR RecipientFactor [30000] Cost of each recipient. confSEPARATE_PROC ForkEachJob [False] Run all deliveries in a separate process. confWORK_CLASS_FACTOR ClassFactor [1800] Priority multiplier for class. confWORK_TIME_FACTOR RetryFactor [90000] Cost of each delivery attempt. confQUEUE_SORT_ORDER QueueSortOrder [Priority] Queue sort algorithm: Priority, Host, Filename, or Time. confMIN_QUEUE_AGE MinQueueAge [0] The minimum amount of time a job must sit in the queue between queue runs. This allows you to set the queue run interval low for better responsiveness without trying all jobs in each run. confDEF_CHAR_SET DefaultCharSet [unknown-8bit] When converting unlabeled 8 bit input to MIME, the character set to use by default. confSERVICE_SWITCH_FILE ServiceSwitchFile [/etc/mail/service.switch] The file to use for the service switch on systems that do not have a system-defined switch. confHOSTS_FILE HostsFile [/etc/hosts] The file to use when doing "file" type access of hosts names. confDIAL_DELAY DialDelay [0s] If a connection fails, wait this long and try again. Zero means "don't retry". This is to allow "dial on demand" connections to have enough time to complete a connection. confNO_RCPT_ACTION NoRecipientAction [none] What to do if there are no legal recipient fields (To:, Cc: or Bcc:) in the message. Legal values can be "none" to just leave the nonconforming message as is, "add-to" to add a To: header with all the known recipients (which may expose blind recipients), "add-apparently-to" to do the same but use Apparently-To: instead of To:, "add-bcc" to add an empty Bcc: header, or "add-to-undisclosed" to add the header ``To: undisclosed-recipients:;''. confSAFE_FILE_ENV SafeFileEnvironment [undefined] If set, sendmail will do a chroot() into this directory before writing files. confCOLON_OK_IN_ADDR ColonOkInAddr [True unless Configuration Level > 6] If set, colons are treated as a regular character in addresses. If not set, they are treated as the introducer to the RFC 822 "group" syntax. Colons are handled properly in route-addrs. This option defaults on for V5 and lower configuration files. confMAX_QUEUE_RUN_SIZE MaxQueueRunSize [0] If set, limit the maximum size of any given queue run to this number of entries. Essentially, this will stop reading each queue directory after this number of entries are reached; it does _not_ pick the highest priority jobs, so this should be as large as your system can tolerate. If not set, there is no limit.
confFROM_LINE UnixFromLine [From $g $d] The From_ line used when sending to files or programs. confSINGLE_LINE_FROM_HEADER SingleLineFromHeader [False] From: lines that have embedded newlines are unwrapped onto one line. confALLOW_BOGUS_HELO AllowBogusHELO [False] Allow HELO SMTP command that does not include a host name. confMUST_QUOTE_CHARS MustQuoteChars [.'] Characters to be quoted in a full name phrase (@,;:\()[] are automatic). confOPERATORS OperatorChars [.:%@!^/[]+] Address operator characters. confSMTP_LOGIN_MSG SmtpGreetingMessage [$j Sendmail $v/$Z; $b] The initial (spontaneous) SMTP greeting message. The word "ESMTP" will be inserted between the first and second words to convince other sendmails to try to speak ESMTP. confDONT_INIT_GROUPS DontInitGroups [False] If set, the initgroups(3) routine will never be invoked. You might want to do this if you are running NIS and you have a large group map, since this call does a sequential scan of the map; in a large site this can cause your ypserv to run essentially full time. If you set this, agents run on behalf of users will only have their primary (/etc/passwd) group permissions. confUNSAFE_GROUP_WRITES UnsafeGroupWrites [False] If set, group-writable :include: and .forward files are considered "unsafe", that is, programs and files cannot be directly referenced from such files. World-writable files are always considered unsafe. confCONNECT_ONLY_TO ConnectOnlyTo [undefined] override connection address (for testing). confCONTROL_SOCKET_NAME ControlSocketName [undefined] Control socket for daemon management. confDOUBLE_BOUNCE_ADDRESS DoubleBounceAddress [postmaster] If an error occurs when sending an error message, send that "double bounce" error message to this address. confDEAD_LETTER_DROP DeadLetterDrop [undefined] Filename to save bounce messages which could not be returned to the user or sent to postmaster. If not set, the queue file will be renamed. confRRT_IMPLIES_DSN RrtImpliesDsn [False] Return-Receipt-To: header implies DSN request. confRUN_AS_USER RunAsUser [undefined] If set, become this user when reading and delivering mail. Causes all file reads (e.g., .forward and :include: files) to be done as this user. Also, all programs will be run as this user, and all output files will be written as this user. Intended for use only on firewalls where users do not have accounts.
confPID_FILE PidFile [system dependent] Location of pid file. confPROCESS_TITLE_PREFIX ProcessTitlePrefix [undefined] Prefix string for the process title shown on 'ps' listings. confDONT_BLAME_SENDMAIL DontBlameSendmail [safe] Override sendmail's file safety checks. This will definitely compromise system security and should not be used unless absolutely necessary. confREJECT_MSG - [550 Access denied] The message given if the access database contains REJECT in the value portion. confDF_BUFFER_SIZE DataFileBufferSize [4096] The maximum size of a memory-buffered data (df) file before a disk-based file is used. confXF_BUFFER_SIZE XScriptFileBufferSize [4096] The maximum size of a memory-buffered transcript (xf) file before a disk-based file is used. confAUTH_MECHANISMS AuthMechanisms [GSSAPI KERBEROS_V4 DIGEST-MD5 CRAM-MD5] List of authentication mechanisms for AUTH (separated by spaces). The advertised list of authentication mechanisms will be the intersection of this list and the list of available mechanisms as determined by the CYRUS SASL library.
confAUTH_OPTIONS AuthOptions [undefined] If this options is 'A'
then the AUTH= parameter for the
MAIL FROM command is only issued
when authentication succeeded.
confLDAP_DEFAULT_SPEC LDAPDefaultSpec [undefined] Default map
specification for LDAP maps. The
value should only contain LDAP
specific settings such as "-h host
-p port -d bindDN", etc. The
settings will be used for all LDAP
maps unless they are specified in
the individual map specification
('K' command).
confCACERT_PATH CACERTPath [undefined] Path to directory
with certs of CAs.
confCACERT CACERTFile [undefined] File containing one CA
cert.
confSERVER_CERT ServerCertFile [undefined] File containing the
cert of the server, i.e., this cert
is used when sendmail acts as
server.
confSERVER_KEY ServerKeyFile [undefined] File containing the
private key belonging to the server
cert.
confCLIENT_CERT ClientCertFile [undefined] File containing the
cert of the client, i.e., this cert
is used when sendmail acts as
client.
confCLIENT_KEY ClientKeyFile [undefined] File containing the
private key belonging to the client
cert.
confDH_PARAMETERS DHParameters [undefined] File containing the
DH parameters.
confRAND_FILE RandFile [undefined] File containing random
data (use prefix file:) or the
name of the UNIX socket if EGD is
used (use prefix egd:). STARTTLS
requires this option if the compile
flag HASURANDOM is not set (see
sendmail/README).
See also the description of
OSTYPE
for some parameters that can be
tweaked (generally pathnames to mailers).
DaemonPortOptions are a special case since multiple daemons can be
defined. This can be done via
DAEMON_OPTIONS(`field1=value1,field2=value2,...')
If DAEMON_OPTIONS is not used, then the default is
DAEMON_OPTIONS(`Port=smtp, Name=MTA')
DAEMON_OPTIONS(`Port=587, Name=MSA, M=E')
If you use one DAEMON_OPTIONS macro, it will alter the parameters
of the first of these. The second will still be defaulted; it
represents a "Message Submission Agent" (MSA) as defined by RFC
2476 (see below). To turn off the default definition for the MSA,
use FEATURE(`no_default_msa') (see also FEATURES). If you use
additional DAEMON_OPTIONS macros, they will add additional daemons.
Example 1: To change the port for the SMTP listener, while still using the MSA default, use DAEMON_OPTIONS(`Port=925, Name=MTA')
Example 2: To change the port for the MSA daemon, while still using the default SMTP port, use FEATURE(`no_default_msa')
DAEMON_OPTIONS(`Name=MTA')
DAEMON_OPTIONS(`Port=987, Name=MSA, M=E')
Note that if the first of those DAEMON_OPTIONS lines were omitted, then
there would be no listener on the standard SMTP port.
Example 3: To listen on both IPv4 and IPv6 interfaces, use
DAEMON_OPTIONS(`Name=MTA-v4, Family=inet')
DAEMON_OPTIONS(`Name=MTA-v6, Family=inet6')
A "Message Submission Agent" still uses all of the same rulesets for
processing the message (and therefore still allows message rejection via
the check_* rulesets). In accordance with the RFC, the MSA will ensure
that all domains in the envelope are fully qualified if the message is
relayed to another MTA. It will also enforce the normal address syntax
rules and log error messages. Additionally, by using the M=a modifier
you can require authentication before messages are accepted by the MSA.
Notice: Do NOT use the 'a' modifier on a public accessible MTA!
Finally, the M=E modifier shown above disables ETRN as required by RFC
2476.
| ||
|
この画面は jeedosaquin を使って表示しています。 Copyright cf Project これらの画面は http://home.jp.FreeBSD.org/~koga/cf/ から勝手に持って来て自分用に見易くした(つもりの)ものです。 原訳の更新よりも古い可能性があります。英語版: http://home.jp.freebsd.org/~koga/cf/README.orig
|