Defined macros allow
strings of text to be represented
symbolically inside a sendmail
configuration
file.
The behavior and use of most defined macros has not changed in V8.13. However, the values in two have changed, and eight new macros have been added:
Two existing macros, ${auth_author}
and
${auth_authen}
, now
have their
values stored in xtext
format (Section 21.1.1
[V8.13]).
The new macro ${client_connections}
holds the
current number of connections to the
listening server (Section 21.1.2
[V8.13]).
The new macro ${client_ptr}
holds the
result of a PTR lookup of the connecting
hosts IP address (Section 21.1.3
[V8.13]).
The new macro ${client_rate}
holds the number
of inbound connections to the listening
server over a specified interval (Section 21.1.4
[V8.13]).
The new macro ${msg_id}
holds the value
of the
current Message-Id
: header (Section 21.1.5
[V8.13]).
The new macro ${nbadrcpts}
holds the
number of envelope recipients for the
current envelope that were not accepted (Section 21.1.6
[V8.13]).
The new macro ${quarantine}
holds the
reason an envelope has been quarantined
(Section 21.1.7
[V8.13]).
The new macro ${time}
holds the current
time in
seconds (Section 21.1.8
[V8.13]).
The new macro ${total_rate}
holds the
total number of inbound connections to the
listening server over a specified interval (Section 21.1.9
[V8.13]).
Some macros are assigned values from text that is supplied by outside connecting hosts, but such text cannot necessarily be trusted for use in rule sets or as keys in database-map lookups.
To protect itself, sendmail
modifies this text
by replacing each whitespace character (space or tab), nonprintable
character (such as a newline or control character), and any of the
following special characters with its corresponding hexadecimal value
(based on US ASCII), where each new hexadecimal value is prefixed
with a plus character.
< > ( ) " +
This is called xtext
encoding (defined in RFC1891).
Beginning with V8.13, the values for the
${auth_author}
and
${auth_authen}
macros are also
xtext
encoded before being placed into those
macros.
When a host connects to the
listening sendmail
server, that server forks a child copy of itself to handle the new
connection. Before forking, the server increments the connection
count associated with the IP number of the connecting client. When
the forked child finishes and exits, the server decrements that
count.
Beginning with V8.13 sendmail
, the
${client_connections}
macro holds that count as
its value, making it available for you to use in rule sets.
With V8.13, if you declare the conncontrol
feature
(Section 4.1.8
[V8.13]), a
rule set called ConnControl
that looks up the
current IP address in the access
database will
be added to your configuration file. The source text file for the
access
database may contain that address with a
literal ClientConn
: prefix—for example:
ClientConn:123.45.67.89 12
Note that the literal prefix is followed by the IP number to look up, tabs or spaces,[27] and lastly the limit to impose for the maximum number of connections for that IP number.
If the number of connections (as stored in this
${client_connections}
macro) exceed the limit
imposed inside the access
database, the new
connection is rejected with the following error:
452 4.3.2 Too many open connections.
When a client host connects to
the
listening sendmail
server, that server knows the
IP number of the connecting client but not its hostname. To find the
hostname, sendmail
performs a reverse-lookup to
find a PTR record that contains the host’s name.
Beginning with V8.13, the result of that lookup (the hostname) is
stored in the ${client_ptr}
macro.
Note that if (and only if) the ${client_resolve}
macro (21.9.22[3ed]) contains a literal
OK
, this ${client_ptr}
macro
will hold the same value as the ${client_name}
macro (21.9.20[3ed]).
When a host connects to
the
listening sendmail
server, the server forks a
child to handle the new connection. Before forking, the server
increments the connection count associated with the IP number of the
connecting client. The rate of connections is then updated inside a
window of time defined by the
ConnectionRateWindowSize
option (see Section 24.1.13
[V8.13]), which
defaults to 60 seconds.
Beginning with V8.13 sendmail
, the
${client_rate}
macro holds that count as its
value, making it available for you to use in rule sets.
With V8.13, if you declare the ratecontrol
feature
(Section 4.1.7
[V8.13]), a
rule set called RateControl
will be added to your
configuration file, which looks up the current IP address in the
access
database. The source text file for the
access database may contain that address with a literal
ClientRate
: prefix—for example:
ClientRate:123.45.67.89 4
Note that the literal prefix is followed by the IP number to look up, tabs or spaces,[28] and lastly by the limit to impose for the maximum connection rate for that IP number.
If the current rate (as stored in this
${client_rate}
macro) exceeds the limit imposed
inside the access database, the new connection
is rejected with the following error:
452 4.3.2 Connection rate limit exceeded.
If you are interested in knowing the total rate of connections for
all clients, see the ${total_rate}
macro (Section 21.1.9
[V8.13]).
The Message-Id
: header (25.12.23[3ed]) is used to
uniquely
identify each mail message. It must be declared in the configuration
file. Its field must be an expression in the syntax of a legal
address enclosed in angle brackets (< and >), and it must be
composed of elements that create an identifier that is truly unique
worldwide.
Beginning with V8.13, when sendmail
finds a
Message-Id
: header in the current message, it
assigns the value for that header to this
${msg_id}
macro. If sendmail
finds no Message-Id
: header, it creates one and
assigns that new value to this ${msg_id}
macro.
If a Message-Id
: header appears in the original
inbound message, its value can be made available to rule sets by
using the H
configuration command
(25.5[3ed]) and to Milters using an
xxfi_header
( ) routine. But if
sendmail
creates the
Message-Id
: header, its value can only be made
available by using this ${msg_id}
macro.
When sendmail
receives an SMTP RCPT TO: command,
it
examines the recipient address contained
in that command, accepts known local recipients, and rejects other
recipients. If relaying is enabled for selected hosts, envelope
recipients addressed to those hosts are also allowed. If the address
is disallowed, it is rejected by sendmail and
neither rule sets nor Milters ever see it.
Beginning with V8.13 sendmail
, if knowing the
number of rejected recipients for a given envelope is important to
you, you may access that number using this
${nbadrcpts}
macro.
If used in rule sets, the ${nbadrcpts}
macro will
only contain a true total after all envelope recipients have been
processed. Thus, a good place to use it might be in the
check_data
rule set
(19.9.1[3ed]), because it is called just
after the SMTP DATA command is received, but before that command is
acknowledged (after all recipients have been processed):
LOCAL_RULESETS Scheck_data R $* $: $&{nbadrcpts} R $+ $: $(arith l $@ $1 $@ 25 $) R FALSE $# error $@ 5.1.2 $: "553 Too many bad recipients"
Here, under the LOCAL_RULESETS
portion of your
mc
configuration file, you first declare the
check_data
rule set, which contains three rules.
The first rule simply matches anything on the LHS (the
$*
) and places the value of this
${nbadrcpts}
macro into the workspace. The second
rule compares that value (using the arith
database-map; see 23.7.1[3ed]) to the
literal value 25. If the test fails (if there are 25 or more bad
envelope recipients causing the second rule to return
FALSE
in the workspace), the message is rejected
using the third rule.
This ${nbadrcpts}
macro can also be used by
Milters, but it is only reliable if you fetch its value after all
envelope recipients have been processed. You may add this macro to
those passed to your Milter with a line such as the following in your
mc configuration file:
define(`confMILTER_MACROS_EOM´, confMILTER_MACROS_EOM``, {nbadrcpts}´Â´)
Note that the double half quotes are necessary because the second
argument to the define
command contains a comma.
This line in your mc
configuration file makes
the ${nbadrcpts}
macro available to your Milters
after the entire envelope has been processed, but before the final
dot has been acknowledged.
V8.13 introduced queue quarantining (Section 11.1.2[V8.13]), the process by which envelopes in the queue are marked as being ineligible for delivery. Such quarantined envelopes may then be reviewed manually or automatically.
When a message is quarantined, the reason it was quarantined is
stored as the value of this ${quarantine}
macro.
When it is later read from the queue, the value of the queue
file’s q
line (Section 11.1.5
[V8.13]) is again
copied into this ${quarantine}
macro.
The ${quarantine}
macro can be used to detect
whether a message has been quarantined.
The C-language time(3) routine returns an integer value (type
time_t
) that represents the
current time as the number of seconds since the start (00:00:00) of
January 1, 1970. This current time is instantiated at three different
moments as sendmail
processes envelopes:
Just after a connection to the server has been accepted, but before the SMTP conversation begins
Just as the queue’s qf
file is
being read
Just as a new envelope is being created to handle bounced email
At these moments, an ASCII representation of the current number of
seconds is placed into the ${time}
macro. At the
same moment, the following other macros are also given the current
time but in different formats:
$b
holds the current time in RFC2822 format
$d
holds the current time in Unix
ctime(3) format
$t
holds the current time to the minute in the
format YYYYMMDDhhmm
Although the ${time}
macro is not used in the
standard configuration file, it is available for your use in rule
sets of your own design. It can, for example, be useful to enforce a
timeout on entries when using POP before relay.
When a host connects to the listening sendmail server, that server forks a child copy of itself to handle the connection. Before forking, the server increments the connection count associated with all connections. That count is then used to update the total rate of all connections.
The rate is measured over an interval defined by the
ConnectionRateWindowSize
option (see Section 24.1.13
[V8.13]), which
defaults to 60 seconds. This total rate differs from the client rate
in that it is the rate for all connections
rather than the rate for a particular client address.
The ${total_rate}
macro is not used in the
standard configuration file but is available for your use in rule
sets of your own design.
If you are interested in knowing the rate of connections from
individual clients, see the ${client_rate}
macro
(Section 21.1.4
[V8.13]).
3.147.89.85