There is only one useful table in this chapter, which covers policy rule sets.
Beginning with V8.8, sendmail
calls special
rule
sets internally to determine its behavior. These are called the
policy rule sets and are used for such varied
tasks as setting spam-handling, setting policy, or validating the
conditions when ETRN should be allowed (to mention just a few). Table 19-2 shows the complete list of these policy rule
sets.
Table 19-2. The policy rule sets
Rule set |
sendmail text reference |
Hook |
Description |
---|---|---|---|
|
10.9.3.2[3ed] |
None |
Handle |
|
7.1.4[3ed] |
See discussion following the table |
Validate just before delivery |
|
19.9.1[3ed] |
None needed |
Check just after DATA |
|
25.5.3[3ed] |
None needed |
Validate after headers are read |
|
19.9.2[3ed] |
None needed |
Allow or disallow ETRN |
|
19.9.3[3ed] |
None needed |
Validate EXPN |
|
7.1.2[3ed] |
|
Validate the envelope-sender address |
|
7.1.3[3ed] |
|
Validate the envelope-recipient address |
|
7.1.1[3ed] |
|
Validate incoming network connections |
|
19.9.3[3ed] |
None needed |
Validate VRFY |
|
11.4.5[3ed] |
See discussion following the table |
Select a queue group |
|
19.1.3[3ed] |
None needed |
Tune server setting based on connection information |
|
10.10.8.2[3ed] |
|
With the access database, validate inbound STARTTLS or MAIL FROM SMTP command |
|
10.10.8.3[3ed] |
|
Validate a server’s credentials based on the recipient address |
|
10.10.8.2[3ed] |
|
Possibly with the access database, validate the inbound and outbound connections |
|
10.9.4[3ed] |
|
Validate that a client’s authentication identifier
( |
|
10.10.8.4[3ed] |
|
Disable STARTTLS for selected outbound connected-to hosts |
|
25.5[3ed] |
N/A |
Reject, discard, or accept a message based on a header’s value |
Note that some of these rule sets are omitted from your configuration file by default. For those, no hook is needed. Instead, you merely declare the rule set in your mc file and give it the appropriate rules:
LOCAL_RULESETS
Scheck_vrfy
... your rules here
Those with a Local_
hook, as shown in the table,
are declared by default in your configuration file. To use them
yourself, you need only declare them with the
Local_
hook indicated:
LOCAL_RULESETS
SLocal_check_rcpt
... your rules here
Those with a LOCAL_
hook, as shown in the table,
are declared directly with that hook, so there is no need to precede
the hook with LOCAL_RULESETS
. For example:
LOCAL_TRY_TLS
... your rules here
The two exceptions are the check_compat
and
queuegroup
rule sets. Each of these is
automatically declared when you use the corresponding
check_compat
or queuegroup
feature, but not declared if you don’t use that
feature.
All of these rule sets are handled in the same manner. If the rule
set does not exist, the action is permitted. If the rule set returns
anything other than a #error
or a
#discard
delivery agent, the message, identity, or
action is accepted for that rule set (although it can still be
rejected or discarded by another rule set).[24] Otherwise, the
#error
delivery agent causes the message,
identity, or action to be rejected (20.4.4[3ed]) or quarantined
(Section 11.1.2.6
[V8.13]), and
the #discard
delivery agent causes the message to
be accepted, then discarded (20.4.3[3ed]).
52.90.227.42