Index: Makefile
===================================================================
--- Makefile
+++ Makefile
@@ -79,6 +79,10 @@
 .endif
 .endif
 
+.if ${OPSYS} == FreeBSD && ${OSVERSION} >= 1100000
+OPTIONS_DEFAULT+=	BLACKLISTD
+.endif
+
 .if ${PORT_OPTIONS:MBDB}
 BDB_SUFFIX=	+${BDB_INCLUDE_DIR:S,^${LOCALBASE}/include/,,}
 CONFLICTS+=	sendmail-ldap-8.* sendmail-sasl2-8.* sendmail-tls-8.*
Index: files/patch-Makefile.m4
===================================================================
--- files/patch-Makefile.m4
+++ files/patch-Makefile.m4
@@ -1,6 +1,13 @@
---- sendmail/Makefile.m4.orig	2014-11-11 15:49:49 UTC
-+++ sendmail/Makefile.m4
-@@ -13,8 +13,7 @@ bldPUSH_SMLIB(`smutil')
+--- sendmail/Makefile.m4.orig	2015-06-19 08:59:29.000000000 -0400
++++ sendmail/Makefile.m4	2017-12-17 22:06:35.553578000 -0500
+@@ -7,14 +7,14 @@
+ define(`bldBIN_TYPE', `G')
+ define(`bldINSTALL_DIR', `')
+ define(`bldSOURCES', `main.c alias.c arpadate.c bf.c collect.c conf.c control.c convtime.c daemon.c deliver.c domain.c envelope.c err.c headers.c macro.c map.c mci.c milter.c mime.c parseaddr.c queue.c ratectrl.c readcf.c recipient.c sasl.c savemail.c sfsasl.c shmticklib.c sm_resolve.c srvrsmtp.c stab.c stats.c sysexits.c timers.c tls.c trace.c udb.c usersmtp.c util.c version.c ')
++APPENDDEF(`bldSOURCES',`blacklist.c ')
+ PREPENDDEF(`confENVDEF', `confMAPDEF')
+ bldPUSH_SMLIB(`sm')
+ bldPUSH_SMLIB(`smutil')
  
  
  dnl hack: /etc/mail is not defined as "location of .cf" in the build system
Index: files/patch-blacklist.c
===================================================================
--- /dev/null
+++ files/patch-blacklist.c
@@ -0,0 +1,60 @@
+--- sendmail/blacklist.c.orig	2017-12-17 22:06:35.553855000 -0500
++++ sendmail/blacklist.c	2017-12-17 22:06:35.554807000 -0500
+@@ -0,0 +1,57 @@
++/*-
++ * Copyright (c) 2016 The FreeBSD Foundation
++ * All rights reserved.
++ *
++ * This software was developed by Kurt Lidl under sponsorship from the
++ * FreeBSD Foundation.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ * 1. Redistributions of source code must retain the above copyright
++ *    notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ *    notice, this list of conditions and the following disclaimer in the
++ *    documentation and/or other materials provided with the distribution.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
++ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
++ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
++ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
++ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
++ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
++ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
++ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
++ * SUCH DAMAGE. */
++
++/* $FreeBSD$ */
++
++#ifdef USE_BLACKLIST
++#include <sm/gen.h>
++#include <sendmail.h>	/* for EXTERN UseBlacklist */
++
++#include <blacklist.h>
++#include "blacklist_client.h"
++
++static struct blacklist *blstate;
++
++void
++blacklist_init(void)
++{
++
++	if (UseBlacklist)
++		blstate = blacklist_open();
++}
++
++void
++blacklist_notify(int action, int fd, const char *msg)
++{
++
++	if (blstate == NULL)
++		return;
++	(void)blacklist_r(blstate, action, fd, msg);
++}
++
++#endif /* USE_BLACKLIST */
Index: files/patch-blacklist_client.h
===================================================================
--- /dev/null
+++ files/patch-blacklist_client.h
@@ -0,0 +1,60 @@
+--- sendmail/blacklist_client.h.orig	2017-12-17 22:06:35.555062000 -0500
++++ sendmail/blacklist_client.h	2017-12-17 22:06:35.555938000 -0500
+@@ -0,0 +1,57 @@
++/*-
++ * Copyright (c) 2016 The FreeBSD Foundation
++ * All rights reserved.
++ *
++ * This software was developed by Kurt Lidl under sponsorship from the
++ * FreeBSD Foundation.
++ *
++ * Redistribution and use in source and binary forms, with or without
++ * modification, are permitted provided that the following conditions
++ * are met:
++ * 1. Redistributions of source code must retain the above copyright
++ *    notice, this list of conditions and the following disclaimer.
++ * 2. Redistributions in binary form must reproduce the above copyright
++ *    notice, this list of conditions and the following disclaimer in the
++ *    documentation and/or other materials provided with the distribution.
++ *
++ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
++ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
++ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
++ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
++ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
++ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
++ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
++ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
++ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
++ * SUCH DAMAGE. */
++
++/* $FreeBSD$ */
++
++#ifndef BLACKLIST_CLIENT_H
++#define BLACKLIST_CLIENT_H
++
++#ifndef BLACKLIST_API_ENUM
++enum {
++	BLACKLIST_AUTH_OK = 0,
++	BLACKLIST_AUTH_FAIL,
++	BLACKLIST_ABUSIVE_BEHAVIOR,
++	BLACKLIST_BAD_USER
++};
++#endif
++
++#ifdef USE_BLACKLIST
++void blacklist_init(void);
++void blacklist_notify(int, int, const char *);
++
++#define BLACKLIST_INIT() blacklist_init()
++#define BLACKLIST_NOTIFY(x, y, msg) blacklist_notify(x, y, msg)
++
++#else
++
++#define BLACKLIST_INIT()
++#define BLACKLIST_NOTIFY(x, y, msg)
++
++#endif
++
++#endif /* BLACKLIST_CLIENT_H */
Index: files/patch-daemon.c
===================================================================
--- files/patch-daemon.c
+++ files/patch-daemon.c
@@ -1,12 +1,10 @@
---- sendmail/daemon.c.orig	2016-06-12 18:25:14.196269000 -0400
-+++ sendmail/daemon.c	2016-06-12 18:31:47.159880000 -0400
-@@ -754,6 +754,10 @@
+--- sendmail/daemon.c.orig	2015-02-27 19:50:03.000000000 -0500
++++ sendmail/daemon.c	2017-12-17 22:06:35.559718000 -0500
+@@ -754,6 +754,8 @@
  						anynet_ntoa(&RealHostAddr));
  			}
  
-+#ifdef USE_BLACKLIST
-+			blacklist_init();
-+#endif
++			BLACKLIST_INIT();
 +
  			if (pipefd[0] != -1)
  			{
Index: files/patch-main.c
===================================================================
--- files/patch-main.c
+++ /dev/null
@@ -1,26 +0,0 @@
---- sendmail/main.c.orig	2016-06-12 18:24:56.170900000 -0400
-+++ sendmail/main.c	2016-06-12 18:30:07.426701000 -0400
-@@ -4642,3 +4642,23 @@
- 	sm_etype_printf,
- 	"quick abort %0",
- };
-+
-+#ifdef USE_BLACKLIST
-+static struct blacklist *blstate;
-+
-+void
-+blacklist_init(void)
-+{
-+	blstate = blacklist_open();
-+}
-+
-+void
-+blacklist_notify(int a, int fd, char *msg)
-+{
-+	if (blstate == NULL)
-+		blacklist_init();
-+	if (blstate == NULL)
-+		return;
-+	(void)blacklist_r(blstate, a, fd, msg);
-+}
-+#endif
Index: files/patch-readcf.c
===================================================================
--- /dev/null
+++ files/patch-readcf.c
@@ -0,0 +1,26 @@
+--- sendmail/readcf.c.orig	2015-06-17 12:51:58.000000000 -0400
++++ sendmail/readcf.c	2017-12-17 22:06:35.563583000 -0500
+@@ -2910,6 +2910,10 @@
+ #endif
+ #define O_USECOMPRESSEDIPV6ADDRESSES 0xec
+ 	{ "UseCompressedIPv6Addresses",	O_USECOMPRESSEDIPV6ADDRESSES, OI_NONE },
++#if USE_BLACKLIST
++# define O_BLACKLIST		0xf2
++	{ "UseBlacklist",	O_BLACKLIST,	OI_NONE	},
++#endif
+ 
+ 	{ NULL,				'\0',		OI_NONE	}
+ };
+@@ -4540,6 +4544,12 @@
+ 		UseCompressedIPv6Addresses = atobool(val);
+ 		break;
+ 
++#if USE_BLACKLIST
++	  case O_BLACKLIST:
++		UseBlacklist = atobool(val);
++		break;
++#endif
++
+ 	  default:
+ 		if (tTd(37, 1))
+ 		{
Index: files/patch-sendmail.h
===================================================================
--- files/patch-sendmail.h
+++ files/patch-sendmail.h
@@ -1,16 +1,22 @@
---- sendmail/sendmail.h.orig	2016-06-12 18:23:05.239106000 -0400
-+++ sendmail/sendmail.h	2016-06-12 18:42:38.972341000 -0400
-@@ -2647,6 +2647,13 @@
- extern char	*milter_unknown __P((char *, ENVELOPE *, char *));
- #endif /* MILTER */
+--- sendmail/sendmail.h.orig	2015-06-19 08:59:29.000000000 -0400
++++ sendmail/sendmail.h	2017-12-17 22:06:35.568015000 -0500
+@@ -57,6 +57,8 @@
+ #endif /* _DEFINE */
  
-+#if USE_BLACKLIST
-+/* blacklistd functions */
-+void blacklist_init(void);
-+void blacklist_notify(int, int, char *);
+ #include "bf.h"
 +#include <blacklist.h>
++#include "blacklist_client.h"
+ #include "timers.h"
+ #include <sm/exc.h>
+ #include <sm/heap.h>
+@@ -2544,6 +2546,10 @@
+ EXTERN bool	SSLEngineInitialized;
+ #endif /* STARTTLS && USE_OPENSSL_ENGINE */
+ 
++#if USE_BLACKLIST
++EXTERN bool	UseBlacklist;
 +#endif
 +
- extern char	*addquotes __P((char *, SM_RPOOL_T *));
- extern char	*arpadate __P((char *));
- extern bool	atobool __P((char *));
+ /*
+ **  Declarations of useful functions
+ */
Index: files/patch-sendmail.8
===================================================================
--- /dev/null
+++ files/patch-sendmail.8
@@ -0,0 +1,14 @@
+--- sendmail/sendmail.8.orig	2014-06-13 10:57:59.000000000 -0400
++++ sendmail/sendmail.8	2017-12-17 22:06:35.564707000 -0500
+@@ -537,6 +537,11 @@
+ failed messages will be returned to the sender.  
+ The default is five days.
+ .TP
++UseBlacklist
++If set, send authentication failure and success notifications to the
++.BR blacklistd (8)
++daemon.
++.TP
+ .RI UserDatabaseSpec= userdatabase
+ If set, a user database is consulted to get forwarding information.
+ You can consider this an adjunct to the aliasing mechanism, 
Index: files/patch-srvrsmtp.c
===================================================================
--- files/patch-srvrsmtp.c
+++ files/patch-srvrsmtp.c
@@ -1,44 +1,33 @@
 --- sendmail/srvrsmtp.c.orig	2015-03-18 07:47:12.000000000 -0400
-+++ sendmail/srvrsmtp.c	2016-06-12 18:36:01.372172000 -0400
-@@ -832,6 +832,9 @@
- 	int n_badrcpts_adj;
- #endif /* _FFR_BADRCPT_SHUTDOWN */
- 
-+#ifdef USE_BLACKLIST
-+	int fd;
-+#endif
- 	SevenBitInput_Saved = SevenBitInput;
- 	smtp.sm_nrcpts = 0;
- #if MILTER
-@@ -1328,6 +1331,9 @@
++++ sendmail/srvrsmtp.c	2017-12-17 22:06:35.572115000 -0500
+@@ -1328,6 +1328,7 @@
  					  (int) tp.tv_sec +
  						(tp.tv_usec >= 500000 ? 1 : 0)
  					 );
-+#ifdef USE_BLACKLIST
-+				blacklist_notify(1, fd, "pre-greeting traffic");
-+#endif
++				BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, fd, "pre-greeting traffic");
  			}
  		}
  	}
-@@ -1723,6 +1729,10 @@
+@@ -1721,8 +1722,11 @@
+ 			}
+ 			else
  			{
++				int fd;
  				/* not SASL_OK or SASL_CONT */
  				message("535 5.7.0 authentication failed");
-+#ifdef USE_BLACKLIST
 +				fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL);
-+				blacklist_notify(1, fd, "AUTH FAIL");
-+#endif
++				BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, fd, "AUTH FAIL");
  				if (LogLevel > 9)
  					sm_syslog(LOG_WARNING, e->e_id,
  						  "AUTH failure (%s): %s (%d) %s, relay=%.100s",
-@@ -3524,6 +3534,10 @@
+@@ -3523,7 +3527,10 @@
+ #if MAXBADCOMMANDS > 0
  			if (++n_badcmds > MAXBADCOMMANDS)
  			{
++				int fd;
    stopattack:
-+#ifdef USE_BLACKLIST
 +				fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL);
-+				blacklist_notify(1, fd, "too many bad commands");
-+#endif
++				BLACKLIST_NOTIFY(BLACKLIST_ABUSIVE_BEHAVIOR, fd, "too many bad commands");
  				message("421 4.7.0 %s Too many bad commands; closing connection",
  					MyHostName);
  
Index: files/patch-usersmtp.c
===================================================================
--- files/patch-usersmtp.c
+++ files/patch-usersmtp.c
@@ -1,26 +1,23 @@
 --- sendmail/usersmtp.c.orig	2014-12-05 10:42:28.000000000 -0500
-+++ sendmail/usersmtp.c	2016-06-12 18:35:25.940865000 -0400
-@@ -1825,6 +1825,10 @@
++++ sendmail/usersmtp.c	2017-12-17 22:06:35.574772000 -0500
+@@ -1825,6 +1825,9 @@
  
  		if (saslresult != SASL_OK && saslresult != SASL_CONTINUE)
  		{
-+#ifdef USE_BLACKLIST
 +			int fd = sm_io_getinfo(mci->mci_in, SM_IO_WHAT_FD, NULL);
-+			blacklist_notify(1, fd, "AUTH FAIL");
-+#endif
++			BLACKLIST_NOTIFY(BLACKLIST_AUTH_FAIL, fd, "AUTH FAIL");
++
  			if (tTd(95, 5))
  				sm_dprintf("AUTH FAIL=%s (%d)\n",
  					sasl_errstring(saslresult, NULL, NULL),
-@@ -1970,9 +1974,13 @@
+@@ -1970,9 +1973,11 @@
  	do
  	{
  		result = attemptauth(m, mci, e, &(mci->mci_sai));
 -		if (result == EX_OK)
 +		if (result == EX_OK) {
-+#ifdef USE_BLACKLIST
 +			int fd = sm_io_getinfo(mci->mci_in, SM_IO_WHAT_FD, NULL);
-+			blacklist_notify(0, fd, "AUTH OK");
-+#endif
++			BLACKLIST_NOTIFY(BLACKLIST_AUTH_OK, fd, "AUTH OK");
  			mci->mci_sasl_auth = true;
 -		else if (result == EX_TEMPFAIL || result == EX_NOPERM)
 +		} else if (result == EX_TEMPFAIL || result == EX_NOPERM)