When a connection is made or received and STARTTLS is negotiated, sendmail updates the value of several macros, among which is this ${verify} macro. This ${verify} macro stores a text word that describes the result of verification of the presented certificate. Those possible text words are shown in Table 21-10. Table 21-10. Possible values for ${verify}
The ${verify} macro is used in the standard configuration file as part of the definition of the Received : header: If ${tls_version} has a value, the following is included in the Received : header's text: (version=${tls_version} cipher=${cipher} bits=${cipher_bits} verify=${verify}) If ${tls_version} lacks a value, the preceding text is not included, meaning a STARTTLS connection was not used. ${verify} is transient. If it is defined in the configuration file or in the command line, that definition is ignored by sendmail . Note that a $& prefix is necessary when you reference this macro in rules (that is, use $&{verify} , not ${verify} ). |