AntiAbuse headers in Sendmail

I sometimes look at the headers of incoming email to try and decipher where it came from, especially if it looks like a phishing attack or some spam. I’ve noticed that some have X-AntiAbuse headers along the lines of:

X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname -
X-AntiAbuse: Original Domain -
X-AntiAbuse: Originator/Caller UID/GID - [42 12] / [42 12]
X-AntiAbuse: Sender Address Domain -

It turns out that these headers are added by Exim, one of the common MTAs. So how do we reproduce them in Sendmail?

Unfortunately, it appears that you cannot have multiple headers of the same name in Sendmail – it simply overwrites them and you just end up with the last one, so I ended up adding the following to my file before compiling it (m4 /etc/mail/ > /etc/
HX-AntiAbuse: These headers were added to track abuse, please include with any abuse report
HX-AntiAbuse-Sender-Domain: ${client_name} ${client_resolve}
HX-AntiAbuse-Sender-Host: $s (Derived from EHLO/HELO)
HX-AntiAbuse-Sender-IP: ${client_addr}
HX-AntiAbuse-Envelope-From: $g. From MAIL FROM Address ${mail_addr} Host ${mail_host} Mailer ${mail_mailer}
HX-AntiAbuse-Envelope-To: ${nrcpts} valid recipients including <$u>, ${nbadrcpts} invalid.
HX-AntiAbuse-RCPT-info: Address ${rcpt_addr} Host ${rcpt_host} Mailer ${rcpt_mailer}
HX-AntiAbuse-Receiving-Host: $j
HX-AntiAbuse-QueueID: $i

A full list of the predefined macros can be found in the Sendmail documentation for the configuration file. The X-AntiAbuse-RCPT-info may not produce results unless the rcpt_check ruleset is used, so can be left out.