#ifndef _MAIL_PARAMS_H_INCLUDED_ #define _MAIL_PARAMS_H_INCLUDED_ /*++ /* NAME /* mail_params 3h /* SUMMARY /* globally configurable parameters /* SYNOPSIS /* #include /* DESCRIPTION /* .nf /* * This is to make it easier to auto-generate tables. */ typedef int bool; #ifdef USE_TLS #include /* OPENSSL_VERSION_NUMBER */ #include /* SN_* and NID_* macros */ #if OPENSSL_VERSION_NUMBER < 0x1010100fUL #error "OpenSSL releases prior to 1.1.1 are no longer supported" #endif #endif /* * Name used when this mail system announces itself. */ #define VAR_MAIL_NAME "mail_name" #define DEF_MAIL_NAME "Postfix" extern char *var_mail_name; /* * You want to be helped or not. */ #define VAR_HELPFUL_WARNINGS "helpful_warnings" #define DEF_HELPFUL_WARNINGS 1 extern bool var_helpful_warnings; /* * You want to be helped or not. */ #define VAR_SHOW_UNK_RCPT_TABLE "show_user_unknown_table_name" #define DEF_SHOW_UNK_RCPT_TABLE 1 extern bool var_show_unk_rcpt_table; /* * Compatibility level and migration support. Update postconf(5), * COMPATIBILITY_README, global/mail_params.[hc] and conf/main.cf when * updating the current compatibility level. */ #define COMPAT_LEVEL_0 "0" #define COMPAT_LEVEL_1 "1" #define COMPAT_LEVEL_2 "2" #define COMPAT_LEVEL_3_6 "3.6" #define LAST_COMPAT_LEVEL COMPAT_LEVEL_3_6 #define VAR_COMPAT_LEVEL "compatibility_level" #define DEF_COMPAT_LEVEL COMPAT_LEVEL_0 extern char *var_compatibility_level; extern int warn_compat_break_app_dot_mydomain; extern int warn_compat_break_smtputf8_enable; extern int warn_compat_break_chroot; extern int warn_compat_break_relay_restrictions; /* Postfix 2.10. */ extern int warn_compat_break_relay_domains; extern int warn_compat_break_flush_domains; extern int warn_compat_break_mynetworks_style; extern int warn_compat_break_smtpd_tls_fpt_dgst; extern int warn_compat_break_smtp_tls_fpt_dgst; extern int warn_compat_break_lmtp_tls_fpt_dgst; extern int warn_compat_relay_before_rcpt_checks; extern int warn_compat_respectful_logging; extern long compat_level; /* * What problem classes should be reported to the postmaster via email. * Default is bad problems only. See mail_error(3). Even when mail notices * are disabled, problems are still logged to the syslog daemon. * * Do not add "protocol" to the default setting. It gives Postfix a bad * reputation: people get mail whenever spam software makes a mistake. */ #define VAR_NOTIFY_CLASSES "notify_classes" #define DEF_NOTIFY_CLASSES "resource, software" /* Not: "protocol" */ extern char *var_notify_classes; /* * What do I turn <> into? Sendmail defaults to mailer-daemon. */ #define VAR_EMPTY_ADDR "empty_address_recipient" #define DEF_EMPTY_ADDR MAIL_ADDR_MAIL_DAEMON extern char *var_empty_addr; /* * Privileges used by the mail system: the owner of files and commands, and * the rights to be used when running external commands. */ #define VAR_MAIL_OWNER "mail_owner" #define DEF_MAIL_OWNER "postfix" extern char *var_mail_owner; extern uid_t var_owner_uid; extern gid_t var_owner_gid; #define VAR_SGID_GROUP "setgid_group" #define DEF_SGID_GROUP "postdrop" extern char *var_sgid_group; extern gid_t var_sgid_gid; #define VAR_DEFAULT_PRIVS "default_privs" #define DEF_DEFAULT_PRIVS "nobody" extern char *var_default_privs; extern uid_t var_default_uid; extern gid_t var_default_gid; /* * Access control for local privileged operations: */ #define STATIC_ANYONE_ACL "static:anyone" #define VAR_FLUSH_ACL "authorized_flush_users" #define DEF_FLUSH_ACL STATIC_ANYONE_ACL extern char *var_flush_acl; #define VAR_SHOWQ_ACL "authorized_mailq_users" #define DEF_SHOWQ_ACL STATIC_ANYONE_ACL extern char *var_showq_acl; #define VAR_SUBMIT_ACL "authorized_submit_users" #define DEF_SUBMIT_ACL STATIC_ANYONE_ACL extern char *var_submit_acl; /* * Local submission, envelope sender ownership. */ #define VAR_LOCAL_LOGIN_SND_MAPS "local_login_sender_maps" #define DEF_LOCAL_LOGIN_SND_MAPS "static:*" extern char *var_local_login_snd__maps; #define VAR_NULL_LOCAL_LOGIN_SND_MAPS_KEY "empty_address_local_login_sender_maps_lookup_key" #define DEF_NULL_LOCAL_LOGIN_SND_MAPS_KEY "<>" extern char *var_null_local_login_snd_maps_key; /* * What goes on the right-hand side of addresses of mail sent from this * machine. */ #define VAR_MYORIGIN "myorigin" #define DEF_MYORIGIN "$myhostname" extern char *var_myorigin; /* * What domains I will receive mail for. Not to be confused with transit * mail to other destinations. */ #define VAR_MYDEST "mydestination" #define DEF_MYDEST "$myhostname, localhost.$mydomain, localhost" extern char *var_mydest; /* * These are by default taken from the name service. */ #define VAR_MYHOSTNAME "myhostname" /* my hostname (fqdn) */ extern char *var_myhostname; #define VAR_MYDOMAIN "mydomain" /* my domain name */ #define DEF_MYDOMAIN "localdomain" extern char *var_mydomain; /* * The default local delivery transport. */ #define VAR_LOCAL_TRANSPORT "local_transport" #define DEF_LOCAL_TRANSPORT MAIL_SERVICE_LOCAL ":$myhostname" extern char *var_local_transport; /* * Where to send postmaster copies of bounced mail, and other notices. */ #define VAR_BOUNCE_RCPT "bounce_notice_recipient" #define DEF_BOUNCE_RCPT "postmaster" extern char *var_bounce_rcpt; #define VAR_2BOUNCE_RCPT "2bounce_notice_recipient" #define DEF_2BOUNCE_RCPT "postmaster" extern char *var_2bounce_rcpt; #define VAR_DELAY_RCPT "delay_notice_recipient" #define DEF_DELAY_RCPT "postmaster" extern char *var_delay_rcpt; #define VAR_ERROR_RCPT "error_notice_recipient" #define DEF_ERROR_RCPT "postmaster" extern char *var_error_rcpt; /* * Virtual host support. Default is to listen on all machine interfaces. */ #define VAR_INET_INTERFACES "inet_interfaces" /* listen addresses */ #define INET_INTERFACES_ALL "all" #define INET_INTERFACES_LOCAL "loopback-only" #define DEF_INET_INTERFACES INET_INTERFACES_ALL extern char *var_inet_interfaces; #define VAR_PROXY_INTERFACES "proxy_interfaces" /* proxies, NATs */ #define DEF_PROXY_INTERFACES "" extern char *var_proxy_interfaces; /* * Masquerading (i.e. subdomain stripping). */ #define VAR_MASQ_DOMAINS "masquerade_domains" #define DEF_MASQ_DOMAINS "" extern char *var_masq_domains; #define VAR_MASQ_EXCEPTIONS "masquerade_exceptions" #define DEF_MASQ_EXCEPTIONS "" extern char *var_masq_exceptions; #define MASQ_CLASS_ENV_FROM "envelope_sender" #define MASQ_CLASS_ENV_RCPT "envelope_recipient" #define MASQ_CLASS_HDR_FROM "header_sender" #define MASQ_CLASS_HDR_RCPT "header_recipient" #define VAR_MASQ_CLASSES "masquerade_classes" #define DEF_MASQ_CLASSES MASQ_CLASS_ENV_FROM ", " \ MASQ_CLASS_HDR_FROM ", " \ MASQ_CLASS_HDR_RCPT extern char *var_masq_classes; /* * Intranet versus internet. */ #define VAR_RELAYHOST "relayhost" #define DEF_RELAYHOST "" extern char *var_relayhost; #define VAR_SND_RELAY_MAPS "sender_dependent_relayhost_maps" #define DEF_SND_RELAY_MAPS "" extern char *var_snd_relay_maps; #define VAR_NULL_RELAY_MAPS_KEY "empty_address_relayhost_maps_lookup_key" #define DEF_NULL_RELAY_MAPS_KEY "<>" extern char *var_null_relay_maps_key; #define VAR_SMTP_FALLBACK "smtp_fallback_relay" #define DEF_SMTP_FALLBACK "$fallback_relay" #define VAR_LMTP_FALLBACK "lmtp_fallback_relay" #define DEF_LMTP_FALLBACK "" #define DEF_FALLBACK_RELAY "" extern char *var_fallback_relay; #define VAR_DISABLE_DNS "disable_dns_lookups" #define DEF_DISABLE_DNS 0 extern bool var_disable_dns; #define SMTP_DNS_SUPPORT_DISABLED "disabled" #define SMTP_DNS_SUPPORT_ENABLED "enabled" #define SMTP_DNS_SUPPORT_DNSSEC "dnssec" #define VAR_SMTP_DNS_SUPPORT "smtp_dns_support_level" #define DEF_SMTP_DNS_SUPPORT "" #define VAR_LMTP_DNS_SUPPORT "lmtp_dns_support_level" #define DEF_LMTP_DNS_SUPPORT "" extern char *var_smtp_dns_support; #define SMTP_HOST_LOOKUP_DNS "dns" #define SMTP_HOST_LOOKUP_NATIVE "native" #define VAR_SMTP_HOST_LOOKUP "smtp_host_lookup" #define DEF_SMTP_HOST_LOOKUP SMTP_HOST_LOOKUP_DNS #define VAR_LMTP_HOST_LOOKUP "lmtp_host_lookup" #define DEF_LMTP_HOST_LOOKUP SMTP_HOST_LOOKUP_DNS extern char *var_smtp_host_lookup; #define SMTP_DNS_RES_OPT_DEFNAMES "res_defnames" #define SMTP_DNS_RES_OPT_DNSRCH "res_dnsrch" #define VAR_SMTP_DNS_RES_OPT "smtp_dns_resolver_options" #define DEF_SMTP_DNS_RES_OPT "" #define VAR_LMTP_DNS_RES_OPT "lmtp_dns_resolver_options" #define DEF_LMTP_DNS_RES_OPT "" extern char *var_smtp_dns_res_opt; #define VAR_SMTP_MXADDR_LIMIT "smtp_mx_address_limit" #define DEF_SMTP_MXADDR_LIMIT 5 #define VAR_LMTP_MXADDR_LIMIT "lmtp_mx_address_limit" #define DEF_LMTP_MXADDR_LIMIT 5 extern int var_smtp_mxaddr_limit; #define VAR_SMTP_MXSESS_LIMIT "smtp_mx_session_limit" #define DEF_SMTP_MXSESS_LIMIT 2 #define VAR_LMTP_MXSESS_LIMIT "lmtp_mx_session_limit" #define DEF_LMTP_MXSESS_LIMIT 2 extern int var_smtp_mxsess_limit; /* * Location of the mail queue directory tree. */ #define VAR_QUEUE_DIR "queue_directory" #ifndef DEF_QUEUE_DIR #define DEF_QUEUE_DIR "/var/spool/postfix" #endif extern char *var_queue_dir; /* * Location of command and daemon programs. */ #define VAR_DAEMON_DIR "daemon_directory" #ifndef DEF_DAEMON_DIR #define DEF_DAEMON_DIR "/usr/libexec/postfix" #endif extern char *var_daemon_dir; #define VAR_COMMAND_DIR "command_directory" #ifndef DEF_COMMAND_DIR #define DEF_COMMAND_DIR "/usr/sbin" #endif extern char *var_command_dir; /* * Location of PID files. */ #define VAR_PID_DIR "process_id_directory" #ifndef DEF_PID_DIR #define DEF_PID_DIR "pid" #endif extern char *var_pid_dir; /* * Location of writable data files. */ #define VAR_DATA_DIR "data_directory" #ifndef DEF_DATA_DIR #define DEF_DATA_DIR "/var/lib/postfix" #endif extern char *var_data_dir; /* * Program startup time. */ extern time_t var_starttime; /* * Location of configuration files. */ #define VAR_CONFIG_DIR "config_directory" #ifndef DEF_CONFIG_DIR #define DEF_CONFIG_DIR "/etc/postfix" #endif extern char *var_config_dir; #define VAR_CONFIG_DIRS "alternate_config_directories" #define DEF_CONFIG_DIRS "" extern char *var_config_dirs; #define MAIN_CONF_FILE "main.cf" #define MASTER_CONF_FILE "master.cf" /* * Preferred type of indexed files. The DEF_DB_TYPE macro value is system * dependent. It is defined in . */ #define VAR_DB_TYPE "default_database_type" extern char *var_db_type; /* * What syslog facility to use. Unfortunately, something may have to be * logged before parameters are read from the main.cf file. This logging * will go the LOG_FACILITY facility specified below. */ #define VAR_SYSLOG_FACILITY "syslog_facility" extern char *var_syslog_facility; #ifndef DEF_SYSLOG_FACILITY #define DEF_SYSLOG_FACILITY "mail" #endif #ifndef LOG_FACILITY #define LOG_FACILITY LOG_MAIL #endif /* * Big brother: who receives a blank-carbon copy of all mail that enters * this mail system. */ #define VAR_ALWAYS_BCC "always_bcc" #define DEF_ALWAYS_BCC "" extern char *var_always_bcc; /* * What to put in the To: header when no recipients were disclosed. * * XXX 2822: When no recipient headers remain, a system should insert a Bcc: * header without additional information. That is not so great given that * MTAs routinely strip Bcc: headers from message headers. */ #define VAR_RCPT_WITHELD "undisclosed_recipients_header" #define DEF_RCPT_WITHELD "" extern char *var_rcpt_witheld; /* * Add missing headers. Postfix 2.6 no longer adds headers to remote mail by * default. */ #define VAR_ALWAYS_ADD_HDRS "always_add_missing_headers" #define DEF_ALWAYS_ADD_HDRS 0 extern bool var_always_add_hdrs; /* * Dropping message headers. */ #define VAR_DROP_HDRS "message_drop_headers" #define DEF_DROP_HDRS "bcc, content-length, resent-bcc, return-path" extern char *var_drop_hdrs; /* * From: header format: we provide canned versions only, no Sendmail-style * macro expansions. */ #define HFROM_FORMAT_NAME_STD "standard" /* From: name
*/ #define HFROM_FORMAT_NAME_OBS "obsolete" /* From: address (name) */ #define VAR_HFROM_FORMAT "header_from_format" #define DEF_HFROM_FORMAT HFROM_FORMAT_NAME_STD extern char *var_hfrom_format; /* * Standards violation: allow/permit RFC 822-style addresses in SMTP * commands. */ #define VAR_STRICT_RFC821_ENV "strict_rfc821_envelopes" #define DEF_STRICT_RFC821_ENV 0 extern bool var_strict_rfc821_env; /* * Standards violation: send "250 AUTH=list" in order to accommodate clients * that implement an old version of the protocol. */ #define VAR_BROKEN_AUTH_CLNTS "broken_sasl_auth_clients" #define DEF_BROKEN_AUTH_CLNTS 0 extern bool var_broken_auth_clients; /* * Standards violation: disable VRFY. */ #define VAR_DISABLE_VRFY_CMD "disable_vrfy_command" #define DEF_DISABLE_VRFY_CMD 0 extern bool var_disable_vrfy_cmd; /* * trivial rewrite/resolve service: mapping tables. */ #define VAR_VIRT_ALIAS_MAPS "virtual_alias_maps" #define DEF_VIRT_ALIAS_MAPS "$virtual_maps" /* Compatibility! */ extern char *var_virt_alias_maps; #define VAR_VIRT_ALIAS_DOMS "virtual_alias_domains" #define DEF_VIRT_ALIAS_DOMS "$virtual_alias_maps" extern char *var_virt_alias_doms; #define VAR_VIRT_ALIAS_CODE "unknown_virtual_alias_reject_code" #define DEF_VIRT_ALIAS_CODE 550 extern int var_virt_alias_code; #define VAR_CANONICAL_MAPS "canonical_maps" #define DEF_CANONICAL_MAPS "" extern char *var_canonical_maps; #define VAR_SEND_CANON_MAPS "sender_canonical_maps" #define DEF_SEND_CANON_MAPS "" extern char *var_send_canon_maps; #define VAR_RCPT_CANON_MAPS "recipient_canonical_maps" #define DEF_RCPT_CANON_MAPS "" extern char *var_rcpt_canon_maps; #define CANON_CLASS_ENV_FROM "envelope_sender" #define CANON_CLASS_ENV_RCPT "envelope_recipient" #define CANON_CLASS_HDR_FROM "header_sender" #define CANON_CLASS_HDR_RCPT "header_recipient" #define VAR_CANON_CLASSES "canonical_classes" #define DEF_CANON_CLASSES CANON_CLASS_ENV_FROM ", " \ CANON_CLASS_ENV_RCPT ", " \ CANON_CLASS_HDR_FROM ", " \ CANON_CLASS_HDR_RCPT extern char *var_canon_classes; #define VAR_SEND_CANON_CLASSES "sender_canonical_classes" #define DEF_SEND_CANON_CLASSES CANON_CLASS_ENV_FROM ", " \ CANON_CLASS_HDR_FROM extern char *var_send_canon_classes; #define VAR_RCPT_CANON_CLASSES "recipient_canonical_classes" #define DEF_RCPT_CANON_CLASSES CANON_CLASS_ENV_RCPT ", " \ CANON_CLASS_HDR_RCPT extern char *var_rcpt_canon_classes; #define VAR_SEND_BCC_MAPS "sender_bcc_maps" #define DEF_SEND_BCC_MAPS "" extern char *var_send_bcc_maps; #define VAR_RCPT_BCC_MAPS "recipient_bcc_maps" #define DEF_RCPT_BCC_MAPS "" extern char *var_rcpt_bcc_maps; #define VAR_TRANSPORT_MAPS "transport_maps" #define DEF_TRANSPORT_MAPS "" extern char *var_transport_maps; #define VAR_DEF_TRANSPORT "default_transport" #define DEF_DEF_TRANSPORT MAIL_SERVICE_SMTP extern char *var_def_transport; #define VAR_SND_DEF_XPORT_MAPS "sender_dependent_" VAR_DEF_TRANSPORT "_maps" #define DEF_SND_DEF_XPORT_MAPS "" extern char *var_snd_def_xport_maps; #define VAR_NULL_DEF_XPORT_MAPS_KEY "empty_address_" VAR_DEF_TRANSPORT "_maps_lookup_key" #define DEF_NULL_DEF_XPORT_MAPS_KEY "<>" extern char *var_null_def_xport_maps_key; /* * trivial rewrite/resolve service: rewriting controls. */ #define VAR_SWAP_BANGPATH "swap_bangpath" #define DEF_SWAP_BANGPATH 1 extern bool var_swap_bangpath; #define VAR_APP_AT_MYORIGIN "append_at_myorigin" #define DEF_APP_AT_MYORIGIN 1 extern bool var_append_at_myorigin; #define VAR_APP_DOT_MYDOMAIN "append_dot_mydomain" #define DEF_APP_DOT_MYDOMAIN "${{$compatibility_level} =TLSv1" extern char *var_smtpd_tls_proto; #define VAR_SMTPD_TLS_MAND_PROTO "smtpd_tls_mandatory_protocols" #define DEF_SMTPD_TLS_MAND_PROTO ">=TLSv1" extern char *var_smtpd_tls_mand_proto; #define VAR_SMTPD_TLS_CIPH "smtpd_tls_ciphers" #define DEF_SMTPD_TLS_CIPH "medium" extern char *var_smtpd_tls_ciph; #define VAR_SMTPD_TLS_MAND_CIPH "smtpd_tls_mandatory_ciphers" #define DEF_SMTPD_TLS_MAND_CIPH "medium" extern char *var_smtpd_tls_mand_ciph; #define VAR_SMTPD_TLS_EXCL_CIPH "smtpd_tls_exclude_ciphers" #define DEF_SMTPD_TLS_EXCL_CIPH "" extern char *var_smtpd_tls_excl_ciph; #define VAR_SMTPD_TLS_MAND_EXCL "smtpd_tls_mandatory_exclude_ciphers" #define DEF_SMTPD_TLS_MAND_EXCL "" extern char *var_smtpd_tls_mand_excl; #define VAR_SMTPD_TLS_FPT_DGST "smtpd_tls_fingerprint_digest" #define DEF_SMTPD_TLS_FPT_DGST "${{$compatibility_level} =TLSv1" #define VAR_LMTP_TLS_PROTO "lmtp_tls_protocols" #define DEF_LMTP_TLS_PROTO ">=TLSv1" extern char *var_smtp_tls_proto; #define VAR_SMTP_TLS_MAND_PROTO "smtp_tls_mandatory_protocols" #define DEF_SMTP_TLS_MAND_PROTO ">=TLSv1" #define VAR_LMTP_TLS_MAND_PROTO "lmtp_tls_mandatory_protocols" #define DEF_LMTP_TLS_MAND_PROTO ">=TLSv1" extern char *var_smtp_tls_mand_proto; #define VAR_SMTP_TLS_VFY_CMATCH "smtp_tls_verify_cert_match" #define DEF_SMTP_TLS_VFY_CMATCH "hostname" #define VAR_LMTP_TLS_VFY_CMATCH "lmtp_tls_verify_cert_match" #define DEF_LMTP_TLS_VFY_CMATCH "hostname" extern char *var_smtp_tls_vfy_cmatch; /* * There are no MX lookups for LMTP, so verify == secure */ #define VAR_SMTP_TLS_SEC_CMATCH "smtp_tls_secure_cert_match" #define DEF_SMTP_TLS_SEC_CMATCH "nexthop, dot-nexthop" #define VAR_LMTP_TLS_SEC_CMATCH "lmtp_tls_secure_cert_match" #define DEF_LMTP_TLS_SEC_CMATCH "nexthop" extern char *var_smtp_tls_sec_cmatch; #define VAR_SMTP_TLS_FPT_CMATCH "smtp_tls_fingerprint_cert_match" #define DEF_SMTP_TLS_FPT_CMATCH "" #define VAR_LMTP_TLS_FPT_CMATCH "lmtp_tls_fingerprint_cert_match" #define DEF_LMTP_TLS_FPT_CMATCH "" extern char *var_smtp_tls_fpt_cmatch; #define VAR_SMTP_TLS_SNI "smtp_tls_servername" #define DEF_SMTP_TLS_SNI "" #define VAR_LMTP_TLS_SNI "lmtp_tls_servername" #define DEF_LMTP_TLS_SNI "" extern char *var_smtp_tls_sni; #define VAR_SMTP_TLS_BLK_EARLY_MAIL_REPLY "smtp_tls_block_early_mail_reply" #define DEF_SMTP_TLS_BLK_EARLY_MAIL_REPLY 0 #define VAR_LMTP_TLS_BLK_EARLY_MAIL_REPLY "lmtp_tls_block_early_mail_reply" #define DEF_LMTP_TLS_BLK_EARLY_MAIL_REPLY 0 extern bool var_smtp_tls_blk_early_mail_reply; #define VAR_SMTP_TLS_FORCE_TLSA "smtp_tls_force_insecure_host_tlsa_lookup" #define DEF_SMTP_TLS_FORCE_TLSA 0 #define VAR_LMTP_TLS_FORCE_TLSA "lmtp_tls_force_insecure_host_tlsa_lookup" #define DEF_LMTP_TLS_FORCE_TLSA 0 extern bool var_smtp_tls_force_tlsa; /* SMTP only */ #define VAR_SMTP_TLS_INSECURE_MX_POLICY "smtp_tls_dane_insecure_mx_policy" #define DEF_SMTP_TLS_INSECURE_MX_POLICY "${{$smtp_tls_security_level} == {dane} ? {dane} : {may}}" extern char *var_smtp_tls_insecure_mx_policy; /* * SASL authentication support, SMTP server side. */ #define VAR_SMTPD_SASL_ENABLE "smtpd_sasl_auth_enable" #define DEF_SMTPD_SASL_ENABLE 0 extern bool var_smtpd_sasl_enable; #define VAR_SMTPD_SASL_AUTH_HDR "smtpd_sasl_authenticated_header" #define DEF_SMTPD_SASL_AUTH_HDR 0 extern bool var_smtpd_sasl_auth_hdr; #define VAR_SMTPD_SASL_OPTS "smtpd_sasl_security_options" #define DEF_SMTPD_SASL_OPTS "noanonymous" extern char *var_smtpd_sasl_opts; #define VAR_SMTPD_SASL_PATH "smtpd_sasl_path" #define DEF_SMTPD_SASL_PATH "smtpd" extern char *var_smtpd_sasl_path; #define VAR_SMTPD_SASL_SERVICE "smtpd_sasl_service" #define DEF_SMTPD_SASL_SERVICE "smtp" extern char *var_smtpd_sasl_service; #define VAR_CYRUS_CONF_PATH "cyrus_sasl_config_path" #define DEF_CYRUS_CONF_PATH "" extern char *var_cyrus_conf_path; #define VAR_SMTPD_SASL_TLS_OPTS "smtpd_sasl_tls_security_options" #define DEF_SMTPD_SASL_TLS_OPTS "$" VAR_SMTPD_SASL_OPTS extern char *var_smtpd_sasl_tls_opts; #define VAR_SMTPD_SASL_REALM "smtpd_sasl_local_domain" #define DEF_SMTPD_SASL_REALM "" extern char *var_smtpd_sasl_realm; #define VAR_SMTPD_SASL_EXCEPTIONS_NETWORKS "smtpd_sasl_exceptions_networks" #define DEF_SMTPD_SASL_EXCEPTIONS_NETWORKS "" extern char *var_smtpd_sasl_exceptions_networks; #ifndef DEF_SERVER_SASL_TYPE #define DEF_SERVER_SASL_TYPE "cyrus" #endif #define VAR_SMTPD_SASL_TYPE "smtpd_sasl_type" #define DEF_SMTPD_SASL_TYPE DEF_SERVER_SASL_TYPE extern char *var_smtpd_sasl_type; #define VAR_SMTPD_SND_AUTH_MAPS "smtpd_sender_login_maps" #define DEF_SMTPD_SND_AUTH_MAPS "" extern char *var_smtpd_snd_auth_maps; #define REJECT_SENDER_LOGIN_MISMATCH "reject_sender_login_mismatch" #define REJECT_AUTH_SENDER_LOGIN_MISMATCH \ "reject_authenticated_sender_login_mismatch" #define REJECT_KNOWN_SENDER_LOGIN_MISMATCH \ "reject_known_sender_login_mismatch" #define REJECT_UNAUTH_SENDER_LOGIN_MISMATCH \ "reject_unauthenticated_sender_login_mismatch" /* * https://tools.ietf.org/html/rfc4954#page-5 * * (At the time of writing of this document, 12288 octets is considered to be a * sufficient line length limit for handling of deployed authentication * mechanisms.) * * The default value is also the minimum permissible value for this parameter. */ #define VAR_SMTPD_SASL_RESP_LIMIT "smtpd_sasl_response_limit" #define DEF_SMTPD_SASL_RESP_LIMIT 12288 extern int var_smtpd_sasl_resp_limit; /* * Some backends claim to support EXTERNAL authentication, but Postfix does * not have code to provide the backend with such credentials. To avoid * confusing errors, do not announce the EXTERNAL mechanism. */ #define VAR_SMTPD_SASL_MECH_FILTER "smtpd_sasl_mechanism_filter" #define DEF_SMTPD_SASL_MECH_FILTER "!external, static:rest" extern char *var_smtpd_sasl_mech_filter; /* * SASL authentication support, SMTP client side. */ #define VAR_SMTP_SASL_ENABLE "smtp_sasl_auth_enable" #define DEF_SMTP_SASL_ENABLE 0 extern bool var_smtp_sasl_enable; #define VAR_SMTP_SASL_PASSWD "smtp_sasl_password_maps" #define DEF_SMTP_SASL_PASSWD "" extern char *var_smtp_sasl_passwd; #define VAR_SMTP_SASL_OPTS "smtp_sasl_security_options" #define DEF_SMTP_SASL_OPTS "noplaintext, noanonymous" extern char *var_smtp_sasl_opts; #define VAR_SMTP_SASL_PATH "smtp_sasl_path" #define DEF_SMTP_SASL_PATH "" extern char *var_smtp_sasl_path; #define VAR_SMTP_SASL_MECHS "smtp_sasl_mechanism_filter" #define DEF_SMTP_SASL_MECHS "" #define VAR_LMTP_SASL_MECHS "lmtp_sasl_mechanism_filter" #define DEF_LMTP_SASL_MECHS "" extern char *var_smtp_sasl_mechs; #ifndef DEF_CLIENT_SASL_TYPE #define DEF_CLIENT_SASL_TYPE "cyrus" #endif #define VAR_SMTP_SASL_TYPE "smtp_sasl_type" #define DEF_SMTP_SASL_TYPE DEF_CLIENT_SASL_TYPE #define VAR_LMTP_SASL_TYPE "lmtp_sasl_type" #define DEF_LMTP_SASL_TYPE DEF_CLIENT_SASL_TYPE extern char *var_smtp_sasl_type; #define VAR_SMTP_SASL_TLS_OPTS "smtp_sasl_tls_security_options" #define DEF_SMTP_SASL_TLS_OPTS "$" VAR_SMTP_SASL_OPTS #define VAR_LMTP_SASL_TLS_OPTS "lmtp_sasl_tls_security_options" #define DEF_LMTP_SASL_TLS_OPTS "$" VAR_LMTP_SASL_OPTS extern char *var_smtp_sasl_tls_opts; #define VAR_SMTP_SASL_TLSV_OPTS "smtp_sasl_tls_verified_security_options" #define DEF_SMTP_SASL_TLSV_OPTS "$" VAR_SMTP_SASL_TLS_OPTS #define VAR_LMTP_SASL_TLSV_OPTS "lmtp_sasl_tls_verified_security_options" #define DEF_LMTP_SASL_TLSV_OPTS "$" VAR_LMTP_SASL_TLS_OPTS extern char *var_smtp_sasl_tlsv_opts; #define VAR_SMTP_DUMMY_MAIL_AUTH "smtp_send_dummy_mail_auth" #define DEF_SMTP_DUMMY_MAIL_AUTH 0 extern bool var_smtp_dummy_mail_auth; #define VAR_LMTP_BALANCE_INET_PROTO "lmtp_balance_inet_protocols" #define DEF_LMTP_BALANCE_INET_PROTO DEF_SMTP_BALANCE_INET_PROTO #define VAR_SMTP_BALANCE_INET_PROTO "smtp_balance_inet_protocols" #define DEF_SMTP_BALANCE_INET_PROTO 1 extern bool var_smtp_balance_inet_proto; /* * LMTP server. The soft error limit determines how many errors an LMTP * client may make before we start to slow down; the hard error limit * determines after how many client errors we disconnect. */ #define VAR_LMTPD_BANNER "lmtpd_banner" #define DEF_LMTPD_BANNER "$myhostname $mail_name" extern char *var_lmtpd_banner; #define VAR_LMTPD_TMOUT "lmtpd_timeout" #define DEF_LMTPD_TMOUT "300s" extern int var_lmtpd_tmout; #define VAR_LMTPD_RCPT_LIMIT "lmtpd_recipient_limit" #define DEF_LMTPD_RCPT_LIMIT 1000 extern int var_lmtpd_rcpt_limit; #define VAR_LMTPD_SOFT_ERLIM "lmtpd_soft_error_limit" #define DEF_LMTPD_SOFT_ERLIM 10 extern int var_lmtpd_soft_erlim; #define VAR_LMTPD_HARD_ERLIM "lmtpd_hard_error_limit" #define DEF_LMTPD_HARD_ERLIM 100 extern int var_lmtpd_hard_erlim; #define VAR_LMTPD_ERR_SLEEP "lmtpd_error_sleep_time" #define DEF_LMTPD_ERR_SLEEP "5s" extern int var_lmtpd_err_sleep; #define VAR_LMTPD_JUNK_CMD "lmtpd_junk_command_limit" #define DEF_LMTPD_JUNK_CMD 1000 extern int var_lmtpd_junk_cmd_limit; /* * SASL authentication support, LMTP server side. */ #define VAR_LMTPD_SASL_ENABLE "lmtpd_sasl_auth_enable" #define DEF_LMTPD_SASL_ENABLE 0 extern bool var_lmtpd_sasl_enable; #define VAR_LMTPD_SASL_OPTS "lmtpd_sasl_security_options" #define DEF_LMTPD_SASL_OPTS "noanonymous" extern char *var_lmtpd_sasl_opts; #define VAR_LMTPD_SASL_REALM "lmtpd_sasl_local_domain" #define DEF_LMTPD_SASL_REALM "$myhostname" extern char *var_lmtpd_sasl_realm; /* * SASL authentication support, LMTP client side. */ #define VAR_LMTP_SASL_ENABLE "lmtp_sasl_auth_enable" #define DEF_LMTP_SASL_ENABLE 0 extern bool var_lmtp_sasl_enable; #define VAR_LMTP_SASL_PASSWD "lmtp_sasl_password_maps" #define DEF_LMTP_SASL_PASSWD "" extern char *var_lmtp_sasl_passwd; #define VAR_LMTP_SASL_OPTS "lmtp_sasl_security_options" #define DEF_LMTP_SASL_OPTS "noplaintext, noanonymous" extern char *var_lmtp_sasl_opts; #define VAR_LMTP_SASL_PATH "lmtp_sasl_path" #define DEF_LMTP_SASL_PATH "" extern char *var_lmtp_sasl_path; #define VAR_LMTP_DUMMY_MAIL_AUTH "lmtp_send_dummy_mail_auth" #define DEF_LMTP_DUMMY_MAIL_AUTH 0 extern bool var_lmtp_dummy_mail_auth; /* * SASL-based relay etc. control. */ #define PERMIT_SASL_AUTH "permit_sasl_authenticated" #define VAR_CYRUS_SASL_AUTHZID "send_cyrus_sasl_authzid" #define DEF_CYRUS_SASL_AUTHZID 0 extern int var_cyrus_sasl_authzid; /* * Special handling of AUTH 535 failures. */ #define VAR_SMTP_SASL_AUTH_SOFT_BOUNCE "smtp_sasl_auth_soft_bounce" #define DEF_SMTP_SASL_AUTH_SOFT_BOUNCE 1 #define VAR_LMTP_SASL_AUTH_SOFT_BOUNCE "lmtp_sasl_auth_soft_bounce" #define DEF_LMTP_SASL_AUTH_SOFT_BOUNCE 1 extern bool var_smtp_sasl_auth_soft_bounce; #define VAR_SMTP_SASL_AUTH_CACHE_NAME "smtp_sasl_auth_cache_name" #define DEF_SMTP_SASL_AUTH_CACHE_NAME "" #define VAR_LMTP_SASL_AUTH_CACHE_NAME "lmtp_sasl_auth_cache_name" #define DEF_LMTP_SASL_AUTH_CACHE_NAME "" extern char *var_smtp_sasl_auth_cache_name; #define VAR_SMTP_SASL_AUTH_CACHE_TIME "smtp_sasl_auth_cache_time" #define DEF_SMTP_SASL_AUTH_CACHE_TIME "90d" #define VAR_LMTP_SASL_AUTH_CACHE_TIME "lmtp_sasl_auth_cache_time" #define DEF_LMTP_SASL_AUTH_CACHE_TIME "90d" extern int var_smtp_sasl_auth_cache_time; #define VAR_SMTP_TCP_PORT "smtp_tcp_port" #define DEF_SMTP_TCP_PORT "smtp" extern char *var_smtp_tcp_port; /* * LMTP client. Timeouts inspired by RFC 1123. The LMTP recipient limit * determines how many recipient addresses the LMTP client sends along with * each message. Unfortunately, some mailers misbehave and disconnect (smap) * when given more recipients than they are willing to handle. */ #define VAR_LMTP_TCP_PORT "lmtp_tcp_port" #define DEF_LMTP_TCP_PORT "24" extern char *var_lmtp_tcp_port; #define VAR_LMTP_ASSUME_FINAL "lmtp_assume_final" #define DEF_LMTP_ASSUME_FINAL 0 extern bool var_lmtp_assume_final; #define VAR_LMTP_CACHE_CONN "lmtp_cache_connection" #define DEF_LMTP_CACHE_CONN 1 extern bool var_lmtp_cache_conn; #define VAR_LMTP_SKIP_QUIT_RESP "lmtp_skip_quit_response" #define DEF_LMTP_SKIP_QUIT_RESP 0 extern bool var_lmtp_skip_quit_resp; #define VAR_LMTP_CONN_TMOUT "lmtp_connect_timeout" #define DEF_LMTP_CONN_TMOUT "0s" extern int var_lmtp_conn_tmout; #define VAR_LMTP_RSET_TMOUT "lmtp_rset_timeout" #define DEF_LMTP_RSET_TMOUT "20s" extern int var_lmtp_rset_tmout; #define VAR_LMTP_LHLO_TMOUT "lmtp_lhlo_timeout" #define DEF_LMTP_LHLO_TMOUT "300s" extern int var_lmtp_lhlo_tmout; #define VAR_LMTP_XFWD_TMOUT "lmtp_xforward_timeout" #define DEF_LMTP_XFWD_TMOUT "300s" extern int var_lmtp_xfwd_tmout; #define VAR_LMTP_MAIL_TMOUT "lmtp_mail_timeout" #define DEF_LMTP_MAIL_TMOUT "300s" extern int var_lmtp_mail_tmout; #define VAR_LMTP_RCPT_TMOUT "lmtp_rcpt_timeout" #define DEF_LMTP_RCPT_TMOUT "300s" extern int var_lmtp_rcpt_tmout; #define VAR_LMTP_DATA0_TMOUT "lmtp_data_init_timeout" #define DEF_LMTP_DATA0_TMOUT "120s" extern int var_lmtp_data0_tmout; #define VAR_LMTP_DATA1_TMOUT "lmtp_data_xfer_timeout" #define DEF_LMTP_DATA1_TMOUT "180s" extern int var_lmtp_data1_tmout; #define VAR_LMTP_DATA2_TMOUT "lmtp_data_done_timeout" #define DEF_LMTP_DATA2_TMOUT "600s" extern int var_lmtp_data2_tmout; #define VAR_LMTP_QUIT_TMOUT "lmtp_quit_timeout" #define DEF_LMTP_QUIT_TMOUT "300s" extern int var_lmtp_quit_tmout; #define VAR_LMTP_SEND_XFORWARD "lmtp_send_xforward_command" #define DEF_LMTP_SEND_XFORWARD 0 extern bool var_lmtp_send_xforward; /* * Cleanup service. Header info that exceeds $header_size_limit bytes or * $header_address_token_limit tokens is discarded. */ #define VAR_HOPCOUNT_LIMIT "hopcount_limit" #define DEF_HOPCOUNT_LIMIT 50 extern int var_hopcount_limit; #define VAR_HEADER_LIMIT "header_size_limit" #define DEF_HEADER_LIMIT 102400 extern int var_header_limit; #define VAR_TOKEN_LIMIT "header_address_token_limit" #define DEF_TOKEN_LIMIT 10240 extern int var_token_limit; #define VAR_VIRT_RECUR_LIMIT "virtual_alias_recursion_limit" #define DEF_VIRT_RECUR_LIMIT 1000 extern int var_virt_recur_limit; #define VAR_VIRT_EXPAN_LIMIT "virtual_alias_expansion_limit" #define DEF_VIRT_EXPAN_LIMIT 1000 extern int var_virt_expan_limit; #define VAR_VIRT_ADDRLEN_LIMIT "virtual_alias_address_length_limit" #define DEF_VIRT_ADDRLEN_LIMIT 1000 extern int var_virt_addrlen_limit; /* * Message/queue size limits. */ #define VAR_MESSAGE_LIMIT "message_size_limit" #define DEF_MESSAGE_LIMIT 10240000 extern long var_message_limit; #define VAR_QUEUE_MINFREE "queue_minfree" #define DEF_QUEUE_MINFREE 0 extern long var_queue_minfree; /* * Light-weight content inspection. */ #define VAR_HEADER_CHECKS "header_checks" #define DEF_HEADER_CHECKS "" extern char *var_header_checks; #define VAR_MIMEHDR_CHECKS "mime_header_checks" #define DEF_MIMEHDR_CHECKS "$header_checks" extern char *var_mimehdr_checks; #define VAR_NESTHDR_CHECKS "nested_header_checks" #define DEF_NESTHDR_CHECKS "$header_checks" extern char *var_nesthdr_checks; #define VAR_BODY_CHECKS "body_checks" #define DEF_BODY_CHECKS "" extern char *var_body_checks; #define VAR_BODY_CHECK_LEN "body_checks_size_limit" #define DEF_BODY_CHECK_LEN (50*1024) extern int var_body_check_len; /* * Bounce service: truncate bounce message that exceed $bounce_size_limit. */ #define VAR_BOUNCE_LIMIT "bounce_size_limit" #define DEF_BOUNCE_LIMIT 50000 extern int var_bounce_limit; /* * Bounce service: reserved sender address for double bounces. The local * delivery service discards undeliverable double bounces. */ #define VAR_DOUBLE_BOUNCE "double_bounce_sender" #define DEF_DOUBLE_BOUNCE "double-bounce" extern char *var_double_bounce_sender; /* * Bounce service: enable threaded bounces, with References: and * In-Reply-To:. */ #define VAR_THREADED_BOUNCE "enable_threaded_bounces" #define DEF_THREADED_BOUNCE CONFIG_BOOL_NO extern bool var_threaded_bounce; /* * When forking a process, how often to try and how long to wait. */ #define VAR_FORK_TRIES "fork_attempts" #define DEF_FORK_TRIES 5 extern int var_fork_tries; #define VAR_FORK_DELAY "fork_delay" #define DEF_FORK_DELAY "1s" extern int var_fork_delay; /* * When locking a mailbox, how often to try and how long to wait. */ #define VAR_FLOCK_TRIES "deliver_lock_attempts" #define DEF_FLOCK_TRIES 20 extern int var_flock_tries; #define VAR_FLOCK_DELAY "deliver_lock_delay" #define DEF_FLOCK_DELAY "1s" extern int var_flock_delay; #define VAR_FLOCK_STALE "stale_lock_time" #define DEF_FLOCK_STALE "500s" extern int var_flock_stale; #define VAR_MAILTOOL_COMPAT "sun_mailtool_compatibility" #define DEF_MAILTOOL_COMPAT 0 extern int var_mailtool_compat; /* * How long a daemon command may take to receive or deliver a message etc. * before we assume it is wedged (should never happen). */ #define VAR_DAEMON_TIMEOUT "daemon_timeout" #define DEF_DAEMON_TIMEOUT "18000s" extern int var_daemon_timeout; #define VAR_QMGR_DAEMON_TIMEOUT "qmgr_daemon_timeout" #define DEF_QMGR_DAEMON_TIMEOUT "1000s" extern int var_qmgr_daemon_timeout; /* * How long an intra-mail command may take before we assume the mail system * is in deadlock (should never happen). */ #define VAR_IPC_TIMEOUT "ipc_timeout" #define DEF_IPC_TIMEOUT "3600s" extern int var_ipc_timeout; #define VAR_QMGR_IPC_TIMEOUT "qmgr_ipc_timeout" #define DEF_QMGR_IPC_TIMEOUT "60s" extern int var_qmgr_ipc_timeout; /* * Time limit on intra-mail triggers. */ #define VAR_TRIGGER_TIMEOUT "trigger_timeout" #define DEF_TRIGGER_TIMEOUT "10s" extern int var_trigger_timeout; /* * SMTP server restrictions. What networks I am willing to relay from, what * domains I am willing to forward mail from or to, what clients I refuse to * talk to, and what domains I never want to see in the sender address. */ #define VAR_MYNETWORKS "mynetworks" extern char *var_mynetworks; #define VAR_MYNETWORKS_STYLE "mynetworks_style" #define DEF_MYNETWORKS_STYLE "${{$compatibility_level} " extern char *var_smtpd_null_key; #define VAR_SMTPD_EXP_FILTER "smtpd_expansion_filter" #define DEF_SMTPD_EXP_FILTER "\\t\\40!\"#$%&'()*+,-./0123456789:;<=>?@\ ABCDEFGHIJKLMNOPQRSTUVWXYZ[\\\\]^_`\ abcdefghijklmnopqrstuvwxyz{|}~" extern char *var_smtpd_exp_filter; #define VAR_SMTPD_PEERNAME_LOOKUP "smtpd_peername_lookup" #define DEF_SMTPD_PEERNAME_LOOKUP 1 extern bool var_smtpd_peername_lookup; #define VAR_SMTPD_FORBID_UNAUTH_PIPE "smtpd_forbid_unauth_pipelining" #define DEF_SMTPD_FORBID_UNAUTH_PIPE 0 extern bool var_smtpd_forbid_unauth_pipe; /* * Heuristic to reject unknown local recipients at the SMTP port. */ #define VAR_LOCAL_RCPT_MAPS "local_recipient_maps" #define DEF_LOCAL_RCPT_MAPS "proxy:unix:passwd.byname $" VAR_ALIAS_MAPS extern char *var_local_rcpt_maps; #define VAR_LOCAL_RCPT_CODE "unknown_local_recipient_reject_code" #define DEF_LOCAL_RCPT_CODE 550 extern int var_local_rcpt_code; /* * List of pre-approved maps that are OK to open with the proxymap service. */ #define VAR_PROXY_READ_MAPS "proxy_read_maps" #define DEF_PROXY_READ_MAPS "$" VAR_LOCAL_RCPT_MAPS \ " $" VAR_MYDEST \ " $" VAR_VIRT_ALIAS_MAPS \ " $" VAR_VIRT_ALIAS_DOMS \ " $" VAR_VIRT_MAILBOX_MAPS \ " $" VAR_VIRT_MAILBOX_DOMS \ " $" VAR_RELAY_RCPT_MAPS \ " $" VAR_RELAY_DOMAINS \ " $" VAR_CANONICAL_MAPS \ " $" VAR_SEND_CANON_MAPS \ " $" VAR_RCPT_CANON_MAPS \ " $" VAR_RELOCATED_MAPS \ " $" VAR_TRANSPORT_MAPS \ " $" VAR_MYNETWORKS \ " $" VAR_SMTPD_SND_AUTH_MAPS \ " $" VAR_SEND_BCC_MAPS \ " $" VAR_RCPT_BCC_MAPS \ " $" VAR_SMTP_GENERIC_MAPS \ " $" VAR_LMTP_GENERIC_MAPS \ " $" VAR_ALIAS_MAPS \ " $" VAR_CLIENT_CHECKS \ " $" VAR_HELO_CHECKS \ " $" VAR_MAIL_CHECKS \ " $" VAR_RELAY_CHECKS \ " $" VAR_RCPT_CHECKS \ " $" VAR_VRFY_SND_DEF_XPORT_MAPS \ " $" VAR_VRFY_RELAY_MAPS \ " $" VAR_VRFY_XPORT_MAPS \ " $" VAR_FBCK_TRANSP_MAPS \ " $" VAR_LMTP_EHLO_DIS_MAPS \ " $" VAR_LMTP_PIX_BUG_MAPS \ " $" VAR_LMTP_SASL_PASSWD \ " $" VAR_LMTP_TLS_POLICY \ " $" VAR_MAILBOX_CMD_MAPS \ " $" VAR_MBOX_TRANSP_MAPS \ " $" VAR_PSC_EHLO_DIS_MAPS \ " $" VAR_RBL_REPLY_MAPS \ " $" VAR_SND_DEF_XPORT_MAPS \ " $" VAR_SND_RELAY_MAPS \ " $" VAR_SMTP_EHLO_DIS_MAPS \ " $" VAR_SMTP_PIX_BUG_MAPS \ " $" VAR_SMTP_SASL_PASSWD \ " $" VAR_SMTP_TLS_POLICY \ " $" VAR_SMTPD_EHLO_DIS_MAPS \ " $" VAR_SMTPD_MILTER_MAPS \ " $" VAR_VIRT_GID_MAPS \ " $" VAR_VIRT_UID_MAPS \ " $" VAR_LOCAL_LOGIN_SND_MAPS \ " $" VAR_PSC_REJ_FTR_MAPS \ " $" VAR_SMTPD_REJ_FTR_MAPS \ " $" VAR_TLS_SERVER_SNI_MAPS \ " $" VAR_TLSP_CLNT_POLICY \ " $" VAR_DSN_FILTER \ " $" VAR_LMTP_DSN_FILTER \ " $" VAR_LMTP_DNS_RE_FILTER \ " $" VAR_LMTP_RESP_FILTER \ " $" VAR_LOCAL_DSN_FILTER \ " $" VAR_PIPE_DSN_FILTER \ " $" VAR_PSC_CMD_FILTER \ " $" VAR_SMTP_DSN_FILTER \ " $" VAR_SMTP_DNS_RE_FILTER \ " $" VAR_SMTP_RESP_FILTER \ " $" VAR_SMTPD_CMD_FILTER \ " $" VAR_SMTPD_DNS_RE_FILTER \ " $" VAR_VIRT_DSN_FILTER \ " $" VAR_BODY_CHECKS \ " $" VAR_HEADER_CHECKS \ " $" VAR_LMTP_BODY_CHKS \ " $" VAR_LMTP_HEAD_CHKS \ " $" VAR_LMTP_MIME_CHKS \ " $" VAR_LMTP_NEST_CHKS \ " $" VAR_MILT_HEAD_CHECKS \ " $" VAR_MIMEHDR_CHECKS \ " $" VAR_NESTHDR_CHECKS \ " $" VAR_SMTP_BODY_CHKS \ " $" VAR_SMTP_HEAD_CHKS \ " $" VAR_SMTP_MIME_CHKS \ " $" VAR_SMTP_NEST_CHKS extern char *var_proxy_read_maps; #define VAR_PROXY_WRITE_MAPS "proxy_write_maps" #define DEF_PROXY_WRITE_MAPS "$" VAR_SMTP_SASL_AUTH_CACHE_NAME \ " $" VAR_LMTP_SASL_AUTH_CACHE_NAME \ " $" VAR_VERIFY_MAP \ " $" VAR_PSC_CACHE_MAP extern char *var_proxy_write_maps; #define VAR_PROXY_READ_ACL "proxy_read_access_list" #define DEF_PROXY_READ_ACL "reject" extern char *var_proxy_read_acl; #define VAR_PROXY_WRITE_ACL "proxy_write_access_list" #define DEF_PROXY_WRITE_ACL "reject" extern char *var_proxy_write_acl; /* * Other. */ #define VAR_PROCNAME "process_name" extern char *var_procname; #define VAR_SERVNAME "service_name" extern char *var_servname; #define VAR_PID "process_id" extern int var_pid; #define VAR_DEBUG_COMMAND "debugger_command" /* * Paranoia: save files instead of deleting them. */ #define VAR_DONT_REMOVE "dont_remove" #define DEF_DONT_REMOVE 0 extern bool var_dont_remove; /* * Paranoia: defer messages instead of bouncing them. */ #define VAR_SOFT_BOUNCE "soft_bounce" #define DEF_SOFT_BOUNCE 0 extern bool var_soft_bounce; /* * Give special treatment to owner- and -request. */ #define VAR_OWNREQ_SPECIAL "owner_request_special" #define DEF_OWNREQ_SPECIAL 1 extern bool var_ownreq_special; /* * Allow/disallow recipient addresses starting with `-'. */ #define VAR_ALLOW_MIN_USER "allow_min_user" #define DEF_ALLOW_MIN_USER 0 extern bool var_allow_min_user; extern void mail_params_init(void); /* * Content inspection and filtering. */ #define VAR_FILTER_XPORT "content_filter" #define DEF_FILTER_XPORT "" extern char *var_filter_xport; #define VAR_DEF_FILTER_NEXTHOP "default_filter_nexthop" #define DEF_DEF_FILTER_NEXTHOP "" extern char *var_def_filter_nexthop; /* * Fast flush service support. */ #define VAR_FFLUSH_DOMAINS "fast_flush_domains" #define DEF_FFLUSH_DOMAINS "$relay_domains" extern char *var_fflush_domains; #define VAR_FFLUSH_PURGE "fast_flush_purge_time" #define DEF_FFLUSH_PURGE "7d" extern int var_fflush_purge; #define VAR_FFLUSH_REFRESH "fast_flush_refresh_time" #define DEF_FFLUSH_REFRESH "12h" extern int var_fflush_refresh; /* * Environmental management - what Postfix imports from the external world, * and what Postfix exports to the external world. */ #define VAR_IMPORT_ENVIRON "import_environment" #define DEF_IMPORT_ENVIRON "MAIL_CONFIG MAIL_DEBUG MAIL_LOGTAG " \ "TZ XAUTHORITY DISPLAY LANG=C " \ "POSTLOG_SERVICE POSTLOG_HOSTNAME" extern char *var_import_environ; #define VAR_EXPORT_ENVIRON "export_environment" #define DEF_EXPORT_ENVIRON "TZ MAIL_CONFIG LANG" extern char *var_export_environ; /* * Tunables for the "virtual" local delivery agent */ #define VAR_VIRT_TRANSPORT "virtual_transport" #define DEF_VIRT_TRANSPORT MAIL_SERVICE_VIRTUAL extern char *var_virt_transport; #define VAR_VIRT_MAILBOX_MAPS "virtual_mailbox_maps" #define DEF_VIRT_MAILBOX_MAPS "" extern char *var_virt_mailbox_maps; #define VAR_VIRT_MAILBOX_DOMS "virtual_mailbox_domains" #define DEF_VIRT_MAILBOX_DOMS "$virtual_mailbox_maps" extern char *var_virt_mailbox_doms; #define VAR_VIRT_MAILBOX_CODE "unknown_virtual_mailbox_reject_code" #define DEF_VIRT_MAILBOX_CODE 550 extern int var_virt_mailbox_code; #define VAR_VIRT_UID_MAPS "virtual_uid_maps" #define DEF_VIRT_UID_MAPS "" extern char *var_virt_uid_maps; #define VAR_VIRT_GID_MAPS "virtual_gid_maps" #define DEF_VIRT_GID_MAPS "" extern char *var_virt_gid_maps; #define VAR_VIRT_MINUID "virtual_minimum_uid" #define DEF_VIRT_MINUID 100 extern int var_virt_minimum_uid; #define VAR_VIRT_MAILBOX_BASE "virtual_mailbox_base" #define DEF_VIRT_MAILBOX_BASE "" extern char *var_virt_mailbox_base; #define VAR_VIRT_MAILBOX_LIMIT "virtual_mailbox_limit" #define DEF_VIRT_MAILBOX_LIMIT (5 * DEF_MESSAGE_LIMIT) extern long var_virt_mailbox_limit; #define VAR_VIRT_MAILBOX_LOCK "virtual_mailbox_lock" #define DEF_VIRT_MAILBOX_LOCK "fcntl, dotlock" extern char *var_virt_mailbox_lock; /* * Distinct logging tag for multiple Postfix instances. */ #define VAR_SYSLOG_NAME "syslog_name" #if 1 #define DEF_SYSLOG_NAME \ "${" VAR_MULTI_NAME "?{$" VAR_MULTI_NAME "}:{postfix}}" #else #define DEF_SYSLOG_NAME "postfix" #endif extern char *var_syslog_name; /* * QMQPD */ #define VAR_QMQPD_CLIENTS "qmqpd_authorized_clients" #define DEF_QMQPD_CLIENTS "" extern char *var_qmqpd_clients; #define VAR_QMTPD_TMOUT "qmqpd_timeout" #define DEF_QMTPD_TMOUT "300s" extern int var_qmqpd_timeout; #define VAR_QMTPD_ERR_SLEEP "qmqpd_error_delay" #define DEF_QMTPD_ERR_SLEEP "1s" extern int var_qmqpd_err_sleep; /* * VERP, more DJB intellectual cross-pollination. However, we prefer + as * the default recipient delimiter. */ #define VAR_VERP_DELIMS "default_verp_delimiters" #define DEF_VERP_DELIMS "+=" extern char *var_verp_delims; #define VAR_VERP_FILTER "verp_delimiter_filter" #define DEF_VERP_FILTER "-=+" extern char *var_verp_filter; #define VAR_VERP_BOUNCE_OFF "disable_verp_bounces" #define DEF_VERP_BOUNCE_OFF 0 extern bool var_verp_bounce_off; #define VAR_VERP_CLIENTS "smtpd_authorized_verp_clients" #define DEF_VERP_CLIENTS "$authorized_verp_clients" extern char *var_verp_clients; /* * XCLIENT, for rule testing and fetchmail like apps. */ #define VAR_XCLIENT_HOSTS "smtpd_authorized_xclient_hosts" #define DEF_XCLIENT_HOSTS "" extern char *var_xclient_hosts; /* * XFORWARD, for improved post-filter logging. */ #define VAR_XFORWARD_HOSTS "smtpd_authorized_xforward_hosts" #define DEF_XFORWARD_HOSTS "" extern char *var_xforward_hosts; /* * Inbound mail flow control. This allows for a stiffer coupling between * receiving mail and sending mail. A sending process produces one token for * each message that it takes from the incoming queue; a receiving process * consumes one token for each message that it adds to the incoming queue. * When no token is available (Postfix receives more mail than it is able to * deliver) a receiving process pauses for $in_flow_delay seconds so that * the sending processes get a chance to access the disk. */ #define VAR_IN_FLOW_DELAY "in_flow_delay" #ifdef PIPES_CANT_FIONREAD #define DEF_IN_FLOW_DELAY "0s" #else #define DEF_IN_FLOW_DELAY "1s" #endif extern int var_in_flow_delay; /* * Backwards compatibility: foo.com matches itself and names below foo.com. */ #define VAR_PAR_DOM_MATCH "parent_domain_matches_subdomains" #define DEF_PAR_DOM_MATCH VAR_DEBUG_PEER_LIST "," \ VAR_FFLUSH_DOMAINS "," \ VAR_MYNETWORKS "," \ VAR_PERM_MX_NETWORKS "," \ VAR_QMQPD_CLIENTS "," \ VAR_RELAY_DOMAINS "," \ SMTPD_ACCESS_MAPS extern char *var_par_dom_match; #define SMTPD_ACCESS_MAPS "smtpd_access_maps" /* * Run-time fault injection. */ #define VAR_FAULT_INJ_CODE "fault_injection_code" #define DEF_FAULT_INJ_CODE 0 extern int var_fault_inj_code; /* * Install/upgrade information. */ #define VAR_SENDMAIL_PATH "sendmail_path" #ifndef DEF_SENDMAIL_PATH #define DEF_SENDMAIL_PATH "/usr/sbin/sendmail" #endif #define VAR_MAILQ_PATH "mailq_path" #ifndef DEF_MAILQ_PATH #define DEF_MAILQ_PATH "/usr/bin/mailq" #endif #define VAR_NEWALIAS_PATH "newaliases_path" #ifndef DEF_NEWALIAS_PATH #define DEF_NEWALIAS_PATH "/usr/bin/newaliases" #endif #define VAR_OPENSSL_PATH "openssl_path" #ifndef DEF_OPENSSL_PATH #define DEF_OPENSSL_PATH "openssl" #endif extern char *var_openssl_path; #define VAR_MANPAGE_DIR "manpage_directory" #ifndef DEF_MANPAGE_DIR #define DEF_MANPAGE_DIR "/usr/local/man" #endif #define VAR_SAMPLE_DIR "sample_directory" #ifndef DEF_SAMPLE_DIR #define DEF_SAMPLE_DIR DEF_CONFIG_DIR #endif #define VAR_README_DIR "readme_directory" #ifndef DEF_README_DIR #define DEF_README_DIR "no" #endif #define VAR_HTML_DIR "html_directory" #ifndef DEF_HTML_DIR #define DEF_HTML_DIR "no" #endif /* * Safety: resolve the address with unquoted localpart (default, but * technically incorrect), instead of resolving the address with quoted * localpart (technically correct, but unsafe). The default prevents mail * relay loopholes with "user@domain"@domain when relaying mail to a * Sendmail system. */ #define VAR_RESOLVE_DEQUOTED "resolve_dequoted_address" #define DEF_RESOLVE_DEQUOTED 1 extern bool var_resolve_dequoted; #define VAR_RESOLVE_NULLDOM "resolve_null_domain" #define DEF_RESOLVE_NULLDOM 0 extern bool var_resolve_nulldom; #define VAR_RESOLVE_NUM_DOM "resolve_numeric_domain" #define DEF_RESOLVE_NUM_DOM 0 extern bool var_resolve_num_dom; /* * Service names. The transport (TCP, FIFO or UNIX-domain) type is frozen * because you cannot simply mix them, and accessibility (private/public) is * frozen for security reasons. We list only the internal services, not the * externally visible SMTP server, or the delivery agents that can already * be chosen via transport mappings etc. */ #define VAR_BOUNCE_SERVICE "bounce_service_name" #define DEF_BOUNCE_SERVICE MAIL_SERVICE_BOUNCE extern char *var_bounce_service; #define VAR_CLEANUP_SERVICE "cleanup_service_name" #define DEF_CLEANUP_SERVICE MAIL_SERVICE_CLEANUP extern char *var_cleanup_service; #define VAR_DEFER_SERVICE "defer_service_name" #define DEF_DEFER_SERVICE MAIL_SERVICE_DEFER extern char *var_defer_service; #define VAR_PICKUP_SERVICE "pickup_service_name" #define DEF_PICKUP_SERVICE MAIL_SERVICE_PICKUP extern char *var_pickup_service; #define VAR_QUEUE_SERVICE "queue_service_name" #define DEF_QUEUE_SERVICE MAIL_SERVICE_QUEUE extern char *var_queue_service; /* XXX resolve does not exist as a separate service */ #define VAR_REWRITE_SERVICE "rewrite_service_name" #define DEF_REWRITE_SERVICE MAIL_SERVICE_REWRITE extern char *var_rewrite_service; #define VAR_SHOWQ_SERVICE "showq_service_name" #define DEF_SHOWQ_SERVICE MAIL_SERVICE_SHOWQ extern char *var_showq_service; #define VAR_ERROR_SERVICE "error_service_name" #define DEF_ERROR_SERVICE MAIL_SERVICE_ERROR extern char *var_error_service; #define VAR_FLUSH_SERVICE "flush_service_name" #define DEF_FLUSH_SERVICE MAIL_SERVICE_FLUSH extern char *var_flush_service; /* * Session cache service. */ #define VAR_SCACHE_SERVICE "connection_cache_service_name" #define DEF_SCACHE_SERVICE "scache" extern char *var_scache_service; #define VAR_SCACHE_PROTO_TMOUT "connection_cache_protocol_timeout" #define DEF_SCACHE_PROTO_TMOUT "5s" extern int var_scache_proto_tmout; #define VAR_SCACHE_TTL_LIM "connection_cache_ttl_limit" #define DEF_SCACHE_TTL_LIM "2s" extern int var_scache_ttl_lim; #define VAR_SCACHE_STAT_TIME "connection_cache_status_update_time" #define DEF_SCACHE_STAT_TIME "600s" extern int var_scache_stat_time; #define VAR_VRFY_PEND_LIMIT "address_verify_pending_request_limit" #define DEF_VRFY_PEND_LIMIT (DEF_QMGR_ACT_LIMIT / 4) extern int var_vrfy_pend_limit; /* * Address verification service. */ #define VAR_VERIFY_SERVICE "address_verify_service_name" #define DEF_VERIFY_SERVICE MAIL_SERVICE_VERIFY extern char *var_verify_service; #define VAR_VERIFY_MAP "address_verify_map" #define DEF_VERIFY_MAP "btree:$data_directory/verify_cache" extern char *var_verify_map; #define VAR_VERIFY_POS_EXP "address_verify_positive_expire_time" #define DEF_VERIFY_POS_EXP "31d" extern int var_verify_pos_exp; #define VAR_VERIFY_POS_TRY "address_verify_positive_refresh_time" #define DEF_VERIFY_POS_TRY "7d" extern int var_verify_pos_try; #define VAR_VERIFY_NEG_EXP "address_verify_negative_expire_time" #define DEF_VERIFY_NEG_EXP "3d" extern int var_verify_neg_exp; #define VAR_VERIFY_NEG_TRY "address_verify_negative_refresh_time" #define DEF_VERIFY_NEG_TRY "3h" extern int var_verify_neg_try; #define VAR_VERIFY_NEG_CACHE "address_verify_negative_cache" #define DEF_VERIFY_NEG_CACHE 1 extern bool var_verify_neg_cache; #define VAR_VERIFY_SCAN_CACHE "address_verify_cache_cleanup_interval" #define DEF_VERIFY_SCAN_CACHE "12h" extern int var_verify_scan_cache; #define VAR_VERIFY_SENDER "address_verify_sender" #define DEF_VERIFY_SENDER "$" VAR_DOUBLE_BOUNCE extern char *var_verify_sender; #define VAR_VERIFY_SENDER_TTL "address_verify_sender_ttl" #define DEF_VERIFY_SENDER_TTL "0s" extern int var_verify_sender_ttl; #define VAR_VERIFY_POLL_COUNT "address_verify_poll_count" #define DEF_VERIFY_POLL_COUNT "${stress?{1}:{3}}" extern int var_verify_poll_count; #define VAR_VERIFY_POLL_DELAY "address_verify_poll_delay" #define DEF_VERIFY_POLL_DELAY "3s" extern int var_verify_poll_delay; #define VAR_VRFY_LOCAL_XPORT "address_verify_local_transport" #define DEF_VRFY_LOCAL_XPORT "$" VAR_LOCAL_TRANSPORT extern char *var_vrfy_local_xport; #define VAR_VRFY_VIRT_XPORT "address_verify_virtual_transport" #define DEF_VRFY_VIRT_XPORT "$" VAR_VIRT_TRANSPORT extern char *var_vrfy_virt_xport; #define VAR_VRFY_RELAY_XPORT "address_verify_relay_transport" #define DEF_VRFY_RELAY_XPORT "$" VAR_RELAY_TRANSPORT extern char *var_vrfy_relay_xport; #define VAR_VRFY_DEF_XPORT "address_verify_default_transport" #define DEF_VRFY_DEF_XPORT "$" VAR_DEF_TRANSPORT extern char *var_vrfy_def_xport; #define VAR_VRFY_SND_DEF_XPORT_MAPS "address_verify_" VAR_SND_DEF_XPORT_MAPS #define DEF_VRFY_SND_DEF_XPORT_MAPS "$" VAR_SND_DEF_XPORT_MAPS extern char *var_snd_def_xport_maps; #define VAR_VRFY_RELAYHOST "address_verify_relayhost" #define DEF_VRFY_RELAYHOST "$" VAR_RELAYHOST extern char *var_vrfy_relayhost; #define VAR_VRFY_RELAY_MAPS "address_verify_sender_dependent_relayhost_maps" #define DEF_VRFY_RELAY_MAPS "$" VAR_SND_RELAY_MAPS extern char *var_vrfy_relay_maps; #define VAR_VRFY_XPORT_MAPS "address_verify_transport_maps" #define DEF_VRFY_XPORT_MAPS "$" VAR_TRANSPORT_MAPS extern char *var_vrfy_xport_maps; #define SMTP_VRFY_TGT_RCPT "rcpt" #define SMTP_VRFY_TGT_DATA "data" #define VAR_LMTP_VRFY_TGT "lmtp_address_verify_target" #define DEF_LMTP_VRFY_TGT SMTP_VRFY_TGT_RCPT #define VAR_SMTP_VRFY_TGT "smtp_address_verify_target" #define DEF_SMTP_VRFY_TGT SMTP_VRFY_TGT_RCPT extern char *var_smtp_vrfy_tgt; /* * Message delivery trace service. */ #define VAR_TRACE_SERVICE "trace_service_name" #define DEF_TRACE_SERVICE MAIL_SERVICE_TRACE extern char *var_trace_service; /* * Proxymappers. */ #define VAR_PROXYMAP_SERVICE "proxymap_service_name" #define DEF_PROXYMAP_SERVICE MAIL_SERVICE_PROXYMAP extern char *var_proxymap_service; #define VAR_PROXYWRITE_SERVICE "proxywrite_service_name" #define DEF_PROXYWRITE_SERVICE MAIL_SERVICE_PROXYWRITE extern char *var_proxywrite_service; /* * Mailbox/maildir delivery errors that cause delivery to be tried again. */ #define VAR_MBX_DEFER_ERRS "mailbox_defer_errors" #define DEF_MBX_DEFER_ERRS "eagain, enospc, estale" extern char *var_mbx_defer_errs; #define VAR_MDR_DEFER_ERRS "maildir_defer_errors" #define DEF_MDR_DEFER_ERRS "enospc, estale" extern char *var_mdr_defer_errs; /* * Berkeley DB memory pool sizes. */ #define VAR_DB_CREATE_BUF "berkeley_db_create_buffer_size" #define DEF_DB_CREATE_BUF (16 * 1024 *1024) extern int var_db_create_buf; #define VAR_DB_READ_BUF "berkeley_db_read_buffer_size" #define DEF_DB_READ_BUF (128 *1024) extern int var_db_read_buf; /* * OpenLDAP LMDB settings. */ #define VAR_LMDB_MAP_SIZE "lmdb_map_size" #define DEF_LMDB_MAP_SIZE (16 * 1024 *1024) extern long var_lmdb_map_size; /* * Named queue file attributes. */ #define VAR_QATTR_COUNT_LIMIT "queue_file_attribute_count_limit" #define DEF_QATTR_COUNT_LIMIT 100 extern int var_qattr_count_limit; /* * MIME support. */ #define VAR_MIME_MAXDEPTH "mime_nesting_limit" #define DEF_MIME_MAXDEPTH 100 extern int var_mime_maxdepth; #define VAR_MIME_BOUND_LEN "mime_boundary_length_limit" #define DEF_MIME_BOUND_LEN 2048 extern int var_mime_bound_len; #define VAR_DISABLE_MIME_INPUT "disable_mime_input_processing" #define DEF_DISABLE_MIME_INPUT 0 extern bool var_disable_mime_input; #define VAR_DISABLE_MIME_OCONV "disable_mime_output_conversion" #define DEF_DISABLE_MIME_OCONV 0 extern bool var_disable_mime_oconv; #define VAR_STRICT_8BITMIME "strict_8bitmime" #define DEF_STRICT_8BITMIME 0 extern bool var_strict_8bitmime; #define VAR_STRICT_7BIT_HDRS "strict_7bit_headers" #define DEF_STRICT_7BIT_HDRS 0 extern bool var_strict_7bit_hdrs; #define VAR_STRICT_8BIT_BODY "strict_8bitmime_body" #define DEF_STRICT_8BIT_BODY 0 extern bool var_strict_8bit_body; #define VAR_STRICT_ENCODING "strict_mime_encoding_domain" #define DEF_STRICT_ENCODING 0 extern bool var_strict_encoding; #define VAR_AUTO_8BIT_ENC_HDR "detect_8bit_encoding_header" #define DEF_AUTO_8BIT_ENC_HDR 1 extern int var_auto_8bit_enc_hdr; /* * Bizarre. */ #define VAR_SENDER_ROUTING "sender_based_routing" #define DEF_SENDER_ROUTING 0 extern bool var_sender_routing; #define VAR_XPORT_NULL_KEY "transport_null_address_lookup_key" #define DEF_XPORT_NULL_KEY "<>" extern char *var_xport_null_key; /* * Bounce service controls. */ #define VAR_OLDLOG_COMPAT "backwards_bounce_logfile_compatibility" #define DEF_OLDLOG_COMPAT 1 extern bool var_oldlog_compat; /* * SMTPD content proxy. */ #define VAR_SMTPD_PROXY_FILT "smtpd_proxy_filter" #define DEF_SMTPD_PROXY_FILT "" extern char *var_smtpd_proxy_filt; #define VAR_SMTPD_PROXY_EHLO "smtpd_proxy_ehlo" #define DEF_SMTPD_PROXY_EHLO "$" VAR_MYHOSTNAME extern char *var_smtpd_proxy_ehlo; #define VAR_SMTPD_PROXY_TMOUT "smtpd_proxy_timeout" #define DEF_SMTPD_PROXY_TMOUT "100s" extern int var_smtpd_proxy_tmout; #define VAR_SMTPD_PROXY_OPTS "smtpd_proxy_options" #define DEF_SMTPD_PROXY_OPTS "" extern char *var_smtpd_proxy_opts; /* * Transparency options for mail input interfaces and for the cleanup server * behind them. These should turn off stuff we don't want to happen, because * the default is to do a lot of things. */ #define VAR_INPUT_TRANSP "receive_override_options" #define DEF_INPUT_TRANSP "" extern char *var_smtpd_input_transp; /* * SMTP server policy delegation. */ #define VAR_SMTPD_POLICY_TMOUT "smtpd_policy_service_timeout" #define DEF_SMTPD_POLICY_TMOUT "100s" extern int var_smtpd_policy_tmout; #define VAR_SMTPD_POLICY_REQ_LIMIT "smtpd_policy_service_request_limit" #define DEF_SMTPD_POLICY_REQ_LIMIT 0 extern int var_smtpd_policy_req_limit; #define VAR_SMTPD_POLICY_IDLE "smtpd_policy_service_max_idle" #define DEF_SMTPD_POLICY_IDLE "300s" extern int var_smtpd_policy_idle; #define VAR_SMTPD_POLICY_TTL "smtpd_policy_service_max_ttl" #define DEF_SMTPD_POLICY_TTL "1000s" extern int var_smtpd_policy_ttl; #define VAR_SMTPD_POLICY_TRY_LIMIT "smtpd_policy_service_try_limit" #define DEF_SMTPD_POLICY_TRY_LIMIT 2 extern int var_smtpd_policy_try_limit; #define VAR_SMTPD_POLICY_TRY_DELAY "smtpd_policy_service_retry_delay" #define DEF_SMTPD_POLICY_TRY_DELAY "1s" extern int var_smtpd_policy_try_delay; #define VAR_SMTPD_POLICY_DEF_ACTION "smtpd_policy_service_default_action" #define DEF_SMTPD_POLICY_DEF_ACTION "451 4.3.5 Server configuration problem" extern char *var_smtpd_policy_def_action; #define VAR_SMTPD_POLICY_CONTEXT "smtpd_policy_service_policy_context" #define DEF_SMTPD_POLICY_CONTEXT "" extern char *var_smtpd_policy_context; #define CHECK_POLICY_SERVICE "check_policy_service" /* * Client rate control. */ #define VAR_SMTPD_CRATE_LIMIT "smtpd_client_connection_rate_limit" #define DEF_SMTPD_CRATE_LIMIT 0 extern int var_smtpd_crate_limit; #define VAR_SMTPD_CCONN_LIMIT "smtpd_client_connection_count_limit" #define DEF_SMTPD_CCONN_LIMIT ((DEF_PROC_LIMIT + 1) / 2) extern int var_smtpd_cconn_limit; #define VAR_SMTPD_CMAIL_LIMIT "smtpd_client_message_rate_limit" #define DEF_SMTPD_CMAIL_LIMIT 0 extern int var_smtpd_cmail_limit; #define VAR_SMTPD_CRCPT_LIMIT "smtpd_client_recipient_rate_limit" #define DEF_SMTPD_CRCPT_LIMIT 0 extern int var_smtpd_crcpt_limit; #define VAR_SMTPD_CNTLS_LIMIT "smtpd_client_new_tls_session_rate_limit" #define DEF_SMTPD_CNTLS_LIMIT 0 extern int var_smtpd_cntls_limit; #define VAR_SMTPD_CAUTH_LIMIT "smtpd_client_auth_rate_limit" #define DEF_SMTPD_CAUTH_LIMIT 0 extern int var_smtpd_cauth_limit; #define VAR_SMTPD_HOGGERS "smtpd_client_event_limit_exceptions" #define DEF_SMTPD_HOGGERS "${smtpd_client_connection_limit_exceptions:$" VAR_MYNETWORKS "}" extern char *var_smtpd_hoggers; #define VAR_ANVIL_TIME_UNIT "anvil_rate_time_unit" #define DEF_ANVIL_TIME_UNIT "60s" extern int var_anvil_time_unit; #define VAR_ANVIL_STAT_TIME "anvil_status_update_time" #define DEF_ANVIL_STAT_TIME "600s" extern int var_anvil_stat_time; /* * Temporary stop gap. */ #if 0 #include #define VAR_ANVIL_SERVICE "client_connection_rate_service_name" #define DEF_ANVIL_SERVICE "local:" ANVIL_CLASS "/" ANVIL_SERVICE extern char *var_anvil_service; #endif /* * What domain names to assume when no valid domain context exists. */ #define VAR_REM_RWR_DOMAIN "remote_header_rewrite_domain" #define DEF_REM_RWR_DOMAIN "" extern char *var_remote_rwr_domain; #define CHECK_ADDR_MAP "check_address_map" #define VAR_LOC_RWR_CLIENTS "local_header_rewrite_clients" #define DEF_LOC_RWR_CLIENTS PERMIT_INET_INTERFACES extern char *var_local_rwr_clients; /* * EHLO keyword filter. */ #define VAR_SMTPD_EHLO_DIS_WORDS "smtpd_discard_ehlo_keywords" #define DEF_SMTPD_EHLO_DIS_WORDS "" extern char *var_smtpd_ehlo_dis_words; #define VAR_SMTPD_EHLO_DIS_MAPS "smtpd_discard_ehlo_keyword_address_maps" #define DEF_SMTPD_EHLO_DIS_MAPS "" extern char *var_smtpd_ehlo_dis_maps; #define VAR_SMTP_EHLO_DIS_WORDS "smtp_discard_ehlo_keywords" #define DEF_SMTP_EHLO_DIS_WORDS "" #define VAR_LMTP_EHLO_DIS_WORDS "lmtp_discard_lhlo_keywords" #define DEF_LMTP_EHLO_DIS_WORDS "" extern char *var_smtp_ehlo_dis_words; #define VAR_SMTP_EHLO_DIS_MAPS "smtp_discard_ehlo_keyword_address_maps" #define DEF_SMTP_EHLO_DIS_MAPS "" #define VAR_LMTP_EHLO_DIS_MAPS "lmtp_discard_lhlo_keyword_address_maps" #define DEF_LMTP_EHLO_DIS_MAPS "" extern char *var_smtp_ehlo_dis_maps; /* * gcc workaround for warnings about empty or null format strings. */ extern const char null_format_string[1]; /* * Characters to reject or strip. */ #define VAR_MSG_REJECT_CHARS "message_reject_characters" #define DEF_MSG_REJECT_CHARS "" extern char *var_msg_reject_chars; #define VAR_MSG_STRIP_CHARS "message_strip_characters" #define DEF_MSG_STRIP_CHARS "" extern char *var_msg_strip_chars; /* * Local forwarding complexity controls. */ #define VAR_FROZEN_DELIVERED "frozen_delivered_to" #define DEF_FROZEN_DELIVERED 1 extern bool var_frozen_delivered; #define VAR_RESET_OWNER_ATTR "reset_owner_alias" #define DEF_RESET_OWNER_ATTR 0 extern bool var_reset_owner_attr; /* * Delay logging time roundup. */ #define VAR_DELAY_MAX_RES "delay_logging_resolution_limit" #define MAX_DELAY_MAX_RES 6 #define DEF_DELAY_MAX_RES 2 #define MIN_DELAY_MAX_RES 0 extern int var_delay_max_res; /* * Bounce message templates. */ #define VAR_BOUNCE_TMPL "bounce_template_file" #define DEF_BOUNCE_TMPL "" extern char *var_bounce_tmpl; /* * Sender-dependent authentication. */ #define VAR_SMTP_SENDER_AUTH "smtp_sender_dependent_authentication" #define DEF_SMTP_SENDER_AUTH 0 #define VAR_LMTP_SENDER_AUTH "lmtp_sender_dependent_authentication" #define DEF_LMTP_SENDER_AUTH 0 extern bool var_smtp_sender_auth; /* * Allow CNAME lookup result to override the server hostname. */ #define VAR_SMTP_CNAME_OVERR "smtp_cname_overrides_servername" #define DEF_SMTP_CNAME_OVERR 0 #define VAR_LMTP_CNAME_OVERR "lmtp_cname_overrides_servername" #define DEF_LMTP_CNAME_OVERR 0 extern bool var_smtp_cname_overr; /* * TLS library settings */ #define VAR_TLS_CNF_FILE "tls_config_file" #define DEF_TLS_CNF_FILE "default" extern char *var_tls_cnf_file; #define VAR_TLS_CNF_NAME "tls_config_name" #define DEF_TLS_CNF_NAME "" extern char *var_tls_cnf_name; #define VAR_TLS_HIGH_CLIST "tls_high_cipherlist" #define DEF_TLS_HIGH_CLIST "aNULL:-aNULL:HIGH:@STRENGTH" extern char *var_tls_high_clist; #define VAR_TLS_MEDIUM_CLIST "tls_medium_cipherlist" #define DEF_TLS_MEDIUM_CLIST "aNULL:-aNULL:HIGH:MEDIUM:+RC4:@STRENGTH" extern char *var_tls_medium_clist; #define VAR_TLS_LOW_CLIST "tls_low_cipherlist" #define DEF_TLS_LOW_CLIST "aNULL:-aNULL:HIGH:MEDIUM:LOW:+RC4:@STRENGTH" extern char *var_tls_low_clist; #define VAR_TLS_EXPORT_CLIST "tls_export_cipherlist" #define DEF_TLS_EXPORT_CLIST "aNULL:-aNULL:HIGH:MEDIUM:LOW:EXPORT:+RC4:@STRENGTH" extern char *var_tls_export_clist; #define VAR_TLS_NULL_CLIST "tls_null_cipherlist" #define DEF_TLS_NULL_CLIST "eNULL:!aNULL" extern char *var_tls_null_clist; #if defined(SN_X25519) && defined(NID_X25519) #define DEF_TLS_EECDH_AUTO_1 SN_X25519 " " #else #define DEF_TLS_EECDH_AUTO_1 "" #endif #if defined(SN_X448) && defined(NID_X448) #define DEF_TLS_EECDH_AUTO_2 SN_X448 " " #else #define DEF_TLS_EECDH_AUTO_2 "" #endif #if defined(SN_X9_62_prime256v1) && defined(NID_X9_62_prime256v1) #define DEF_TLS_EECDH_AUTO_3 SN_X9_62_prime256v1 " " #else #define DEF_TLS_EECDH_AUTO_3 "" #endif #if defined(SN_secp521r1) && defined(NID_secp521r1) #define DEF_TLS_EECDH_AUTO_4 SN_secp521r1 " " #else #define DEF_TLS_EECDH_AUTO_4 "" #endif #if defined(SN_secp384r1) && defined(NID_secp384r1) #define DEF_TLS_EECDH_AUTO_5 SN_secp384r1 #else #define DEF_TLS_EECDH_AUTO_5 "" #endif #define VAR_TLS_EECDH_AUTO "tls_eecdh_auto_curves" #define DEF_TLS_EECDH_AUTO DEF_TLS_EECDH_AUTO_1 \ DEF_TLS_EECDH_AUTO_2 \ DEF_TLS_EECDH_AUTO_3 \ DEF_TLS_EECDH_AUTO_4 \ DEF_TLS_EECDH_AUTO_5 extern char *var_tls_eecdh_auto; #define VAR_TLS_EECDH_STRONG "tls_eecdh_strong_curve" #define DEF_TLS_EECDH_STRONG "prime256v1" extern char *var_tls_eecdh_strong; #define VAR_TLS_EECDH_ULTRA "tls_eecdh_ultra_curve" #define DEF_TLS_EECDH_ULTRA "secp384r1" extern char *var_tls_eecdh_ultra; #define VAR_TLS_PREEMPT_CLIST "tls_preempt_cipherlist" #define DEF_TLS_PREEMPT_CLIST 0 extern bool var_tls_preempt_clist; #define VAR_TLS_MULTI_WILDCARD "tls_wildcard_matches_multiple_labels" #define DEF_TLS_MULTI_WILDCARD 1 extern bool var_tls_multi_wildcard; #define VAR_TLS_BUG_TWEAKS "tls_disable_workarounds" #define DEF_TLS_BUG_TWEAKS "" extern char *var_tls_bug_tweaks; #define VAR_TLS_SSL_OPTIONS "tls_ssl_options" #define DEF_TLS_SSL_OPTIONS "" extern char *var_tls_ssl_options; #define VAR_TLS_TKT_CIPHER "tls_session_ticket_cipher" #define DEF_TLS_TKT_CIPHER "aes-256-cbc" extern char *var_tls_tkt_cipher; #define VAR_TLS_BC_PKEY_FPRINT "tls_legacy_public_key_fingerprints" #define DEF_TLS_BC_PKEY_FPRINT 0 extern bool var_tls_bc_pkey_fprint; #define VAR_TLS_SERVER_SNI_MAPS "tls_server_sni_maps" #define DEF_TLS_SERVER_SNI_MAPS "" extern char *var_tls_server_sni_maps; /* * Ordered list of DANE digest algorithms. */ #define VAR_TLS_DANE_DIGESTS "tls_dane_digests" #define DEF_TLS_DANE_DIGESTS "sha512 sha256" extern char *var_tls_dane_digests; /* * The default is incompatible with pre-TLSv1.0 protocols. */ #define VAR_TLS_FAST_SHUTDOWN "tls_fast_shutdown_enable" #define DEF_TLS_FAST_SHUTDOWN 1 extern bool var_tls_fast_shutdown; /* * Sendmail-style mail filter support. */ #define VAR_SMTPD_MILTERS "smtpd_milters" #define DEF_SMTPD_MILTERS "" extern char *var_smtpd_milters; #define VAR_SMTPD_MILTER_MAPS "smtpd_milter_maps" #define DEF_SMTPD_MILTER_MAPS "" extern char *var_smtpd_milter_maps; #define SMTPD_MILTERS_DISABLE "DISABLE" #define VAR_CLEANUP_MILTERS "non_smtpd_milters" #define DEF_CLEANUP_MILTERS "" extern char *var_cleanup_milters; #define VAR_MILT_DEF_ACTION "milter_default_action" #define DEF_MILT_DEF_ACTION "tempfail" extern char *var_milt_def_action; #define VAR_MILT_CONN_MACROS "milter_connect_macros" #define DEF_MILT_CONN_MACROS "j {daemon_name} {daemon_addr} v _" extern char *var_milt_conn_macros; #define VAR_MILT_HELO_MACROS "milter_helo_macros" #define DEF_MILT_HELO_MACROS "{tls_version} {cipher} {cipher_bits}" \ " {cert_subject} {cert_issuer}" extern char *var_milt_helo_macros; #define VAR_MILT_MAIL_MACROS "milter_mail_macros" #define DEF_MILT_MAIL_MACROS "i {auth_type} {auth_authen}" \ " {auth_author} {mail_addr}" \ " {mail_host} {mail_mailer}" extern char *var_milt_mail_macros; #define VAR_MILT_RCPT_MACROS "milter_rcpt_macros" #define DEF_MILT_RCPT_MACROS "i {rcpt_addr} {rcpt_host}" \ " {rcpt_mailer}" extern char *var_milt_rcpt_macros; #define VAR_MILT_DATA_MACROS "milter_data_macros" #define DEF_MILT_DATA_MACROS "i" extern char *var_milt_data_macros; #define VAR_MILT_UNK_MACROS "milter_unknown_command_macros" #define DEF_MILT_UNK_MACROS "" extern char *var_milt_unk_macros; #define VAR_MILT_EOH_MACROS "milter_end_of_header_macros" #define DEF_MILT_EOH_MACROS "i" extern char *var_milt_eoh_macros; #define VAR_MILT_EOD_MACROS "milter_end_of_data_macros" #define DEF_MILT_EOD_MACROS "i" extern char *var_milt_eod_macros; #define VAR_MILT_CONN_TIME "milter_connect_timeout" #define DEF_MILT_CONN_TIME "30s" extern int var_milt_conn_time; #define VAR_MILT_CMD_TIME "milter_command_timeout" #define DEF_MILT_CMD_TIME "30s" extern int var_milt_cmd_time; #define VAR_MILT_MSG_TIME "milter_content_timeout" #define DEF_MILT_MSG_TIME "300s" extern int var_milt_msg_time; #define VAR_MILT_PROTOCOL "milter_protocol" #define DEF_MILT_PROTOCOL "6" extern char *var_milt_protocol; #define VAR_MILT_DEF_ACTION "milter_default_action" #define DEF_MILT_DEF_ACTION "tempfail" extern char *var_milt_def_action; #define VAR_MILT_DAEMON_NAME "milter_macro_daemon_name" #define DEF_MILT_DAEMON_NAME "$" VAR_MYHOSTNAME extern char *var_milt_daemon_name; #define VAR_MILT_V "milter_macro_v" #define DEF_MILT_V "$" VAR_MAIL_NAME " $" VAR_MAIL_VERSION extern char *var_milt_v; #define VAR_MILT_HEAD_CHECKS "milter_header_checks" #define DEF_MILT_HEAD_CHECKS "" extern char *var_milt_head_checks; #define VAR_MILT_MACRO_DEFLTS "milter_macro_defaults" #define DEF_MILT_MACRO_DEFLTS "" extern char *var_milt_macro_deflts; /* * What internal mail do we inspect/stamp/etc.? This is not yet safe enough * to enable world-wide. */ #define INT_FILT_CLASS_NONE "" #define INT_FILT_CLASS_NOTIFY "notify" #define INT_FILT_CLASS_BOUNCE "bounce" #define VAR_INT_FILT_CLASSES "internal_mail_filter_classes" #define DEF_INT_FILT_CLASSES INT_FILT_CLASS_NONE extern char *var_int_filt_classes; /* * This could break logfile processors, so it's off by default. */ #define VAR_SMTPD_CLIENT_PORT_LOG "smtpd_client_port_logging" #define DEF_SMTPD_CLIENT_PORT_LOG 0 extern bool var_smtpd_client_port_log; #define VAR_QMQPD_CLIENT_PORT_LOG "qmqpd_client_port_logging" #define DEF_QMQPD_CLIENT_PORT_LOG 0 extern bool var_qmqpd_client_port_log; /* * Header/body checks in delivery agents. */ #define VAR_SMTP_HEAD_CHKS "smtp_header_checks" #define DEF_SMTP_HEAD_CHKS "" extern char *var_smtp_head_chks; #define VAR_SMTP_MIME_CHKS "smtp_mime_header_checks" #define DEF_SMTP_MIME_CHKS "" extern char *var_smtp_mime_chks; #define VAR_SMTP_NEST_CHKS "smtp_nested_header_checks" #define DEF_SMTP_NEST_CHKS "" extern char *var_smtp_nest_chks; #define VAR_SMTP_BODY_CHKS "smtp_body_checks" #define DEF_SMTP_BODY_CHKS "" extern char *var_smtp_body_chks; #define VAR_LMTP_HEAD_CHKS "lmtp_header_checks" #define DEF_LMTP_HEAD_CHKS "" #define VAR_LMTP_MIME_CHKS "lmtp_mime_header_checks" #define DEF_LMTP_MIME_CHKS "" #define VAR_LMTP_NEST_CHKS "lmtp_nested_header_checks" #define DEF_LMTP_NEST_CHKS "" #define VAR_LMTP_BODY_CHKS "lmtp_body_checks" #define DEF_LMTP_BODY_CHKS "" #define VAR_SMTP_ADDR_PREF "smtp_address_preference" #ifdef HAS_IPV6 #define DEF_SMTP_ADDR_PREF INET_PROTO_NAME_ANY #else #define DEF_SMTP_ADDR_PREF INET_PROTO_NAME_IPV4 #endif extern char *var_smtp_addr_pref; #define VAR_LMTP_ADDR_PREF "lmtp_address_preference" #define DEF_LMTP_ADDR_PREF DEF_SMTP_ADDR_PREF /* * Scheduler concurrency feedback algorithms. */ #define VAR_CONC_POS_FDBACK "default_destination_concurrency_positive_feedback" #define _CONC_POS_FDBACK "_destination_concurrency_positive_feedback" #define DEF_CONC_POS_FDBACK "1" extern char *var_conc_pos_feedback; #define VAR_CONC_NEG_FDBACK "default_destination_concurrency_negative_feedback" #define _CONC_NEG_FDBACK "_destination_concurrency_negative_feedback" #define DEF_CONC_NEG_FDBACK "1" extern char *var_conc_neg_feedback; #define CONC_FDBACK_NAME_WIN "concurrency" #define CONC_FDBACK_NAME_SQRT_WIN "sqrt_concurrency" #define VAR_CONC_COHORT_LIM "default_destination_concurrency_failed_cohort_limit" #define _CONC_COHORT_LIM "_destination_concurrency_failed_cohort_limit" #define DEF_CONC_COHORT_LIM 1 extern int var_conc_cohort_limit; #define VAR_CONC_FDBACK_DEBUG "destination_concurrency_feedback_debug" #define DEF_CONC_FDBACK_DEBUG 0 extern bool var_conc_feedback_debug; #define VAR_DEST_RATE_DELAY "default_destination_rate_delay" #define _DEST_RATE_DELAY "_destination_rate_delay" #define DEF_DEST_RATE_DELAY "0s" extern int var_dest_rate_delay; #define VAR_XPORT_RATE_DELAY "default_transport_rate_delay" #define _XPORT_RATE_DELAY "_transport_rate_delay" #define DEF_XPORT_RATE_DELAY "0s" extern int var_xport_rate_delay; /* * Stress handling. */ #define VAR_STRESS "stress" #define DEF_STRESS "" extern char *var_stress; /* * Mailbox ownership. */ #define VAR_STRICT_MBOX_OWNER "strict_mailbox_ownership" #define DEF_STRICT_MBOX_OWNER 1 extern bool var_strict_mbox_owner; /* * Window scaling workaround. */ #define VAR_INET_WINDOW "tcp_windowsize" #define DEF_INET_WINDOW 0 extern int var_inet_windowsize; /* * Plug-in multi-instance support. Only the first two parameters are used by * Postfix itself; the other ones are reserved for the instance manager. */ #define VAR_MULTI_CONF_DIRS "multi_instance_directories" #define DEF_MULTI_CONF_DIRS "" extern char *var_multi_conf_dirs; #define VAR_MULTI_WRAPPER "multi_instance_wrapper" #define DEF_MULTI_WRAPPER "" extern char *var_multi_wrapper; #define VAR_MULTI_NAME "multi_instance_name" #define DEF_MULTI_NAME "" extern char *var_multi_name; #define VAR_MULTI_GROUP "multi_instance_group" #define DEF_MULTI_GROUP "" extern char *var_multi_group; #define VAR_MULTI_ENABLE "multi_instance_enable" #define DEF_MULTI_ENABLE 0 extern bool var_multi_enable; /* * postmulti(1) instance manager */ #define VAR_MULTI_START_CMDS "postmulti_start_commands" #define DEF_MULTI_START_CMDS "start" extern char *var_multi_start_cmds; #define VAR_MULTI_STOP_CMDS "postmulti_stop_commands" #define DEF_MULTI_STOP_CMDS "stop abort drain quick-stop" extern char *var_multi_stop_cmds; #define VAR_MULTI_CNTRL_CMDS "postmulti_control_commands" #define DEF_MULTI_CNTRL_CMDS "reload flush" extern char *var_multi_cntrl_cmds; /* * postscreen(8) */ #define VAR_PSC_CACHE_MAP "postscreen_cache_map" #define DEF_PSC_CACHE_MAP "btree:$data_directory/postscreen_cache" extern char *var_psc_cache_map; #define VAR_SMTPD_SERVICE "smtpd_service_name" #define DEF_SMTPD_SERVICE "smtpd" extern char *var_smtpd_service; #define VAR_PSC_POST_QLIMIT "postscreen_post_queue_limit" #define DEF_PSC_POST_QLIMIT "$" VAR_PROC_LIMIT extern int var_psc_post_queue_limit; #define VAR_PSC_PRE_QLIMIT "postscreen_pre_queue_limit" #define DEF_PSC_PRE_QLIMIT "$" VAR_PROC_LIMIT extern int var_psc_pre_queue_limit; #define VAR_PSC_CACHE_RET "postscreen_cache_retention_time" #define DEF_PSC_CACHE_RET "7d" extern int var_psc_cache_ret; #define VAR_PSC_CACHE_SCAN "postscreen_cache_cleanup_interval" #define DEF_PSC_CACHE_SCAN "12h" extern int var_psc_cache_scan; #define VAR_PSC_GREET_WAIT "postscreen_greet_wait" #define DEF_PSC_GREET_WAIT "${stress?{2}:{6}}s" extern int var_psc_greet_wait; #define VAR_PSC_PREGR_BANNER "postscreen_greet_banner" #define DEF_PSC_PREGR_BANNER "$" VAR_SMTPD_BANNER extern char *var_psc_pregr_banner; #define VAR_PSC_PREGR_ENABLE "postscreen_greet_enable" #define DEF_PSC_PREGR_ENABLE no extern char *var_psc_pregr_enable; #define VAR_PSC_PREGR_ACTION "postscreen_greet_action" #define DEF_PSC_PREGR_ACTION "ignore" extern char *var_psc_pregr_action; #define VAR_PSC_PREGR_TTL "postscreen_greet_ttl" #define DEF_PSC_PREGR_TTL "1d" extern int var_psc_pregr_ttl; #define VAR_PSC_DNSBL_SITES "postscreen_dnsbl_sites" #define DEF_PSC_DNSBL_SITES "" extern char *var_psc_dnsbl_sites; #define VAR_PSC_DNSBL_THRESH "postscreen_dnsbl_threshold" #define DEF_PSC_DNSBL_THRESH 1 extern int var_psc_dnsbl_thresh; #define VAR_PSC_DNSBL_WTHRESH "postscreen_dnsbl_whitelist_threshold" #define DEF_PSC_DNSBL_WTHRESH 0 #define VAR_PSC_DNSBL_ALTHRESH "postscreen_dnsbl_allowlist_threshold" #define DEF_PSC_DNSBL_ALTHRESH \ "${" VAR_PSC_DNSBL_WTHRESH "?{$" VAR_PSC_DNSBL_WTHRESH "}:{0}}" extern int var_psc_dnsbl_althresh; #define VAR_PSC_DNSBL_ENABLE "postscreen_dnsbl_enable" #define DEF_PSC_DNSBL_ENABLE 0 extern char *var_psc_dnsbl_enable; #define VAR_PSC_DNSBL_ACTION "postscreen_dnsbl_action" #define DEF_PSC_DNSBL_ACTION "ignore" extern char *var_psc_dnsbl_action; #define VAR_PSC_DNSBL_MIN_TTL "postscreen_dnsbl_min_ttl" #define DEF_PSC_DNSBL_MIN_TTL "60s" extern int var_psc_dnsbl_min_ttl; #define VAR_PSC_DNSBL_MAX_TTL "postscreen_dnsbl_max_ttl" #define DEF_PSC_DNSBL_MAX_TTL "${postscreen_dnsbl_ttl?{$postscreen_dnsbl_ttl}:{1}}h" extern int var_psc_dnsbl_max_ttl; #define VAR_PSC_DNSBL_REPLY "postscreen_dnsbl_reply_map" #define DEF_PSC_DNSBL_REPLY "" extern char *var_psc_dnsbl_reply; #define VAR_PSC_DNSBL_TMOUT "postscreen_dnsbl_timeout" #define DEF_PSC_DNSBL_TMOUT "10s" extern int var_psc_dnsbl_tmout; #define VAR_PSC_PIPEL_ENABLE "postscreen_pipelining_enable" #define DEF_PSC_PIPEL_ENABLE 0 extern bool var_psc_pipel_enable; #define VAR_PSC_PIPEL_ACTION "postscreen_pipelining_action" #define DEF_PSC_PIPEL_ACTION "enforce" extern char *var_psc_pipel_action; #define VAR_PSC_PIPEL_TTL "postscreen_pipelining_ttl" #define DEF_PSC_PIPEL_TTL "30d" extern int var_psc_pipel_ttl; #define VAR_PSC_NSMTP_ENABLE "postscreen_non_smtp_command_enable" #define DEF_PSC_NSMTP_ENABLE 0 extern bool var_psc_nsmtp_enable; #define VAR_PSC_NSMTP_ACTION "postscreen_non_smtp_command_action" #define DEF_PSC_NSMTP_ACTION "drop" extern char *var_psc_nsmtp_action; #define VAR_PSC_NSMTP_TTL "postscreen_non_smtp_command_ttl" #define DEF_PSC_NSMTP_TTL "30d" extern int var_psc_nsmtp_ttl; #define VAR_PSC_BARLF_ENABLE "postscreen_bare_newline_enable" #define DEF_PSC_BARLF_ENABLE 0 extern bool var_psc_barlf_enable; #define VAR_PSC_BARLF_ACTION "postscreen_bare_newline_action" #define DEF_PSC_BARLF_ACTION "ignore" extern char *var_psc_barlf_action; #define VAR_PSC_BARLF_TTL "postscreen_bare_newline_ttl" #define DEF_PSC_BARLF_TTL "30d" extern int var_psc_barlf_ttl; #define VAR_PSC_BLIST_ACTION "postscreen_blacklist_action" #define DEF_PSC_BLIST_ACTION "ignore" #define VAR_PSC_DNLIST_ACTION "postscreen_denylist_action" #define DEF_PSC_DNLIST_ACTION \ "${" VAR_PSC_BLIST_ACTION "?{$" VAR_PSC_BLIST_ACTION "}:{" DEF_PSC_BLIST_ACTION "}}" extern char *var_psc_dnlist_nets; #define VAR_PSC_CMD_COUNT "postscreen_command_count_limit" #define DEF_PSC_CMD_COUNT 20 extern int var_psc_cmd_count; #define VAR_PSC_CMD_TIME "postscreen_command_time_limit" #define DEF_PSC_CMD_TIME DEF_SMTPD_TMOUT extern int var_psc_cmd_time; #define VAR_PSC_WATCHDOG "postscreen_watchdog_timeout" #define DEF_PSC_WATCHDOG "10s" extern int var_psc_watchdog; #define VAR_PSC_EHLO_DIS_WORDS "postscreen_discard_ehlo_keywords" #define DEF_PSC_EHLO_DIS_WORDS "$" VAR_SMTPD_EHLO_DIS_WORDS extern char *var_psc_ehlo_dis_words; #define VAR_PSC_EHLO_DIS_MAPS "postscreen_discard_ehlo_keyword_address_maps" #define DEF_PSC_EHLO_DIS_MAPS "$" VAR_SMTPD_EHLO_DIS_MAPS extern char *var_psc_ehlo_dis_maps; #define VAR_PSC_TLS_LEVEL "postscreen_tls_security_level" #define DEF_PSC_TLS_LEVEL "$" VAR_SMTPD_TLS_LEVEL extern char *var_psc_tls_level; #define VAR_PSC_USE_TLS "postscreen_use_tls" #define DEF_PSC_USE_TLS "$" VAR_SMTPD_USE_TLS extern bool var_psc_use_tls; #define VAR_PSC_ENFORCE_TLS "postscreen_enforce_tls" #define DEF_PSC_ENFORCE_TLS "$" VAR_SMTPD_ENFORCE_TLS extern bool var_psc_enforce_tls; #define VAR_PSC_FORBID_CMDS "postscreen_forbidden_commands" #define DEF_PSC_FORBID_CMDS "$" VAR_SMTPD_FORBID_CMDS extern char *var_psc_forbid_cmds; #define VAR_PSC_HELO_REQUIRED "postscreen_helo_required" #define DEF_PSC_HELO_REQUIRED "$" VAR_HELO_REQUIRED extern bool var_psc_helo_required; #define VAR_PSC_DISABLE_VRFY "postscreen_disable_vrfy_command" #define DEF_PSC_DISABLE_VRFY "$" VAR_DISABLE_VRFY_CMD extern bool var_psc_disable_vrfy; #define VAR_PSC_CCONN_LIMIT "postscreen_client_connection_count_limit" #define DEF_PSC_CCONN_LIMIT "$" VAR_SMTPD_CCONN_LIMIT extern int var_psc_cconn_limit; #define VAR_PSC_REJ_FOOTER "postscreen_reject_footer" #define DEF_PSC_REJ_FOOTER "$" VAR_SMTPD_REJ_FOOTER extern char *var_psc_rej_footer; #define VAR_PSC_REJ_FTR_MAPS "postscreen_reject_footer_maps" #define DEF_PSC_REJ_FTR_MAPS "$" VAR_SMTPD_REJ_FTR_MAPS extern char *var_psc_rej_ftr_maps; #define VAR_PSC_EXP_FILTER "postscreen_expansion_filter" #define DEF_PSC_EXP_FILTER "$" VAR_SMTPD_EXP_FILTER extern char *var_psc_exp_filter; #define VAR_PSC_CMD_FILTER "postscreen_command_filter" #define DEF_PSC_CMD_FILTER "" extern char *var_psc_cmd_filter; #define VAR_PSC_ACL "postscreen_access_list" #define DEF_PSC_ACL SERVER_ACL_NAME_WL_MYNETWORKS extern char *var_psc_acl; #define VAR_PSC_WLIST_IF "postscreen_whitelist_interfaces" #define DEF_PSC_WLIST_IF "static:all" #define VAR_PSC_ALLIST_IF "postscreen_allowlist_interfaces" #define DEF_PSC_ALLIST_IF \ "${" VAR_PSC_WLIST_IF "?{$" VAR_PSC_WLIST_IF "}:{" DEF_PSC_WLIST_IF "}}" extern char *var_psc_allist_if; #define NOPROXY_PROTO_NAME "" #define VAR_PSC_UPROXY_PROTO "postscreen_upstream_proxy_protocol" #define DEF_PSC_UPROXY_PROTO NOPROXY_PROTO_NAME extern char *var_psc_uproxy_proto; #define VAR_PSC_UPROXY_TMOUT "postscreen_upstream_proxy_timeout" #define DEF_PSC_UPROXY_TMOUT "5s" extern int var_psc_uproxy_tmout; #define VAR_RESPECTFUL_LOGGING "respectful_logging" #define DEF_RESPECTFUL_LOGGING \ "${{$compatibility_level}