# please use the .m4 file, this file is not maintained!
LOCAL_CONFIG
# file containing IP numbers of machines which can use our relay
F{LocalIP} /etc/mail/LocalIP
# file containing names we relay to
F{RelayTo} /etc/mail/RelayTo
# list of domains and addresses which can send mail through
# our relay if they appear in MAIL FROM:
Kallow dbm -a@ALLOWED /etc/mail/allow

LOCAL_RULESETS
# check for allowed addresses
Sallow
# lookup domain in database
R$*<@$+>		$:$1<@$(allow $2$)>
# exists? return
R$*<@$*@ALLOWED>	$@$1<@$2@ALLOWED>
# lookup address in database
R$*<@$+>		$:$1<@$(allow $1@$2 $:$2$)>
# exists? return
R$*<@$*@ALLOWED>	$@$1<@$2@ALLOWED>
# remove one subdomain, try again
R$*<@$-.$-.$+>		$: $>allow $1<@$3.$4>

Scheck_rcpt
# make sure you have TABs here, not BLANKs! sendmail will complain otherwise...
# first: get client address
R$+			$: $(dequote "" $&{client_addr} $) $| $1
R0 $| $*		$@ ok		client_addr is 0 for sendmail -bs
R$={LocalIP}$* $| $*	$@ ok		from here
# not local, check rcpt
R$* $| $*		$: $>3 $2
# remove local part
R$+			$:$>remove_local $1
R$*<@$+>$*		$: <RELAY>
# now get and canonify the FROM address
R$*			$: $1 $| $>3 $(dequote "" $&f $)
# compare it with an "allowed" domain
R$* $| $*<@$*.>$*	$: $1 $| $>allow $2<@$3>
# match: ok
R$* $| $*<@$*@ALLOWED>$*	$@ ok
# nope, it's a relay attempt
R<RELAY> $| $*	$#error $@ 5.7.1 $: 550 we do not relay

Sremove_local
# remove RelayTo part (maybe repeatedly)
R$*<@$*$={RelayTo}.>$*	$>3 $1 $4
R$*<@$=w.>$*		$: $>remove_local $>3 $1 $3
R$*<@$*>$*		$@ $1<@$2>$3
# dequote local part
R$-			$: $>3 $(dequote $1 $)
R$*<@$*>$*		$: $>remove_local $1<@$2>$3
