Jim Bacon sent me this version of check_rcpt which uses a patch from Miquel van Smoorenburg to find out for which machines your mailserver is secondary MX and therefore should allow relaying. This avoids maintaining another file (RelayTo). I've changed the ruleset a bit, since there was a small problem with it.
Here is my hack file to be used instead of Claus' check_rcpt* files. Note:
it does not require the use of the use_relayto.m4 hack file but does use
the optional use_localip and use_localnames hacks. To use, just place
HACK(check_ismx)
in the .mc file.
*** check_ismx.m4
divert(-1)
divert(0)
VERSIONID(`@(#)check_ismx.m4 1.1 (Jim Bacon) 1997-08-23')
PUSHDIVERT(6)
Kismx ismx
POPDIVERT
divert(2)
define(`_USE_NAMES_RULES',`R $`'| $`'* $`'@ ok no client name: directly invoked
R$`'*$`'=w $`'| $`'* $`'@ ok from here
R$`'*$`'={LocalNames} $`'| $`'* $`'@ ok from allowed system')
LOCAL_RULESETS
Scheck_rcpt
ifdef(`_USE_RCPT_', `', `errprint(`HACK "check_ismx" requires use_ip or use_names')')dnl
ifdef(`_USE_IP_',
R$+ $: $(dequote "" $&{client_addr} $) $| $1
R0 $| $* $@ ok client_addr is 0 for sendmail -bs
R$={LocalIP}$* $| $* $@ ok from here
ifdef(`_USE_NAMES_',
R$* $| $+ $: $(dequote "" $&{client_name} $) $| $2
_USE_NAMES_RULES
),
R$+ $: $(dequote "" $&{client_name} $) $| $1
_USE_NAMES_RULES
)dnl
R$* $: $>3 $1
R$*<@$+>$* $: $1 <@ $(ismx $2 $: NOMX $) > $3
R$*<@NOMX>$* $#error $@ 5.7.1 $: 571 unauthorized relay destination
R$*<@TEMPFAIL>$* $#error $@ 4.5.1 $: 451 Cannot resolve destination
*** sendmail-8.8.7-ismx
diff -ru sendmail-8.8.7.orig/src/conf.c sendmail-8.8.7/src/conf.c
--- sendmail-8.8.7.orig/src/conf.c Tue Jan 21 16:47:13 1997
+++ sendmail-8.8.7/src/conf.c Tue Jun 3 14:26:44 1997
@@ -395,6 +395,9 @@
MAPDEF("bestmx", NULL, MCF_OPTFILE,
map_parseargs, null_map_open, null_map_close,
bestmx_map_lookup, null_map_store);
+ MAPDEF("ismx", NULL, MCF_OPTFILE,
+ map_parseargs, null_map_open, null_map_close,
+ ismx_map_lookup, null_map_store);
#endif
MAPDEF("host", NULL, 0,
diff -ru sendmail-8.8.7.orig/src/domain.c sendmail-8.8.7/src/domain.c
--- sendmail-8.8.7.orig/src/domain.c Wed Oct 30 18:42:21 1996
+++ sendmail-8.8.7/src/domain.c Tue Jun 3 15:53:40 1997
@@ -480,6 +480,52 @@
return map_rewrite(map, mxhosts[0], strlen(mxhosts[0]), av);
}
/*
+** ISMX -- find if we are the MX for a certain host.
+**
+** This is really a hack, but I don't see any obvious way
+** to generalize it at the moment.
+*/
+
+char *
+ismx_map_lookup(map, name, av, statp)
+ MAP *map;
+ char *name;
+ char **av;
+ int *statp;
+{
+ int nmx, i, len;
+ auto int rcode;
+ int saveopts = _res.options;
+ char *mxhosts[MAXMXHOSTS + 1];
+ char *mymx = NULL;
+
+ _res.options &= ~(RES_DNSRCH|RES_DEFNAMES);
+ nmx = getmxrr(name, mxhosts, FALSE, &rcode);
+ _res.options = saveopts;
+ if (rcode != EX_TEMPFAIL) {
+ if (nmx <= 0)
+ return NULL;
+ for(i = 0; i < nmx; i++) {
+ len = strlen(mxhosts[i]);
+ if (len && mxhosts[i][len - 1] == '.')
+ mxhosts[i][len - 1] = 0;
+ if (wordinclass(mxhosts[i], 'w')) {
+ mymx = mxhosts[i];
+ break;
+ }
+ }
+ if (mymx == NULL)
+ return NULL;
+ } else
+ mymx = "TEMPFAIL";
+
+ if (bitset(MF_MATCHONLY, map->map_mflags))
+ return map_rewrite(map, name, strlen(name), NULL);
+ else
+ return map_rewrite(map, mymx, strlen(mymx), av);
+}
+
+
/*
** DNS_GETCANONNAME -- get the canonical name for named host using DNS
**
** This algorithm tries to be smart about wildcard MX records.
--
Jim Bacon (JB211), SysAdmin Metropolitan Austin Interactive Network
jim@MAIN.Org http://www.main.org/~jim include <std/disclaimer.h>
"You deal with content and humans, I deal with reality."
-- A Sysadmin talking to a Webmaster
-... --- ..-. ....