For version 2 and higher configuration files (see Section 27.5, "The V Configuration Command"),
V8 sendmail allows local
recipients to undergo additional rewriting.
Recall that each recipient address is processed by rule sets 3 and 0.
Beginning with V8.7 sendmail, any delivery agent with the F=A
flag
set
[4]
(see Section 30.8.12, F=A) will cause the address to undergo aliasing
(via the aliases file),
which may result in a new local address.
[4] Prior to V8.7 sendmail, only the
local
delivery agent had this property.
Under V8 sendmail, if an address makes it through aliasing unchanged, it is given to rule set 5, which may select a new delivery agent. Note that it is given to rule set 5 before the ~/.forward file is processed.
Beginning with V8.7 sendmail, any delivery agent that has
the F=5
flag set (see Section 30.8.3, F=5) will cause rule set 5 to be called as though the agent were a local one.
To illustrate, consider that a new delivery agent might be needed in the case of a mail firewall machine. A firewall machine is one that sits between the local network and the outside world and protects the local network from intrusion by outsiders. In such an arrangement it may be desirable for all incoming mail to be delivered to the firewall so that no outsider needs to know the real names of machines on the local network.
Consider mail to the address john@firewall. On the firewall machine,
rule set 3 recognizes the host part as local and throws away the
@firewall. Rule set 0 then selects the local
delivery
agent. Because the address john is local, it is looked up
in the aliases file. For this example we will assume that it is not found there.
The user's ~/.forward file would normally be examined next, but
user home directories are not visible to the firewall machine.
Because the address john is not aliased, it is then passed to rule set 5, which selects another delivery agent to forward the message into the local network:
S5 R$- $#smtp [email protected] $:$1
Here, the john matches the $-
in the LHS, so the
smtp
delivery agent is selected.
The mail message is forwarded to the local network with john
(the $1
) as the username and hub.internal.net
as
the name of the receiving machine on the internal network.
For such a scheme to work, all local machines must send offsite mail addressed as though it were from the firewall, and local names must be changed to offsite forms when forwarded offsite. For example, the name [email protected] needs to be changed to john@firewall for all outgoing offsite mail.
Note that rule set 5 can also be used in situations that do not involve firewalls. It can be used as a hook into forwarding to other types of networks, with special mailing list software, or even as a way to handle retired accounts. Also note that rule set 5 may select a new delivery agent, but it does not have to.
For those times when rule set 5 may not be appropriate, V8 sendmail
offers a technique for bypassing it. In rule set 0, if the first token following
the $:
of a rule that selects the local
delivery
agent is an @
, sendmail removes the
@
and skips calling rule set 5:
R$- $#local $: @ $1 removed and rule set 5 skipped
Note that rule set 5 is the way V8.7 sendmail and above institutes the plussed users technique (see Section 24.4.3, "Plussed Users").