hpainter/sendmail-slackware-gmail.mc

## sendmail-slackware-gmail.mc
dnl# This is the a sendmail .mc file for Slackware with GMail support.
include(`../m4/cf.m4')
VERSIONID(`TLS supporting setup for Slackware Linux')dnl
OSTYPE(`linux')dnl
dnl#
dnl# You will need to create the certificates below with OpenSSL first:
define(`CERT_DIR', `/etc/mail/certs')
define(`confCACERT_PATH', `CERT_DIR')
define(`confCACERT', `CERT_DIR/ca-bundle.crt')
define(`confCRL', `CERT_DIR/ca-bundle.crt')
define(`confSERVER_CERT', `CERT_DIR/sendmail.pem')
define(`confSERVER_KEY', `CERT_DIR/sendmail.pem')
define(`confCLIENT_CERT', `CERT_DIR/sendmail.pem')
define(`confCLIENT_KEY', `CERT_DIR/sendmail.pem')
dnl# These settings help protect against people verifying email addresses
dnl# at your site in order to send you email that you probably don't want:
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
dnl# Uncomment the line below to send outgoing mail through an external server:
define(`SMART_HOST',`smtp.gmail.com')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')
define(`ESMTP_MAILER_ARGS', `TCP $h 587')
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')
dnl ---------------------------
dnl# No timeout for ident:
define(`confTO_IDENT', `0')dnl
dnl# Enable the line below to use smrsh to restrict what sendmail can run:
dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
dnl# See the README in /usr/share/sendmail/cf for a ton of information on
dnl# how these options work:
FEATURE(`use_cw_file')dnl
FEATURE(`use_ct_file')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`always_add_domain')dnl
FEATURE(`redirect')dnl
FEATURE(`no_default_msa')dnl
FEATURE(`authinfo',`hash /etc/mail/auth/client-info.db')dnl
dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail:
dnl FEATURE(`accept_unresolvable_domains')dnl
EXPOSED_USER(`root')dnl
dnl# Also accept mail for localhost.localdomain:
LOCAL_DOMAIN(`localhost.localdomain')dnl
MAILER(local)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
dnl# Allow SASL authentication/relaying:
define(`confAUTH_OPTIONS', `A p y')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
dnl# Daemon options after M= below that might need to be changed are:
dnl# s (allow SSL, not only TLS)
dnl# a (require authentication)
DAEMON_OPTIONS(`Port=smtps, Name=MSA-SSL, M=Esa')dnl
LOCAL_CONFIG
dnl# Do not allow the weak SSLv2:
O CipherList=ALL:!ADH:!NULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:+SSLv3:+TLSv1:-SSLv2:+EXP:+eNULL
	dnl# This is the a sendmail .mc file for Slackware with GMail support.
	include(`../m4/cf.m4')
	VERSIONID(`TLS supporting setup for Slackware Linux')dnl
	OSTYPE(`linux')dnl
	dnl#
	dnl# You will need to create the certificates below with OpenSSL first:
	define(`CERT_DIR', `/etc/mail/certs')
	define(`confCACERT_PATH', `CERT_DIR')
	define(`confCACERT', `CERT_DIR/ca-bundle.crt')
	define(`confCRL', `CERT_DIR/ca-bundle.crt')
	define(`confSERVER_CERT', `CERT_DIR/sendmail.pem')
	define(`confSERVER_KEY', `CERT_DIR/sendmail.pem')
	define(`confCLIENT_CERT', `CERT_DIR/sendmail.pem')
	define(`confCLIENT_KEY', `CERT_DIR/sendmail.pem')
	dnl# These settings help protect against people verifying email addresses
	dnl# at your site in order to send you email that you probably don't want:
	define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
	dnl# Uncomment the line below to send outgoing mail through an external server:
	define(`SMART_HOST',`smtp.gmail.com')dnl
	define(`RELAY_MAILER_ARGS', `TCP $h 587')
	define(`ESMTP_MAILER_ARGS', `TCP $h 587')
	define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')
	dnl ---------------------------
	dnl# No timeout for ident:
	define(`confTO_IDENT', `0')dnl
	dnl# Enable the line below to use smrsh to restrict what sendmail can run:
	dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
	dnl# See the README in /usr/share/sendmail/cf for a ton of information on
	dnl# how these options work:
	FEATURE(`use_cw_file')dnl
	FEATURE(`use_ct_file')dnl
	FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
	FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
	FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
	FEATURE(`blacklist_recipients')dnl
	FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
	FEATURE(`always_add_domain')dnl
	FEATURE(`redirect')dnl
	FEATURE(`no_default_msa')dnl
	FEATURE(`authinfo',`hash /etc/mail/auth/client-info.db')dnl
	dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail:
	dnl FEATURE(`accept_unresolvable_domains')dnl
	EXPOSED_USER(`root')dnl
	dnl# Also accept mail for localhost.localdomain:
	LOCAL_DOMAIN(`localhost.localdomain')dnl
	MAILER(local)dnl
	MAILER(smtp)dnl
	MAILER(procmail)dnl
	dnl# Allow SASL authentication/relaying:
	define(`confAUTH_OPTIONS', `A p y')dnl
	define(`confAUTH_MECHANISMS', `LOGIN PLAIN DIGEST-MD5 CRAM-MD5')dnl
	TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
	DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl
	dnl# Daemon options after M= below that might need to be changed are:
	dnl# s (allow SSL, not only TLS)
	dnl# a (require authentication)
	DAEMON_OPTIONS(`Port=smtps, Name=MSA-SSL, M=Esa')dnl
	LOCAL_CONFIG
	dnl# Do not allow the weak SSLv2:
	O CipherList=ALL:!ADH:!NULL:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:-LOW:+SSLv3:+TLSv1:-SSLv2:+EXP:+eNULL