This commit was generated by cvs2svn to compensate for changes in r71345,

which included commits to RCS files with non-trunk default branches.

6 files changed, 102 insertions, 54 deletions

diff --git a/contrib/sendmail/cf/README b/contrib/sendmail/cf/README
index 971140e..c8ad901 100644
--- a/contrib/sendmail/cf/README
+++ b/contrib/sendmail/cf/README
@@ -7,7 +7,7 @@ requires a post-V7 version of m4; if you are running the 4.2bsd, SysV.2, or
 GNU m4 version 1.1 or later also works.  Unfortunately, the M4 on BSDI 1.0
 doesn't work -- you'll have to use a Net/2 or GNU version.  GNU m4 is
 available from ftp://ftp.gnu.org/pub/gnu/m4/m4-1.4.tar.gz (check for the
-latset version).  EXCEPTIONS: DEC's m4 on Digital UNIX 4.x is broken (3.x
+latest version).  EXCEPTIONS: DEC's m4 on Digital UNIX 4.x is broken (3.x
 is fine).  Use GNU m4 on this platform.
 
 To get started, you may want to look at tcpproto.mc (for TCP-only sites),
@@ -426,13 +426,16 @@ DECNET_RELAY	The host that will accept DECNET-addressed email.
 		of the form node::user will not work.
 FAX_RELAY	The host that will accept mail to the .FAX pseudo-domain.
 		The "fax" mailer overrides this value.
-LOCAL_RELAY	DEPRECATED.  The site that will handle unqualified
-		names -- that is, names with out an @domain extension.
-		If not set, they are assumed to belong on this machine.
-		This allows you to have a central site to store a
-		company- or department-wide alias database.  This
-		only works at small sites, and only with some user
-		agents.
+LOCAL_RELAY	The site that will handle unqualified names -- that
+		is, names with out an @domain extension.
+		Normally MAIL_HUB is preferred for this function.
+		LOCAL_RELAY is mostly useful in conjunction with
+		FEATURE(stickyhost) -- see the discussion of
+		stickyhost below.  If not set, they are assumed to
+		belong on this machine.  This allows you to have a
+		central site to store a company- or department-wide
+		alias database.  This only works at small sites,
+		and only with some user agents.
 LUSER_RELAY	The site that will handle lusers -- that is, apparently
 		local names that aren't local accounts or aliases.  To
 		specify a local user instead of a site, set this to
@@ -513,7 +516,7 @@ usenet		Usenet (network news) delivery.  If this is specified,
 
 fax		Facsimile transmission.  This is experimental and based
 		on Sam Leffler's HylaFAX software.  For more information,
-		see http://www.vix.com/hylafax/.
+		see http://www.hylafax.org/.
 
 pop		Post Office Protocol.
 
@@ -623,8 +626,10 @@ nouucp		Don't route UUCP addresses.  This feature takes one
 		given as parameter.
 
 nocanonify	Don't pass addresses to $[ ... $] for canonification
-		by default.  It can be changed by setting the
-		DaemonPortOptions modifiers (M=).  That is,
+		by default, i.e., host/domain names are considered canonical,
+		except for unqualified names, which must not be used in this
+		mode (violation of the standard).  It can be changed by
+		setting the DaemonPortOptions modifiers (M=).  That is,
 		FEATURE(`nocanonify') will be overridden by setting the
 		'c' flag.  Conversely, if FEATURE(`nocanonify') is not used,
 		it can be emulated by setting the 'C' flag
@@ -656,14 +661,22 @@ nocanonify	Don't pass addresses to $[ ... $] for canonification
 		<user@host>, will be canonified (and hopefully fully
 		qualified), too.
 
-stickyhost	If set, email sent to "user@local.host" are marked
-		as "sticky" -- that is, the local addresses aren't
-		matched against UDB and don't go through ruleset 5.
-		This is used if you want a set up where "user" is
-		not necessarily the same as "user@local.host", e.g.,
-		to make a distinct domain-wide namespace.  Prior to
-		8.7 this was the default, and notsticky was used to
-		turn this off.
+stickyhost	This feature is sometimes used with LOCAL_RELAY,
+		although it can be used for a different effect with
+		MAIL_HUB.
+
+		When used with without MAIL_HUB, email sent to
+		"user@local.host" are marked as "sticky" -- that
+		is, the local addresses aren't matched against UDB,
+		don't go through ruleset 5, and are not forwarded to
+		the LOCAL_RELAY (if defined).
+
+		With MAIL_HUB, mail addressed to "user@local.host"
+		is forwarded to the mail hub, with the envelope
+		address still remaining "user@local.host".
+		Without stickyhost, the envelope would be changed
+		to "user@mail_hub", in order to protect against
+		mailing loops.
 
 mailertable	Include a "mailer table" which can be used to override
 		routing for particular domains (which are not in class {w},
@@ -1064,6 +1077,12 @@ blacklist_recipients
 		described in the anti-spam configuration control section
 		later in this document.
 
+delay_checks	The rulesets check_mail and check_relay will not be called
+		when a client connects or issues a MAIL command, respectively.
+		Instead, those rulesets will be called by the check_rcpt
+		ruleset; they will be skipped under certain circumstances.
+		See "Delay all checks" in "ANTI-SPAM CONFIGURATION CONTROL".
+
 rbl		This feature is deprecated! Please use dnsbl instead.
 		Turns on rejection of hosts found in the Realtime Blackhole
 		List.  If an argument is provided it is used as the domain
@@ -1074,13 +1093,13 @@ rbl		This feature is deprecated! Please use dnsbl instead.
 dnsbl		Turns on rejection of hosts found in an DNS based rejection
 		list.  If an argument is provided it is used as the domain
 		in which blocked hosts are listed; otherwise it defaults to
-		rbl.maps.vix.com.  An explanation for an DNS based rejection
-		list can be found http://maps.vix.com/rbl/.  A second argument
-		can be used to change the default error message of
-		Mail from $&{client_addr} refused by blackhole site SERVER
-		where SERVER is replaced by the first argument.  This feature
-		can be included several times to query different DNS based
-		rejection lists.
+		blackholes.mail-abuse.org.  An explanation for an DNS based
+		rejection list can be found http://mail-abuse.org/rbl/.  A
+		second argument can be used to change the default error
+		message of Mail from $&{client_addr} refused by blackhole site
+		SERVER where SERVER is replaced by the first argument.  This
+		feature can be included several times to query different DNS
+		based rejection lists.
 
 loose_relay_check
 		Normally, if % addressing is used for a recipient, e.g.
@@ -1706,12 +1725,10 @@ The value part of the map can contain:
 	REJECT		Reject the sender or recipient with a general
 			purpose message.
 	DISCARD		Discard the message completely using the
-			$#discard mailer.  For sender addresses it
-			indicates that you should discard anything
-			received from the indicated domain.  If it
-			is used for recipients, it affects only
-			the designated recipients, not the whole
-			message.
+			$#discard mailer.  If it is used in check_compat,
+			it affects only the designated recipient, not
+			the whole message as it does in all other cases.
+			This should only be used if really necessary.
 	### any text	where ### is an RFC 821 compliant error code and
 			"any text" is a message to return for the command.
 			The string should be quoted to avoid surprises,
@@ -1803,11 +1820,14 @@ spammers.  To use this database, use
 This will cause sendmail to reject mail from any site in the
 Realtime Blackhole List database.  You can specify an alternative
 RBL domain to check by specifying an argument to the FEATURE.
-A second argument can be used to change the default error message
-Mail from $&{client_addr} refused by blackhole site DOMAIN
-where DOMAIN is replaced by the first argument.  This FEATURE can
-be included several times to query different DNS based rejection
-lists, e.g., the dial-up user list (see http://maps.vix.com/dul/).
+The default error message is
+
+	Mail from $&{client_addr} refused by blackhole site DOMAIN
+
+where DOMAIN is the first argument of the feature.  A second argument
+can be used to specify a different text.  This FEATURE can be
+included several times to query different DNS based rejection lists,
+e.g., the dial-up user list (see http://maps.vix.com/dul/).
 
 The features described above make use of the check_relay, check_mail,
 and check_rcpt rulesets.  If you wish to include your own checks,
@@ -2134,6 +2154,8 @@ parameter if it is identical to the authenticated user.
 Per default, relaying is allowed for any user who authenticated
 via a "trusted" mechanism, i.e., one that is defined via
 TRUST_AUTH_MECH(`list of mechanisms')
+For example:
+TRUST_AUTH_MECH(`KERBEROS_V4 DIGEST-MD5')
 
 If the selected mechanism provides a security layer the number of
 bits used for the key of the symmetric cipher is stored in the
@@ -2157,9 +2179,9 @@ LOCAL_RULESETS respectively.  For example:
 
 
 #if _FFR_MILTER
-+---------------------------+
-| ADDING NEW MAILER FILTERS |
-+---------------------------+
++-------------------------+
+| ADDING NEW MAIL FILTERS |
++-------------------------+
 
 Sendmail supports mail filters to filter incoming SMTP messages according
 to the "Sendmail Mail Filter API" documentation.  These filters can be
@@ -2756,7 +2778,7 @@ confMAX_DAEMON_CHILDREN	MaxDaemonChildren
 					rejected.  If not set or <= 0, there is
 					no limit.
 confMAX_HEADERS_LENGTH	MaxHeadersLength
-					[undefined] Maximum length of the sum
+					[32768] Maximum length of the sum
 					of all headers.
 confMAX_MIME_HEADER_LENGTH  MaxMimeHeaderLength
 					[undefined] Maximum length of
@@ -3235,4 +3257,4 @@ M4 DIVERSIONS
    8	DNS based blacklists
    9	special local rulesets (1 and 2)
 
-$Revision: 8.383.2.1.2.24 $, Last updated $Date: 2000/09/24 02:05:54 $
+$Revision: 8.383.2.1.2.35 $, Last updated $Date: 2000/12/17 17:19:11 $
diff --git a/contrib/sendmail/cf/cf/Makefile b/contrib/sendmail/cf/cf/Makefile
index da92979..7a7c6d9 100644
--- a/contrib/sendmail/cf/cf/Makefile
+++ b/contrib/sendmail/cf/cf/Makefile
@@ -1,7 +1,7 @@
 #
 #  Makefile for configuration files.
 #
-#	$Id: Makefile,v 8.40.8.3 2000/08/08 22:23:30 gshapiro Exp $
+#	$Id: Makefile,v 8.40.8.4 2000/10/26 18:27:44 gshapiro Exp $
 #
 
 #
@@ -25,10 +25,10 @@ RM=	rm -f
 	$(CHMOD) $(ROMODE) $@
 
 GENERIC=generic-bsd4.4.cf generic-hpux9.cf generic-hpux10.cf \
-		generic-linux.cf \
+		generic-linux.cf generic-nextstep3.3.cf \
 		generic-osf1.cf generic-solaris2.cf \
 		generic-sunos4.1.cf generic-ultrix4.cf
-BERKELEY=cs-hpux9.cf cs-osf1.cf cs-solaris2.cf \
+BERKELEY=cs-hpux9.cf cs-hpux10.cf cs-osf1.cf cs-solaris2.cf \
 	cs-sunos4.1.cf cs-ultrix4.cf \
 	s2k-osf1.cf s2k-ultrix4.cf \
 	chez.cs.cf huginn.cs.cf mail.cs.cf mail.eecs.cf mailspool.cs.cf \
diff --git a/contrib/sendmail/cf/feature/dnsbl.m4 b/contrib/sendmail/cf/feature/dnsbl.m4
index fd3ceee..e5fd489 100644
--- a/contrib/sendmail/cf/feature/dnsbl.m4
+++ b/contrib/sendmail/cf/feature/dnsbl.m4
@@ -11,9 +11,9 @@ divert(-1)
 
 divert(0)
 ifdef(`_DNSBL_R_',`dnl',`dnl
-VERSIONID(`$Id: dnsbl.m4,v 8.18 1999/08/03 04:30:56 gshapiro Exp $')')
+VERSIONID(`$Id: dnsbl.m4,v 8.18.16.1 2000/11/22 01:13:21 ca Exp $')')
 divert(-1)
-define(`_DNSBL_SRV_', `ifelse(len(X`'_ARG_),`1',`rbl.maps.vix.com',_ARG_)')dnl
+define(`_DNSBL_SRV_', `ifelse(len(X`'_ARG_),`1',`blackholes.mail-abuse.org',_ARG_)')dnl
 define(`_DNSBL_MSG_', `ifelse(len(X`'_ARG2_),`1',`"550 Mail from " $`'&{client_addr} " refused by blackhole site '_DNSBL_SRV_`"',`_ARG2_')')dnl
 divert(8)
 # DNS based IP address spam list _DNSBL_SRV_
diff --git a/contrib/sendmail/cf/m4/proto.m4 b/contrib/sendmail/cf/m4/proto.m4
index d8d826c..d21aba4 100644
--- a/contrib/sendmail/cf/m4/proto.m4
+++ b/contrib/sendmail/cf/m4/proto.m4
@@ -13,7 +13,7 @@ divert(-1)
 #
 divert(0)
 
-VERSIONID(`$Id: proto.m4,v 8.446.2.5.2.29 2000/09/15 04:45:14 gshapiro Exp $')
+VERSIONID(`$Id: proto.m4,v 8.446.2.5.2.38 2000/12/28 03:37:28 ca Exp $')
 
 MAILER(local)dnl
 
@@ -409,7 +409,7 @@ _OPTION(RefuseLA, `confREFUSE_LA', `12')
 _OPTION(MaxDaemonChildren, `confMAX_DAEMON_CHILDREN', `12')
 
 # maximum number of new connections per second
-_OPTION(ConnectionRateThrottle, `confCONNECTION_RATE_THROTTLE', `3')
+_OPTION(ConnectionRateThrottle, `confCONNECTION_RATE_THROTTLE', `0')
 
 # work recipient factor
 _OPTION(RecipientFactor, `confWORK_RECIPIENT_FACTOR', `30000')
@@ -635,6 +635,7 @@ R$* : $* [ $* ]		$: $1 : $2 [ $3 ] <@>		remark if leading colon
 R$* : $* <@>		$: $2				strip colon if marked
 R$* <@>			$: $1				unmark
 R$* ;			   $1				strip trailing semi
+R$* < $+ :; > $*	$@ $2 :; <@>			catch <list:;>
 R$* < $* ; >		   $1 < $2 >			bogus bracketed semi
 
 # null input now results from list:; syntax
@@ -779,6 +780,9 @@ dnl then $- does not work.
 R$* $| $* < @ $* > $*	$: $2 < @ $[ $3 $] > $4', `dnl')', `dnl
 dnl _NO_CANONIFY_ is not set: canonify unless:
 dnl {daemon_flags} contains CC (do not canonify)
+dnl but add a trailing dot to qualified hostnames so other rules will work
+dnl should we do this for every hostname: even unqualified?
+R$* CC $* $| $* < @ $+.$+ > $*	$: $3 < @ $4.$5 . > $6
 R$* CC $* $| $*			$: $3
 # pass to name server to make hostname canonical
 R$* $| $* < @ $* > $*		$: $2 < @ $[ $3 $] > $4')
@@ -806,6 +810,7 @@ R$* < @ $* . . > $*		$1 < @ $2 . > $3
 ##################################################
 Sfinal=4
 
+R$+ :; <@>		$@ $1 :				handle <list:;>
 R$* <@>			$@				handle <> and list:;
 
 # strip trailing dot off possibly canonical name
@@ -1286,6 +1291,7 @@ R<?> <$+.$+> <$+> <$*> <+ $*>	$: < $(access .$2 $: ? $) > <$1.$2> <$3> <$4> <+ $
 dnl lookup IP address (no check is done whether it is an IP number!)
 R<?> <[$+.$-]> <$+> <$*> <$*>	$@ $>LookUpDomain <[$1]> <$3> <$4> <$5>
 dnl lookup IPv6 address
+R<?> <[$+::$-]> <$+> <$*> <$*>	$: $>LookUpDomain <[$1]> <$3> <$4> <$5>
 R<?> <[$+:$-]> <$+> <$*> <$*>	$: $>LookUpDomain <[$1]> <$3> <$4> <$5>
 dnl not found, but subdomain: try again
 R<?> <$+.$+> <$+> <$*> <$*>	$@ $>LookUpDomain <$2> <$3> <$4> <$5>
@@ -1315,6 +1321,7 @@ R<$+> <$+> <$*> <$- $+>		$: < $(access $5`'_TAG_DELIM_`'$1 $: ? $) > <$1> <$2> <
 dnl lookup without tag
 R<?> <$+> <$+> <$*> <+ $+>	$: < $(access $1 $: ? $) > <$1> <$2> <$3> <+ $4>
 dnl no match; IPv6: remove last part
+R<?> <$+::$-> <$+> <$*> <$*>	$@ $>LookUpAddress <$1> <$3> <$4> <$5>
 R<?> <$+:$-> <$+> <$*> <$*>	$@ $>LookUpAddress <$1> <$3> <$4> <$5>
 dnl no match; IPv4: remove last part
 R<?> <$+.$-> <$+> <$*> <$*>	$@ $>LookUpAddress <$1> <$3> <$4> <$5>
@@ -1682,9 +1689,10 @@ dnl use $# to override further tests (delay_checks): see check_rcpt below
 R$* $| $={TrustAuthMech}	$# RELAYAUTH
 dnl undo addition of ${auth_type}
 R$* $| $*		$: $1
-dnl workspace: localpart<@domain>
+dnl workspace: localpart<@domain> | localpart
 ifelse(defn(`_NO_UUCP_'), `r',
-`R$* ! $* < @ $* >	$: <REMOTE> $2 < @ BANG_PATH >', `dnl')
+`R$* ! $* < @ $* >	$: <REMOTE> $2 < @ BANG_PATH >
+R$* ! $* 		$: <REMOTE> $2 < @ BANG_PATH >', `dnl')
 # anything terminating locally is ok
 ifdef(`_RELAY_ENTIRE_DOMAIN_', `dnl
 R$+ < @ $* $=m >	$@ RELAYTO', `dnl')
@@ -1957,7 +1965,7 @@ R$*		$: $>LookUpDomain <$&{server_name}> <?> <> <! TLS_TRY_TAG>
 R<?>$*		$: $>LookUpAddress <$&{server_addr}> <?> <> <! TLS_TRY_TAG>
 R<?>$*		$: <$(access TLS_TRY_TAG: $: ? $)>
 R<?>$*		$@ OK
-R<NO> <>	$#error $@ 5.7.1 $: "550 do not try TLS with " $&{server_name} " ["$&{server_addr}"]"
+R<NO>$*		$#error $@ 5.7.1 $: "550 do not try TLS with " $&{server_name} " ["$&{server_addr}"]"
 ')dnl
 
 # is connection with client "good" enough? (done in server)
diff --git a/contrib/sendmail/cf/m4/version.m4 b/contrib/sendmail/cf/m4/version.m4
index e8e0b2e..a98a7e6 100644
--- a/contrib/sendmail/cf/m4/version.m4
+++ b/contrib/sendmail/cf/m4/version.m4
@@ -11,8 +11,8 @@ divert(-1)
 # the sendmail distribution.
 #
 #
-VERSIONID(`$Id: version.m4,v 8.39.4.14 2000/09/19 07:28:06 gshapiro Exp $')
+VERSIONID(`$Id: version.m4,v 8.39.4.21 2000/12/29 18:22:15 gshapiro Exp $')
 #
 divert(0)
 # Configuration version number
-DZ8.11.1`'ifdef(`confCF_VERSION', `/confCF_VERSION')
+DZ8.11.2`'ifdef(`confCF_VERSION', `/confCF_VERSION')
diff --git a/contrib/sendmail/cf/ostype/aix5.m4 b/contrib/sendmail/cf/ostype/aix5.m4
new file mode 100644
index 0000000..c23c0f3
--- /dev/null
+++ b/contrib/sendmail/cf/ostype/aix5.m4
@@ -0,0 +1,18 @@
+divert(-1)
+#
+# Copyright (c) 2000 Sendmail, Inc. and its suppliers.
+#	All rights reserved.
+#
+# By using this file, you agree to the terms and conditions set
+# forth in the LICENSE file which can be found at the top level of
+# the sendmail distribution.
+#
+#
+
+divert(0)
+VERSIONID(`$Id: aix5.m4,v 1.1.2.1 2000/12/09 03:32:08 ca Exp $')
+ifdef(`LOCAL_MAILER_PATH',, `define(`LOCAL_MAILER_PATH', /bin/bellmail)')dnl
+ifdef(`LOCAL_MAILER_ARGS',, `define(`LOCAL_MAILER_ARGS', mail -F $g $u)')dnl
+_DEFIFNOT(`LOCAL_MAILER_FLAGS', `mn9')dnl
+define(`confEBINDIR', `/usr/lib')dnl
+define(`confTIME_ZONE', `USE_TZ')dnl