dnl #################################################################### dnl LINUX dnl #################################################################### define(`confCC', `gcc') define(`confOPTIMIZE',`-g -fdiagnostics-color=always -O3 -m64 -march=sandybridge -I/export/scratch/elkner/build/root4build/usr/include') define(`confDEPEND_TYPE',`CC-M') APPENDDEF(`conf_sendmail_ENVDEF', `-DVENDOR_DEFAULT=VENDOR_SUN') define(`confLIBSEARCH', `') dnl No auto search, we specify them explictly define(`confLIBSEARCHPATH', `/export/scratch/elkner/build/root4build/usr/lib/x86_64-linux-gnu /usr/lib') define(`confLIBDIRS', `-L/export/scratch/elkner/build/root4build/usr/lib/x86_64-linux-gnu') define(`confLIBS', `') dnl PREPENDDEF(`confLIBS', `-lpthread') APPENDDEF(`confLDOPTS',`-m64 -march=nocona -zdefs') APPENDDEF(`confLDOPTS_SO', `-ztext') APPENDDEF(`confLDOPTS_SO', `-znoexecstack') APPENDDEF(`confLDOPTS', ifelse(bldSRC_NAME, `libmilter', `', `') ) APPENDDEF(`conf_sendmail_LIBS', `') PREPENDDEF(`confINCDIRS', `-I/export/scratch/elkner/build/root4build/usr/include -I/export/scratch/elkner/build/root4build/usr/include/sasl2') dnl PREPENDDEF(`confINCDIRS', `-I/export/scratch/elkner/build/root4build/usr/include/db4') APPENDDEF(`confENVDEF', `-DUSE_VENDOR_CF_PATH -D_FILE_OFFSET_BITS=64')dnl -W0,-xglobalstatic') dnl On Linux Berkeley DB 5.x (and probably later) file locking and sm locking dnl via fcntl() does not work properly. So need to use flock() instead. dnl However, sm also claims, that "flock(2) is broken (again) after 2.4.0" and dnl defaults it to 0 on Linux =8-(. dnl mail.local use maillock() which is similar to dotlock. APPENDDEF(`confENVDEF', `-DHASFLOCK=1') APPENDDEF(`confENVDEF', `-DNETINET6') dnl Get IP source routing information displayed in the Received: header. dnl But source-routed TCP connections may either refuse to open or open and dnl hang for no apparent reason/firewalls. So watch out and disable if needed. APPENDDEF(`conf_sendmail_ENVDEF',`-DIP_SRCROUTE=1') dnl Use getusershell() to read /etc/shells - disabled for linux by default APPENDDEF(`conf_sendmail_ENVDEF',`-DHASGETUSERSHELL') dnl On Linux seteuid(2) wraps setresuid(2) anyway and is said to fail sometimes. dnl APPENDDEF(`conf_sendmail_ENVDEF',`-DUSESETEUID') dnl Set the default value for UseCompressedIPv6Addresses. 0 => compressed, 1 not APPENDDEF(`conf_sendmail_ENVDEF', `-DIPV6_FULL=0') # additional features dnl Put the "real" sender address given via MAIL FROM: into the sendmail dnl macro {mail_from} aka $f (useful for milter) by default. Thus one does not dnl need to explicitly -D_FFR_MAIL_MACRO when the *.cf file gets generated - dnl specifying it anyway just introduces some overhead. APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_MAIL_MACRO') dnl Allow Local daemon mode (-bl) which only accepts loopback connections APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_LOCAL_DAEMON') dnl Allow to set BadRcptThrottleDelay != 1 for rejected RCPTs per SMTP message APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_RCPTTHROTDELAY') dnl Shut down connection (421) if there are too many bad RCPTs APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_BADRCPT_SHUTDOWN') dnl log protocol stage for delivery problems (since 8.17.2) APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_LOG_STAGE') dnl Allow FIPS mode (1024bit RSA keys instead of 512bit). Does not work on S11 dnl APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_FIPSMODE') dnl Allow to set LDAP_OPT_NETWORK_TIMEOUT if available (-c) dnl @since 8.16.1: not _FFR anymore - automagically set if LDAPMAP is used. dnl APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_LDAP_NETWORK_TIMEOUT') dnl Make {queue} macro available. APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_QUEUE_MACRO') # Enable sun extensions APPENDDEF(`conf_sendmail_ENVDEF', `-DSUN_EXTENSIONS') dnl Use libnsl's getdomainname() to get the NIS domain for constructing a dnl FQHN [of the server on startup] if a 'hosts:' name service returned an dnl unqualified hostname (i.e. no dots). APPENDDEF(`conf_sendmail_ENVDEF', `-DSUN_INIT_DOMAIN') dnl The following sun extensions are not supported anymore dnl -DSUN_LOOKUP_MACRO aka sendmail vars lookup dnl -DREMOTE_MODE aka forward mail to the host, from which /var/mail is mounted dnl -DSUN_DEFAULT_VALUES aka sun_pre_defaults() and sun_post_defaults() hooks # db mapping dnl Solaris default is: define(`confMAPDEF',`-DNDBM -DNIS -DMAP_REGEX') dnl Linux default is: "" # Linux wants MAP_REGEX explicitly APPENDDEF(`confMAPDEF', `-DMAP_REGEX') # Berkeley DB support dnl Hmmm: dueto stupid IPS packaging this pulls in C++ runtime (which is dnl actually not needed at all) APPENDDEF(`confMAPDEF', `-DNEWDB') APPENDDEF(`conf_sendmail_LIB_POST', `-ldb') APPENDDEF(`conf_editmap_LIB_POST', `-ldb') APPENDDEF(`conf_makemap_LIB_POST', `-ldb') APPENDDEF(`conf_vacation_LIB_POST', `-ldb') APPENDDEF(`conf_praliases_LIB_POST', `-ldb') # LDAP support APPENDDEF(`confMAPDEF', `-DLDAPMAP') # Allow the -R flag for LDAP map lookups (do not auto chase referrals) APPENDDEF(`conf_sendmail_ENVDEF', `-DLDAP_REFERRALS') dnl If SUN_EXTENSIONS and SUN_SIMPLIFIED_LDAP are defined, sendmail will use the dnl system's ldap library (libsldap) to lookup aliases and thus use dnl automatically the relevant ldap settings (SSD, ldapserver, connection dnl sharing, etc.) of the system. dnl Otherwise (or if the *.cf does not contain the V10/Sun marker - the relevant dnl part is '/Sun'), the default ldap_search() from libldap and related dnl functions will be used and one may need to explicitly specify, how to dnl lookup aliases. E.g. "define(`ALIAS_FILE', `ldap:-k (&(objectClass=mailGroup)(mail=%0)) -v mgrpRFC822MailMember')" should usually work. dnl For non-Solaris environments the sendmail build system ignores this. APPENDDEF(`conf_sendmail_ENVDEF', `-DSUN_SIMPLIFIED_LDAP') APPENDDEF(`conf_sendmail_LIB_POST', `-lldap -llber') APPENDDEF(`conf_editmap_LIB_POST', `-lldap') APPENDDEF(`conf_mail_local_LIB_POST', `-lldap') APPENDDEF(`conf_mailstats_LIB_POST', `-lldap') APPENDDEF(`conf_makemap_LIB_POST', `-lldap') APPENDDEF(`conf_rmail_LIB_POST', `-lldap') APPENDDEF(`conf_smrsh_LIB_POST', `-lldap') APPENDDEF(`conf_vacation_LIB_POST', `-lldap') APPENDDEF(`conf_praliases_LIB_POST', `-lldap') # Enables SMTP STARTTLS (RFC 2487). This requires OpenSSL APPENDDEF(`conf_sendmail_ENVDEF', `-DSTARTTLS') APPENDDEF(`conf_sendmail_LIB_POST', `-lssl -lcrypto') dnl Allow more STARTTLS options, e.g., secondary certs. APPENDDEF(`conf_sendmail_ENVDEF', `-D_FFR_TLS_1') dnl Enable the use of elliptic curve cryptography in STARTTLS (since 8.16.1) dnl Using 2 because EC_KEY_new_by_curve_name() is deprecated since OpenSSL 3.0 APPENDDEF(`conf_sendmail_ENVDEF', `-DTLS_EC=2') # check with "telnet localhost 25" and issue a "EHLO localhost" and see # whether 250-STARTTLS is in the response. Otherwise run with -O LogLevel=14 # and try again... # All certs (pem files) should be owned by root and must have mode 0600 !!! define(`confCACERT_PATH', `/etc/mail/certs/') define(`confCACERT', `/etc/mail/certs/CA.cert.pem') define(`confSERVER_CERT', `/etc/mail/certs/my.cert.pem') define(`confSERVER_KEY', `/etc/mail/certs/my.key.pem') # enable SASL - requires TLS APPENDDEF(`confINCDIRS', `-I/export/scratch/elkner/build/root4build/usr/include/sasl') APPENDDEF(`conf_sendmail_ENVDEF', `-DSASL=2') APPENDDEF(`conf_sendmail_LIB_POST', `-lsasl2') # res_querydomain APPENDDEF(`conf_sendmail_LIB_POST', `-lresolv') # Turn on support for external filters using the Milter API. define(`confMTLDOPTS', `') dnl -lpthread not needed on Solaris APPENDDEF(`conf_sendmail_ENVDEF', `-DMILTER') APPENDDEF(`conf_libmilter_ENVDEF', `-D_FFR_MILTER_ROOT_UNSAFE -D_REENTRANT') APPENDDEF(`conf_libmilter_LIB_POST', `-lpthread') # The Mail Submission Program queue directory. define(`confMSP_QUEUE_DIR', `/var/spool/clientmqueue') # Location of the sendmail helpfile. define(`confHFDIR', `/etc/mail') # Name of the installed helpfile. define(`confHFFILE', `helpfile') # sendmail statistics file definitions. define(`confSTDIR', `/var/log') define(`confSTFILE', `sendmail.st') define(`confSTMODE', `0644') # mail.local dnl On Linux use maillock(3) from lib instead of sm's own implementation of it. dnl So for dovecot make sure that dotlock is enabled (mutt does dotlock, too). APPENDDEF(`conf_mail_local_ENVDEF', `-DMAILLOCK') APPENDDEF(`conf_mail_local_LIB_POST', `-llockfile') PREPENDDEF(`conf_mail_local_LIB_POST', `-lresolv') dnl Generate content-length header APPENDDEF(`conf_mail_local_ENVDEF', `-DCONTENTLENGTH') dnl chgrp mail inbox; chmod g+w inbox if option -G is given APPENDDEF(`conf_mail_local_ENVDEF', `-DMAILGID=6') dnl Allow to specify an alternate mail spool path via -p ... APPENDDEF(`conf_mail_local_ENVDEF', `-D_FFR_SPOOL_PATH') # smrsh : directory in which all commands must reside APPENDDEF(`conf_smrsh_ENVDEF',`-DSMRSH_CMDDIR=\"/var/adm/sm.bin\"') APPENDDEF(`conf_smrsh_ENVDEF',`-DSMRSH_PATH=\"/usr/bin\"') # mconnect dnl PREPENDDEF(`conf_mconnect_LIBS', `-lsocket -lnsl') # we want the real man pages only define(`confNROFF', `cat') define(`confMANDOC', ` ') # BSD like define(`confMANROOT', `/usr/share/man/man') define(`confMAN5', `5') define(`confMAN5EXT', `5') define(`confMAN8', `8') define(`confMAN8EXT', `8') # avoid "not root" warnings - our Build.sh takes care of it ... define(`confNO_STATISTICS_INSTALL',`1') dnl define(`confFORCE_RMAIL', `true') # use shared memory dnl APPENDDEF(`confENVDEF', `-DSM_CONF_SH') # -r-xr-sr-x root smmsp ... /PATH/TO/sendmail # drwxrwx--- smmsp smmsp ... /var/spool/clientmqueue # drwx------ root bin ... /var/spool/mqueue # -r--r--r-- root bin ... /etc/mail/sendmail.cf # -r--r--r-- root bin ... /etc/mail/submit.cf # user binary ownership/permissions dnl define(`confUBINOWN', `bin') dnl define(`confUBINGRP', `bin') dnl define(`confUBINMODE', `555') # Setuid binary ownership/permissions dnl define(`confSBINOWN', `root') dnl define(`confSBINGRP', `bin') dnl define(`confSBINMODE', `4555') # Setgid binary ownership/permissions dnl define(`confGBINOWN', `root') dnl define(`confGBINGRP', `smmsp') dnl define(`confGBINMODE', `2555') # The owner of the Mail Submission Program queue. dnl define(`confMSPQOWN', `smmsp') # Mail Transfer Agent binary ownership/permissions dnl define(`confMBINOWN', `root') dnl define(`confMBINGRP', `bin') dnl define(`confMBINMODE', `550') # Library ownership/permissions dnl define(`confLIBOWN', `root') dnl define(`confLIBGRP', `bin') dnl define(`confLIBMODE', `0444') # Include file ownership/permissions dnl define(`confINCOWN', `root') dnl define(`confINCGRP', `bin') dnl define(`confINCMODE', `0444')