Bug#388460: exim4-daemon-light: config file
George B.
i93.borg at gmail.com
Wed Sep 20 15:03:31 UTC 2006
Package: exim4-daemon-light
Version: 4.63-3
Followup-For: Bug #388460
Oops, this time attach the config file.
-------------- next part --------------
#########
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# This file is generated dynamically from the files in
# the conf.d/ directory, or from exim4.conf.template respectively.
# Additional information is read from update-exim4.conf.conf
# This version of the file was created from the directory /etc/exim4
# Any changes you make here will be lost.
# See /usr/share/doc/exim4-base/README.Debian.gz and update-exim4.conf(8)
# for instructions of customization.
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
# WARNING WARNING WARNING
#########
CHECK_RCPT_VERIFY_SENDER = true
exim_path = /usr/sbin/exim4
..ifndef CONFDIR
CONFDIR = /etc/exim4
..endif
..ifndef DC_minimaldns
..endif
..ifndef DC_visiblename
DC_visiblename=<-snip->.homelinux.org
..endif
..ifndef MAIN_LOCAL_DOMAINS
MAIN_LOCAL_DOMAINS = @:localhost:10.0.0.1 : <-snip-> : localhost.localdomain : dsearch;/etc/exim4/virtual
..endif
domainlist local_domains = MAIN_LOCAL_DOMAINS
..ifndef MAIN_RELAY_TO_DOMAINS
MAIN_RELAY_TO_DOMAINS =
..endif
domainlist relay_to_domains = MAIN_RELAY_TO_DOMAINS
..ifndef MAIN_RELAY_NETS
MAIN_RELAY_NETS = 10.0.0.0/24 : 127.0.0.1 : ::::1
..endif
hostlist relay_from_hosts = MAIN_RELAY_NETS
..ifdef DC_visiblename
qualify_domain = DC_visiblename
..endif
..ifndef DCreadhost
DCreadhost =
..endif
..ifndef DCsmarthost
DCsmarthost = smtp.blueyonder.co.uk
..endif
..ifdef MAIN_LOCAL_INTERFACES
local_interfaces = MAIN_LOCAL_INTERFACES
..else
local_interfaces = 127.0.0.1 : 10.0.0.1
..endif
..ifndef LOCAL_DELIVERY
LOCAL_DELIVERY=maildir_home
..endif
gecos_pattern = ^([^,:]*)
gecos_name = $1
..ifndef DCconfig_satellite
..ifndef DCconfig_internet
..ifndef DCconfig_local
..ifndef DCconfig_smarthost
DCconfig_smarthost = 1
..endif
..endif
..endif
..endif
..ifndef CHECK_RCPT_LOCAL_LOCALPARTS
CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%!/|`#&?]
..endif
..ifndef CHECK_RCPT_REMOTE_LOCALPARTS
CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%!`#&?] : ^.*/\\.\\./
..endif
..ifdef OUTGOING
SPOOLDIR = /var/spool/exim4
..else
queue_only = true
queue_only_override = false
SPOOLDIR = /var/spool/exim4_incoming
log_file_path = /var/log/exim4_incoming/%slog
..endif
..ifndef MAIN_ACL_CHECK_MAIL
MAIN_ACL_CHECK_MAIL = acl_check_mail
..endif
acl_smtp_mail = MAIN_ACL_CHECK_MAIL
..ifndef MAIN_ACL_CHECK_RCPT
MAIN_ACL_CHECK_RCPT = acl_check_rcpt
..endif
acl_smtp_rcpt = MAIN_ACL_CHECK_RCPT
..ifndef MAIN_ACL_CHECK_DATA
MAIN_ACL_CHECK_DATA = acl_check_data
..endif
acl_smtp_data = MAIN_ACL_CHECK_DATA
..ifdef MESSAGE_SIZE_LIMIT
message_size_limit = MESSAGE_SIZE_LIMIT
..endif
..ifdef MAIN_ALLOW_DOMAIN_LITERALS
allow_domain_literals
..endif
..ifndef DC_minimaldns
..ifndef MAIN_HOST_LOOKUP
MAIN_HOST_LOOKUP = *
..endif
host_lookup = MAIN_HOST_LOOKUP
..endif
..ifndef MAIN_FORCE_SENDER
local_from_check = false
local_sender_retain = true
untrusted_set_sender = *
..endif
..ifndef MAIN_IGNORE_BOUNCE_ERRORS_AFTER
MAIN_IGNORE_BOUNCE_ERRORS_AFTER = 2d
..endif
ignore_bounce_errors_after = MAIN_IGNORE_BOUNCE_ERRORS_AFTER
..ifndef MAIN_TIMEOUT_FROZEN_AFTER
MAIN_TIMEOUT_FROZEN_AFTER = 7d
..endif
timeout_frozen_after = MAIN_TIMEOUT_FROZEN_AFTER
..ifndef MAIN_FREEZE_TELL
MAIN_FREEZE_TELL = postmaster
..endif
freeze_tell = MAIN_FREEZE_TELL
..ifndef SPOOLDIR
SPOOLDIR = /var/spool/exim4
..endif
spool_directory = SPOOLDIR
..ifndef MAIN_TRUSTED_USERS
MAIN_TRUSTED_USERS = uucp
..endif
trusted_users = MAIN_TRUSTED_USERS
..ifdef MAIN_TRUSTED_GROUPS
trusted_groups = MAIN_TRUSTED_GROUPS
..endif
..ifdef MAIN_TLS_ENABLE
..ifndef MAIN_TLS_ADVERTISE_HOSTS
MAIN_TLS_ADVERTISE_HOSTS = *
..endif
tls_advertise_hosts = MAIN_TLS_ADVERTISE_HOSTS
..ifdef MAIN_TLS_CERTKEY
tls_certificate = MAIN_TLS_CERTKEY
..else
..ifndef MAIN_TLS_CERTIFICATE
MAIN_TLS_CERTIFICATE = CONFDIR/exim.crt
..endif
tls_certificate = MAIN_TLS_CERTIFICATE
..ifndef MAIN_TLS_PRIVATEKEY
MAIN_TLS_PRIVATEKEY = CONFDIR/exim.key
..endif
tls_privatekey = MAIN_TLS_PRIVATEKEY
..endif
..ifndef MAIN_TLS_VERIFY_CERTIFICATES
MAIN_TLS_VERIFY_CERTIFICATES = ${if exists{/etc/ssl/certs/ca-certificates.crt}\
{/etc/ssl/certs/ca-certificates.crt}\
{/dev/null}}
..endif
tls_verify_certificates = MAIN_TLS_VERIFY_CERTIFICATES
..ifdef MAIN_TLS_VERIFY_HOSTS
tls_verify_hosts = MAIN_TLS_VERIFY_HOSTS
..endif
..ifndef MAIN_TLS_TRY_VERIFY_HOSTS
MAIN_TLS_TRY_VERIFY_HOSTS = *
..endif
tls_try_verify_hosts = MAIN_TLS_TRY_VERIFY_HOSTS
..endif
begin acl
acl_whitelist_local_deny:
accept
hosts = ${if exists{CONFDIR/local_host_whitelist}\
{CONFDIR/local_host_whitelist}\
{}}
accept
senders = ${if exists{CONFDIR/local_sender_whitelist}\
{CONFDIR/local_sender_whitelist}\
{}}
.ifdef WHITELIST_LOCAL_DENY_LOCAL_ACL_FILE
.include WHITELIST_LOCAL_DENY_LOCAL_ACL_FILE
.endif
acl_check_mail:
.ifdef CHECK_MAIL_HELO_ISSUED
deny
message = no HELO given before MAIL command
condition = ${if def:sender_helo_name {no}{yes}}
.endif
deny
message = Sender verification failed
!verify = sender
accept
acl_check_rcpt:
accept
hosts = :
.ifdef CHECK_RCPT_LOCAL_LOCALPARTS
deny
domains = +local_domains
local_parts = CHECK_RCPT_LOCAL_LOCALPARTS
message = restricted characters in address
.endif
.ifdef CHECK_RCPT_REMOTE_LOCALPARTS
deny
domains = !+local_domains
local_parts = CHECK_RCPT_REMOTE_LOCALPARTS
message = restricted characters in address
.endif
accept
.ifndef CHECK_RCPT_POSTMASTER
local_parts = postmaster
.else
local_parts = CHECK_RCPT_POSTMASTER
.endif
domains = +local_domains : +relay_to_domains
.ifdef CHECK_RCPT_VERIFY_SENDER
deny
message = Sender verification failed
!acl = acl_whitelist_local_deny
!verify = sender
.endif
deny
!acl = acl_whitelist_local_deny
senders = ${if exists{CONFDIR/local_sender_callout}\
{CONFDIR/local_sender_callout}\
{}}
!verify = sender/callout
accept
hosts = +relay_from_hosts
control = submission/sender_retain
accept
authenticated = *
control = submission/sender_retain
require
message = relay not permitted
domains = +local_domains : +relay_to_domains
require
verify = recipient
deny
!acl = acl_whitelist_local_deny
recipients = ${if exists{CONFDIR/local_rcpt_callout}\
{CONFDIR/local_rcpt_callout}\
{}}
!verify = recipient/callout
deny
message = sender envelope address $sender_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
!acl = acl_whitelist_local_deny
senders = ${if exists{CONFDIR/local_sender_blacklist}\
{CONFDIR/local_sender_blacklist}\
{}}
deny
message = sender IP address $sender_host_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
!acl = acl_whitelist_local_deny
hosts = ${if exists{CONFDIR/local_host_blacklist}\
{CONFDIR/local_host_blacklist}\
{}}
.ifdef CHECK_RCPT_REVERSE_DNS
warn
message = X-Host-Lookup-Failed: Reverse DNS lookup failed for $sender_host_address (${if eq{$host_lookup_failed}{1}{failed}{deferred}})
condition = ${if and{{def:sender_host_address}{!def:sender_host_name}}\
{yes}{no}}
.endif
.ifdef CHECK_RCPT_SPF
deny
message = [SPF] $sender_host_address is not allowed to send mail from $sender_address_domain. \
Please see http://www.openspf.org/why.html?sender=$sender_address&ip=$sender_host_address
log_message = SPF check failed.
condition = ${run{/usr/bin/spfquery --ip \"$sender_host_address\" --mail-from \"$sender_address\" --helo \"$sender_helo_name\"}\
{no}{${if eq {$runrc}{1}{yes}{no}}}}
defer
message = Temporary DNS error while checking SPF record. Try again later.
condition = ${if eq {$runrc}{5}{yes}{no}}
warn
message = Received-SPF: ${if eq {$runrc}{0}{pass}{${if eq {$runrc}{2}{softfail}\
{${if eq {$runrc}{3}{neutral}{${if eq {$runrc}{4}{unknown}{${if eq {$runrc}{6}{none}{error}}}}}}}}}}
condition = ${if <={$runrc}{6}{yes}{no}}
warn
log_message = Unexpected error in SPF check.
condition = ${if >{$runrc}{6}{yes}{no}}
warn
message = X-SPF-Guess: ${run{/usr/bin/spfquery --ip \"$sender_host_address\" --mail-from \"$sender_address\" \ --helo \"$sender_helo_name\" --guess true}\
{pass}{${if eq {$runrc}{2}{softfail}{${if eq {$runrc}{3}{neutral}{${if eq {$runrc}{4}{unknown}\
{${if eq {$runrc}{6}{none}{error}}}}}}}}}}
condition = ${if <={$runrc}{6}{yes}{no}}
defer
message = Temporary DNS error while checking SPF record. Try again later.
condition = ${if eq {$runrc}{5}{yes}{no}}
.endif
.ifdef CHECK_RCPT_IP_DNSBLS
warn
message = X-Warning: $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
log_message = $sender_host_address is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
dnslists = CHECK_RCPT_IP_DNSBLS
.endif
.ifdef CHECK_RCPT_DOMAIN_DNSBLS
warn
message = X-Warning: $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
log_message = $sender_address_domain is listed at $dnslist_domain ($dnslist_value: $dnslist_text)
!senders = ${if exists{CONFDIR/local_domain_dnsbl_whitelist}\
{CONFDIR/local_domain_dnsbl_whitelist}\
{}}
dnslists = CHECK_RCPT_DOMAIN_DNSBLS
.endif
.ifdef CHECK_RCPT_LOCAL_ACL_FILE
.include CHECK_RCPT_LOCAL_ACL_FILE
.endif
accept
domains = +relay_to_domains
endpass
verify = recipient
accept
acl_check_data:
.ifdef CHECK_DATA_VERIFY_HEADER_SYNTAX
deny
message = Message headers fail syntax check
!acl = acl_whitelist_local_deny
!verify = header_syntax
.endif
.ifdef CHECK_DATA_VERIFY_HEADER_SENDER
deny
message = No verifiable sender address in message headers
!acl = acl_whitelist_local_deny
!verify = header_sender
.endif
.ifdef CHECK_DATA_LOCAL_ACL_FILE
.include CHECK_DATA_LOCAL_ACL_FILE
.endif
accept
begin routers
..ifdef MAIN_ALLOW_DOMAIN_LITERALS
domain_literal:
debug_print = "R: domain_literal for $local_part@$domain"
driver = ipliteral
domains = ! +local_domains
transport = remote_smtp
..endif
hubbed_hosts:
debug_print = "R: hubbed_hosts for $domain"
driver = manualroute
domains = "${if exists{CONFDIR/hubbed_hosts}\
{partial-lsearch;CONFDIR/hubbed_hosts}\
fail}"
same_domain_copy_routing = yes
route_data = ${lookup{$domain}partial-lsearch{CONFDIR/hubbed_hosts}}
transport = remote_smtp
..ifdef DCconfig_internet
dnslookup_relay_to_domains:
debug_print = "R: dnslookup_relay_to_domains for $local_part@$domain"
driver = dnslookup
domains = ! +local_domains : +relay_to_domains
transport = remote_smtp
same_domain_copy_routing = yes
no_more
dnslookup:
debug_print = "R: dnslookup for $local_part@$domain"
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
same_domain_copy_routing = yes
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8 : 192.168.0.0/16 :\
172.16.0.0/12 : 10.0.0.0/8 : 169.254.0.0/16 :\
255.255.255.255
no_more
..endif
..ifdef DCconfig_local
nonlocal:
debug_print = "R: nonlocal for $local_part@$domain"
driver = redirect
domains = ! +local_domains
allow_fail
data = :fail: Mailing to remote domains not supported
no_more
..endif
..ifdef DCconfig_smarthost DCconfig_satellite
smarthost:
debug_print = "R: smarthost for $local_part@$domain"
driver = manualroute
domains = ! +local_domains
transport = remote_smtp_smarthost
route_list = * DCsmarthost byname
host_find_failed = defer
same_domain_copy_routing = yes
no_more
..endif
real_local:
debug_print = "R: real_local for $local_part@$domain"
driver = accept
domains = +local_domains
local_part_prefix = real-
check_local_user
transport = LOCAL_DELIVERY
vdom_aliases:
driver = redirect
allow_defer
allow_fail
domains = dsearch;/etc/exim4/virtual
data = ${expand:${lookup{$local_part}lsearch*@{/etc/exim4/virtual/$domain}}}
retry_use_local_part
pipe_transport = address_pipe
file_transport = address_file
no_more
system_aliases:
debug_print = "R: system_aliases for $local_part@$domain"
driver = redirect
domains = +local_domains
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/aliases}}
.ifdef SYSTEM_ALIASES_USER
user = SYSTEM_ALIASES_USER
.endif
.ifdef SYSTEM_ALIASES_GROUP
group = SYSTEM_ALIASES_GROUP
.endif
.ifdef SYSTEM_ALIASES_FILE_TRANSPORT
file_transport = SYSTEM_ALIASES_FILE_TRANSPORT
.endif
.ifdef SYSTEM_ALIASES_PIPE_TRANSPORT
pipe_transport = SYSTEM_ALIASES_PIPE_TRANSPORT
.endif
.ifdef SYSTEM_ALIASES_DIRECTORY_TRANSPORT
directory_transport = SYSTEM_ALIASES_DIRECTORY_TRANSPORT
.endif
..ifdef DCconfig_satellite
hub_user:
debug_print = "R: hub_user for $local_part@$domain"
driver = redirect
domains = +local_domains
data = ${local_part}@DCreadhost
check_local_user
hub_user_smarthost:
debug_print = "R: hub_user_smarthost for $local_part@$domain"
driver = manualroute
domains = DCreadhost
transport = remote_smtp_smarthost
route_list = * DCsmarthost byname
host_find_failed = defer
same_domain_copy_routing = yes
check_local_user
..endif
userforward:
debug_print = "R: userforward for $local_part@$domain"
driver = redirect
domains = +local_domains
check_local_user
file = $home/.forward
require_files = $local_part:$home/.forward
no_verify
no_expn
check_ancestor
allow_filter
forbid_smtp_code = true
directory_transport = address_directory
file_transport = address_file
pipe_transport = address_pipe
reply_transport = address_reply
skip_syntax_errors
syntax_errors_to = real-$local_part@$domain
syntax_errors_text = \
This is an automatically generated message. An error has\n\
been found in your .forward file. Details of the error are\n\
reported below. While this error persists, you will receive\n\
a copy of this message for every message that is addressed\n\
to you. If your .forward file is a filter file, or if it is\n\
a non-filter file containing no valid forwarding addresses,\n\
a copy of each incoming message will be put in your normal\n\
mailbox. If a non-filter file contains at least one valid\n\
forwarding address, forwarding to the valid addresses will\n\
happen, and those will be the only deliveries that occur.
procmail:
debug_print = "R: procmail for $local_part@$domain"
driver = accept
domains = +local_domains
check_local_user
transport = procmail_pipe
require_files = ${local_part}:\
${if exists{/etc/procmailrc}\
{/etc/procmailrc}{${home}/.procmailrc}}:\
+/usr/bin/procmail
no_verify
no_expn
maildrop:
debug_print = "R: maildrop for $local_part@$domain"
driver = accept
domains = +local_domains
check_local_user
transport = maildrop_pipe
require_files = ${local_part}:${home}/.mailfilter:+/usr/bin/maildrop
no_verify
no_expn
local_user:
debug_print = "R: local_user for $local_part@$domain"
driver = accept
domains = +local_domains
check_local_user
local_parts = ! root
transport = LOCAL_DELIVERY
cannot_route_message = Unknown user
mail4root:
debug_print = "R: mail4root for $local_part@$domain"
driver = redirect
domains = +local_domains
data = /var/mail/mail
file_transport = address_file
local_parts = root
user = mail
group = mail
begin transports
address_file:
debug_print = "T: address_file for $local_part@$domain"
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_pipe:
debug_print = "T: address_pipe for $local_part@$domain"
driver = pipe
return_fail_output
address_reply:
debug_print = "T: autoreply for $local_part@$domain"
driver = autoreply
mail_spool:
debug_print = "T: appendfile for $local_part@$domain"
driver = appendfile
file = /var/mail/$local_part
delivery_date_add
envelope_to_add
return_path_add
group = mail
mode = 0660
mode_fail_narrower = false
maildir_home:
debug_print = "T: maildir_home for $local_part@$domain"
driver = appendfile
.ifdef MAILDIR_HOME_MAILDIR_LOCATION
directory = MAILDIR_HOME_MAILDIR_LOCATION
.else
directory = $home/Maildir
.endif
.ifdef MAILDIR_HOME_CREATE_DIRECTORY
create_directory
.endif
.ifdef MAILDIR_HOME_CREATE_FILE
create_file = MAILDIR_HOME_CREATE_FILE
.endif
delivery_date_add
envelope_to_add
return_path_add
maildir_format
.ifdef MAILDIR_HOME_DIRECTORY_MODE
directory_mode = MAILDIR_HOME_DIRECTORY_MODE
.else
directory_mode = 0700
.endif
.ifdef MAILDIR_HOME_MODE
mode = MAILDIR_HOME_MODE
.else
mode = 0600
.endif
mode_fail_narrower = false
maildrop_pipe:
debug_print = "T: maildrop_pipe for $local_part@$domain"
driver = pipe
path = "/bin:/usr/bin:/usr/local/bin"
command = "/usr/bin/maildrop"
return_path_add
delivery_date_add
envelope_to_add
procmail_pipe:
debug_print = "T: procmail_pipe for $local_part@$domain"
driver = pipe
path = "/bin:/usr/bin:/usr/local/bin"
command = "/usr/bin/procmail"
return_path_add
delivery_date_add
envelope_to_add
remote_smtp:
debug_print = "T: remote_smtp for $local_part@$domain"
driver = smtp
remote_smtp_smarthost:
debug_print = "T: remote_smtp_smarthost for $local_part@$domain"
driver = smtp
hosts_try_auth = ${if exists {CONFDIR/passwd.client}{DCsmarthost}{}}
tls_tempfail_tryclear = false
address_directory:
debug_print = "T: address_directory for $local_part@$domain"
driver = appendfile
envelope_to_add = true
return_path_add = true
check_string = ""
escape_string = ""
maildir_format
begin retry
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
begin rewrite
*@+local_domains "${lookup{${local_part}}lsearch{/etc/email-addresses}\
{$value}fail}" Ffrs
*@<-snip->.homelinux.org "${lookup {${local_part}} lsearch {/etc/email-addresses} {$value} fail }" Ffrs
begin authenticators
cram_md5:
driver = cram_md5
public_name = CRAM-MD5
client_name = ${extract{1}{:}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}
client_secret = ${extract{2}{:}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}
plain:
driver = plaintext
public_name = PLAIN
..ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
client_send = "${if !eq{$tls_cipher}{}{\
^${extract{1}{::}\
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}\
^${extract{2}{::}\
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}\
}fail}"
..else
client_send = "^${extract{1}{::}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}^${extract{2}{::}{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"
..endif
login:
driver = plaintext
public_name = LOGIN
..ifndef AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS
client_send = "${if and{\
{!eq{$tls_cipher}{}}\
{!eq\
{${lookup{$host}lsearch*{CONFDIR/passwd.client}\
{$value}fail}}\
{}}\
}\
{}fail}\
: ${extract{1}{::}\
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}} \
: ${extract{2}{::}\
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"
..else
client_send = "${if !eq\
{${lookup\
{$host}lsearch*{CONFDIR/passwd.client}\
{$value}fail}}\
{}\
{}fail}\
: ${extract{1}{::}\
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}} \
: ${extract{2}{::}\
{${lookup{$host}lsearch*{CONFDIR/passwd.client}{$value}fail}}}"
..endif
More information about the Pkg-exim4-maintainers
mailing list