Current File : /home/inlingua/public_html/decay_sym/root/var/softaculous/apps/exim/3/exim4.conf.template
#####################################################
### main/01_exim4-config_listmacrosdefs
#####################################################
hostlist loopback = <; @[]; 127.0.0.0/8 ; 0.0.0.0 ; localhost ; ::1 ; 0000:0000:0000:0000:0000:ffff:7f00:0000/8

hostlist blocked_incoming_email_country_ips = ${if exists{/etc/blocked_incoming_email_country_ips} {net-iplsearch;/etc/blocked_incoming_email_country_ips} {} }

hostlist spammeripblocks = net-iplsearch;/etc/spammeripblocks

hostlist skipsmtpcheck_hosts = net-iplsearch;/etc/skipsmtpcheckhosts

hostlist trustedmailhosts = lsearch;/etc/trustedmailhosts

domainlist local_domains = lsearch;/etc/localdomains

domainlist user_domains = ${if exists{/etc/userdomains} {lsearch;/etc/userdomains} fail}

domainlist blocked_domains = wildlsearch;/etc/blocked_incoming_email_domains

domainlist manualmx_domains = ${if exists {/etc/manualmx} {lsearch;/etc/manualmx} {} }

localpartlist path_safe_localparts = \N^\.*[^./][^/]*$\N

smtp_accept_queue_per_connection = 30

remote_max_parallel = 10

smtp_receive_timeout = 165s

ignore_bounce_errors_after = 1d

rfc1413_query_timeout = 0s

timeout_frozen_after = 5d

auto_thaw = 7d

callout_domain_negative_expire = 1h

callout_negative_expire = 1h

acl_not_smtp = acl_not_smtp

acl_smtp_connect = acl_smtp_connect

acl_smtp_data = acl_smtp_data

acl_smtp_helo = acl_smtp_helo

acl_smtp_mail = acl_smtp_mail

acl_smtp_quit = acl_smtp_quit

acl_smtp_notquit = acl_smtp_notquit

acl_smtp_rcpt = acl_smtp_rcpt

USER_ON_BLACKLIST=User account is not allowed to send/recieve emails. User is suspended.

message_body_newlines = true

check_rfc2047_length = false

keep_environment = X-SOURCE : X-SOURCE-ARGS : X-SOURCE-DIR

add_environment = PATH=/usr/local/sbin::/usr/local/bin::/sbin::/bin::/usr/sbin::/usr/bin::/sbin::/bin

chunking_advertise_hosts = 198.51.100.1

deliver_queue_load_max = 12

queue_only_load = 24

daemon_smtp_ports = 25 : 465 : 587

tls_on_connect_ports = 465

#openssl_options = +no_sslv2 +no_sslv3 +no_tlsv1 +no_tlsv1_1

#tls_require_ciphers = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"

timezone = UTC

spamd_address = 127.0.0.1 783 retry=30s tmo=3m

tls_certificate = /etc/exim/webuzo.crt
tls_privatekey = /etc/exim/webuzo.key

system_filter = /etc/exim/exim_system_filter
######################################################################
#      Runtime configuration file for Exim 4 (Debian Packaging)      #
######################################################################
disable_ipv6 = true
######################################################################
# /etc/exim4/exim4.conf.template is only used with the non-split
#   configuration scheme.
# /etc/exim4/conf.d/main/01_exim4-config_listmacrosdefs is only used
#   with the split configuration scheme.
# If you find this comment anywhere else, somebody copied it there.
# Documentation about the Debian exim4 configuration scheme can be
# found in /usr/share/doc/exim4-base/README.Debian.gz.
######################################################################

######################################################################
#                    MAIN CONFIGURATION SETTINGS                     #
######################################################################

perl_startup = do '/etc/exim/exim.pl'

# Just for reference and scripts. 
# On Debian systems, the main binary is installed as exim4 to avoid
# conflicts with the exim 3 packages.
exim_path = /usr/sbin/exim4


### main/03_exim4-config_tlsoptions
#################################

# TLS/SSL configuration for exim as an SMTP server.
# See /usr/share/doc/exim4-base/README.Debian.gz for explanations.

MAIN_TLS_ENABLE = true

tls_advertise_hosts = *

#####################################################################
#                       ACL CONFIGURATION                            #
#         Specifies access control lists for incoming SMTP mail      #
######################################################################
begin acl


#####################################################
### end acl/00_exim4-config_header
#####################################################
#####################################################
### acl/20_exim4-config_local_deny_exceptions
#####################################################

### acl/20_exim4-config_local_deny_exceptions
#################################

# This is used to determine whitelisted senders and hosts.
# It checks for CONFDIR/host_local_deny_exceptions and
# CONFDIR/sender_local_deny_exceptions.
#
# It is meant to be used from some other acl entry.
#
# See exim4-config_files(5) for details.
#
# If the files do not exist, the white list never matches, which is
# the desired behaviour.
#
# The old file names CONFDIR/local_host_whitelist and
# CONFDIR/local_sender_whitelist will continue to be honored for a
# transition period. Their use is deprecated.

acl_not_smtp:
	accept
acl_not_smtp_mime:
	accept
acl_not_smtp_start:
	accept
acl_smtp_auth:
	accept
acl_smtp_connect:

drop
    message = Your country is not allowed to connect to this server.
    log_message = Country is banned
    hosts = +blocked_incoming_email_country_ips

drop
    message = Your host is not allowed to connect to this server.
    log_message = Host is banned
    hosts = +spammeripblocks

accept


acl_smtp_data:
	
	accept
		authenticated = *
		hosts = *
	
	warn    condition  = ${if !def:h_Message-ID: {1}}
          set acl_m_greylistreasons = Message lacks Message-Id: header. Consult RFC2822.\n$acl_m_greylistreasons
			
  warn
     # Remove spam headers from outside sources
     condition = ${perl{spamd_is_available}}
     !hosts = +skipsmtpcheck_hosts
     remove_header  = x-spam-subject : x-spam-status : x-spam-score : x-spam-bar : x-spam-report : x-spam-flag : x-ham-report


  warn
    condition = ${perl{spamd_is_available}}
    condition = ${if eq {${acl_m0}}{1}{1}{0}}
    spam =  ${acl_m1}/defer_ok
    !hosts = : +trustedmailhosts
    log_message = "SpamAssassin as ${acl_m1} detected message as spam ($spam_score)"
    add_header = X-Spam-Subject: ***SPAM*** $rh_subject
    add_header = X-Spam-Status: Yes, score=$spam_score
    add_header = X-Spam-Score: $spam_score_int
    add_header = X-Spam-Bar: $spam_bar
    add_header = X-Spam-Report: ${sg{$spam_report}{\N\n \n\N}{\n}}
    add_header = X-Spam-Flag: YES
 	add_header = X-Spam-Flag: NO
    set acl_m2 = 1

  warn
      condition = ${perl{spamd_is_available}}
      condition =  ${if eq {$spam_score_int}{}{0}{${if <= {${spam_score_int}}{8000}{${if >= {${spam_score_int}}{50}{${perl{store_spam}{$sender_host_address}{$spam_score}}}{0}}}{0}}}}

  warn
  condition = ${perl{spamd_is_available}}
  condition = ${if eq {${acl_m0}}{1}{${if eq {${acl_m2}}{1}{0}{1}}}{0}}
  add_header = X-Spam-Status: No, score=$spam_score
  add_header = X-Spam-Score: $spam_score_int
  add_header = X-Spam-Bar: $spam_bar
  add_header = X-Ham-Report: ${sg{$spam_report}{\N\n \n\N}{\n}}
  add_header = X-Spam-Flag: NO
  log_message = "SpamAssassin as ${acl_m1} detected message as NOT spam ($spam_score)"


 accept

acl_smtp_etrn:
	accept
acl_smtp_helo:
	accept
	
acl_local_deny_exceptions:
  accept
    hosts = ${if exists{CONFDIR/host_local_deny_exceptions}\
                 {CONFDIR/host_local_deny_exceptions}\
                 {}}
  accept
    senders = ${if exists{CONFDIR/sender_local_deny_exceptions}\
                   {CONFDIR/sender_local_deny_exceptions}\
                   {}}
  accept
    hosts = ${if exists{CONFDIR/local_host_whitelist}\
                 {CONFDIR/local_host_whitelist}\
                 {}}
  accept
    senders = ${if exists{CONFDIR/local_sender_whitelist}\
                   {CONFDIR/local_sender_whitelist}\
                   {}}
				   
#####################################################
### end acl/20_exim4-config_local_deny_exceptions
#####################################################
#####################################################
### acl/30_exim4-config_check_mail
#####################################################

### acl/30_exim4-config_check_mail
#################################
#####################################################
### end acl/30_exim4-config_check_mail
#####################################################
#####################################################
### acl/30_exim4-config_check_rcpt
#####################################################

### acl/30_exim4-config_check_rcpt
#################################

# This access control list is used for every RCPT command in an incoming
# SMTP message. The tests are run in order until the address is either
# accepted or denied.
#
acl_smtp_mail:

    accept
        authenticated = *

    deny condition = ${if eq{$sender_helo_name}{} {1}}
       message = Nice boys say HELO first
	
	warn condition = ${if eq{$sender_host_name}{} {1}}
       set acl_m_greylistreasons = Host $sender_host_address lacks reverse DNS\n$acl_m_greylistreasons
	
	drop
		condition = ${if eq{${lc:$sender_helo_name}}{${lc:$primary_hostname}}{${if def:interface_address {${if match_ip{$interface_address}{+loopback}{0}{1}}}{0}}}{0}}
		message   = "REJECTED - Bad HELO - Host impersonating [$sender_helo_name]"
		
	
drop
    condition = ${if eq{[$interface_address]}{$sender_helo_name}}
    message   = "REJECTED - Interface: $interface_address is _my_ address"

# END INSERT requirehelonoforge
# BEGIN INSERT requirehelosyntax

drop
    condition   = ${if isip{$sender_helo_name}}
    message     = Access denied - Invalid HELO name (See RFC2821 4.1.3)

drop
    # Required because "[IPv6:<address>]" will have no .s
    condition   = ${if match{$sender_helo_name}{\N^\[\N}{no}{yes}}
    condition   = ${if match{$sender_helo_name}{\N\.\N}{no}{yes}}
    message     = Access denied - Invalid HELO name (See RFC2821 4.1.1.1)

drop
    condition   = ${if match{$sender_helo_name}{\N\.$\N}}
    message     = Access denied - Invalid HELO name (See RFC2821 4.1.1.1)

drop
    condition   = ${if match{$sender_helo_name}{\N\.\.\N}}
    message     = Access denied - Invalid HELO name (See RFC2821 4.1.1.1)
	
    accept

acl_smtp_mailauth:
	accept
acl_smtp_mime:

# File extension filtering.
  deny message = Blacklisted file extension detected
       condition = ${if match \
                        {${lc:$mime_filename}} \
                        {\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com)$\N} \
                     {1}{0}}

  accept

acl_smtp_notquit:

accept authenticated = *

accept hosts = : +loopback

warn
    #only rate limit port 25
    condition = ${if eq {$received_port}{25}{yes}{no}}
    condition = ${if match {$smtp_notquit_reason}{command}{yes}{no}}
    log_message = "Connection Ratelimit - $sender_fullhost because of notquit: $smtp_notquit_reason ($sender_rate/$sender_rate_period max:$sender_rate_limit)"
    ratelimit = 1.2 / 1h / strict / per_conn

accept

acl_smtp_predata:
	accept
acl_smtp_quit:

  warn
    log_message = "Detected session with all messages failed"
    condition = ${if >= {${eval:$rcpt_count}}{1}{${if == {${eval:$rcpt_fail_count}}{${eval:$rcpt_count}}{yes}{no}}}{no}}
    set acl_m6 = 1

  warn
    condition = ${if eq {${acl_m6}}{1}{1}{0}}
    ratelimit = 0 / 1h / strict / per_conn / slow_fail_block_$sender_host_address
    log_message = "Increment slow_fail_block Ratelimit - $sender_fullhost because of all messages failed"

  warn
    ratelimit = 1 / 1h / noupdate / per_conn / slow_fail_block_$sender_host_address
    condition = ${if >= {${eval:$rcpt_count}}{1}{${if < {${eval:$rcpt_fail_count}}{${eval:$rcpt_count}}{yes}{no}}}{no}}
    set acl_m5 = 1
    log_message = "Detected session with ok message that previous had all failed"

  warn
    condition = ${if eq {${acl_m5}}{1}{1}{0}}
    ratelimit = 0 / 1h / strict / per_conn / slow_fail_accept_$sender_host_address
    log_message = "Decrement slow_fail_lock Ratelimit - $sender_fullhost because one message was successful"

	accept

  accept
#####################################################
### end acl/30_exim4-config_check_mail
#####################################################
#####################################################
### acl/30_exim4-config_check_rcpt
#####################################################

### acl/30_exim4-config_check_rcpt
#################################

# This access control list is used for every RCPT command in an incoming
# SMTP message. The tests are run in order until the address is either
# accepted or denied.
#
acl_smtp_rcpt:

  # Accept if the source is local SMTP (i.e. not over TCP/IP). We do this by
  # testing for an empty sending host field.
  accept
    hosts = :
    control = dkim_disable_verify
    
  deny
    message = YOUR DOMAIN IS BLOCKED.
    log_message = Sender domain is banned
    sender_domains = !+local_domains : +blocked_domains

  # The following section of the ACL is concerned with local parts that contain
  # certain non-alphanumeric characters. Dots in unusual places are
  # handled by this ACL as well.
  #
  # Non-alphanumeric characters other than dots are rarely found in genuine
  # local parts, but are often tried by people looking to circumvent
  # relaying restrictions. Therefore, although they are valid in local
  # parts, these rules disallow certain non-alphanumeric characters, as
  # a precaution.
  #
  # Empty components (two dots in a row) are not valid in RFC 2822, but Exim
  # allows them because they have been encountered. (Consider local parts
  # constructed as "firstinitial.secondinitial.familyname" when applied to
  # a name without a second initial.) However, a local part starting
  # with a dot or containing /../ can cause trouble if it is used as part of a
  # file name (e.g. for a mailing list). This is also true for local parts that
  # contain slashes. A pipe symbol can also be troublesome if the local part is
  # incorporated unthinkingly into a shell command line.
  #
  # These ACL components will block recipient addresses that are valid
  # from an RFC2822 point of view. We chose to have them blocked by
  # default for security reasons.
  #
  # If you feel that your site should have less strict recipient
  # checking, please feel free to change the default values of the macros
  # defined in main/01_exim4-config_listmacrosdefs or override them from a
  # local configuration file.
  # 
  # Two different rules are used. The first one has a quite strict
  # default, and is applied to messages that are addressed to one of the
  # local domains handled by this host.

  # The default value of CHECK_RCPT_LOCAL_LOCALPARTS is defined in
  # main/01_exim4-config_listmacrosdefs:
  # CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%!/|`#&?]
  # This blocks local parts that begin with a dot or contain a quite
  # broad range of non-alphanumeric characters.


  # The second rule applies to all other domains, and its default is
  # considerably less strict.
  
  # The default value of CHECK_RCPT_REMOTE_LOCALPARTS is defined in
  # main/01_exim4-config_listmacrosdefs:
  # CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%!`#&?] : ^.*/\\.\\./

  # It allows local users to send outgoing messages to sites
  # that use slashes and vertical bars in their local parts. It blocks
  # local parts that begin with a dot, slash, or vertical bar, but allows
  # these characters within the local part. However, the sequence /../ is
  # barred. The use of some other non-alphanumeric characters is blocked.
  # Single quotes might probably be dangerous as well, but they're
  # allowed by the default regexps to avoid rejecting mails to Ireland.
  # The motivation here is to prevent local users (or local users' malware)
  # from mounting certain kinds of attack on remote sites


  # Deny unless the sender address can be verified.
  #
  # This is disabled by default so that DNSless systems don't break. If
  # your system can do DNS lookups without delay or cost, you might want
  # to enable this feature.
  #
  # This feature does not work in smarthost and satellite setups as
  # with these setups all domains pass verification. See spec.txt chapter
  # 39.31 with the added information that a smarthost/satellite setup
  # routes all non-local e-mail to the smarthost.

  # Verify senders listed in local_sender_callout with a callout.
  #
  # In smarthost and satellite setups, this causes the callout to be
  # done to the smarthost. Verification will thus only be reliable if the
  # smarthost does reject illegal addresses in the SMTP dialog.
  deny
    !acl = acl_local_deny_exceptions
    senders = ${if exists{CONFDIR/local_sender_callout}\
                         {CONFDIR/local_sender_callout}\
                   {}}
    !verify = sender/callout


  # Accept if the message comes from one of the hosts for which we are an
  # outgoing relay. It is assumed that such hosts are most likely to be MUAs,
  # so we set control=submission to make Exim treat the message as a
  # submission. It will fix up various errors in the message, for example, the
  # lack of a Date: header line. If you are actually relaying out out from
  # MTAs, you may want to disable this. If you are handling both relaying from
  # MTAs and submissions from MUAs you should probably split them into two
  # lists, and handle them differently.

  # Recipient verification is omitted here, because in many cases the clients
  # are dumb MUAs that don't cope well with SMTP error responses. If you are
  # actually relaying out from MTAs, you should probably add recipient
  # verification here.

  # Note that, by putting this test before any DNS black list checks, you will
  # always accept from these hosts, even if they end up on a black list. The
  # assumption is that they are your friends, and if they get onto black
  # list, it is a mistake.



  # Accept if the message arrived over an authenticated connection, from
  # any host. Again, these messages are usually from MUAs, so recipient
  # verification is omitted, and submission mode is set. And again, we do this
  # check before any black list tests.
  accept
    authenticated = *
    control = submission/sender_retain
    control = dkim_disable_verify


  # Insist that any other recipient address that we accept is either in one of
  # our local domains, or is in a domain for which we explicitly allow
  # relaying. Any other domain is rejected as being unacceptable for relaying.

  # We also require all accepted addresses to be verifiable. This check will
  # do local part verification for local domains, but only check the domain
  # for remote domains.
  require
    verify = recipient


  # Verify recipients listed in local_rcpt_callout with a callout.
  # This is especially handy for forwarding MX hosts (secondary MX or
  # mail hubs) of domains that receive a lot of spam to non-existent
  # addresses.  The only way to check local parts for remote relay
  # domains is to use a callout (add /callout), but please read the
  # documentation about callouts before doing this.
  deny
    !acl = acl_local_deny_exceptions
    recipients = ${if exists{CONFDIR/local_rcpt_callout}\
                            {CONFDIR/local_rcpt_callout}\
                      {}}
    !verify = recipient/callout


  # CONFDIR/local_sender_blacklist holds a list of envelope senders that
  # should have their access denied to the local host. Incoming messages
  # with one of these senders are rejected at RCPT time.
  #
  # The explicit white lists are honored as well as negative items in
  # the black list. See exim4-config_files(5) for details.
  deny
    message = sender envelope address $sender_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
    !acl = acl_local_deny_exceptions
    senders = ${if exists{CONFDIR/local_sender_blacklist}\
                   {CONFDIR/local_sender_blacklist}\
                   {}}


  # deny bad sites (IP address)
  # CONFDIR/local_host_blacklist holds a list of host names, IP addresses
  # and networks (CIDR notation)  that should have their access denied to
  # The local host. Messages coming in from a listed host will have all
  # RCPT statements rejected.
  #
  # The explicit white lists are honored as well as negative items in
  # the black list. See exim4-config_files(5) for details.
  deny
    message = sender IP address $sender_host_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
    !acl = acl_local_deny_exceptions
    hosts = ${if exists{CONFDIR/local_host_blacklist}\
                 {CONFDIR/local_host_blacklist}\
                 {}}

  #############################################################################
  # This check is commented out because it is recognized that not every
  # sysadmin will want to do it. If you enable it, the check performs
  # Client SMTP Authorization (csa) checks on the sending host. These checks
  # do DNS lookups for SRV records. The CSA proposal is currently (May 2005)
  # an Internet draft. You can, of course, add additional conditions to this
  # ACL statement to restrict the CSA checks to certain hosts only.
  #
  # require verify = csa
  #############################################################################


  # Accept if the address is in a domain for which we are an incoming relay,
  # but again, only if the recipient can be verified.

	
  # implemented for "suspend incoming/outgoing email" feature for user
  deny
    condition   = ${lookup{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}lsearch{/etc/user_suspended_list}{1}{0}}
    message     = USER_ON_BLACKLIST
    log_message = USER_ON_BLACKLIST
	
  # At this point, the address has passed all the checks that have been
  # configured, so we accept it unconditionally.

   accept  hosts = :localhost : +loopback
          control = dkim_disable_verify

  deny    message       = Restricted characters in address
          domains       = +local_domains
          local_parts   = ^[.] : ^.*[@%!/|]

  deny    message       = Restricted characters in address
          domains       = !+local_domains
	  local_parts   = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
  

  accept  local_parts   = postmaster
          domains       = +local_domains


  require verify        = sender

  accept  authenticated = *
          control       = submission
          control       = dkim_disable_verify

  # We also require all accepted addresses to be verifiable. This check will
  # do local part verification for local domains, but only check the domain
  # for remote domains. The only way to check local parts for the remote
  # relay domains is to use a callout (add /callout), but please read the
  # documentation about callouts before doing this.

  require verify = recipient
	

  # implemented for "suspend incoming email" feature
  deny
       domains     = !$primary_hostname : +local_domains
       condition   = ${if exists {${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}}}}}{$value}}/etc/.${sg{$local_part}{\N[/+].*\N}{}}@${domain}.suspended_incoming}}
       message     = 525 5.7.13 Disabled recipient address
       log_message = Mail to ${local_part}@${domain} has been suspended

  # implemented for "suspend outgoing email" feature for domains and individual 
  #deny
   # domains     = ! +local_domains
  #  condition   = ${perl{check_outgoing_mail_suspended}}
  #  message     = ${perl{get_outgoing_mail_suspended_message}}
  #  log_message = ${perl{get_outgoing_mail_suspended_message}}
	
	# implemented for "suspend incoming/outgoing email" feature for user
  deny
    condition   = ${lookup{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}lsearch{/etc/user_suspended_list}{1}{0}}
    message     = USER_ON_BLACKLIST
    log_message = USER_ON_BLACKLIST

  accept
          authenticated = *
          condition = ${if eq{${lookup{$sender_address_domain}lsearch{/etc/userdomains}}}{$sender_address_local_part}}
          endpass
          verify = recipient

  accept
          authenticated = *
          endpass
          verify = recipient

 drop
    condition = ${if eq{$received_port}{587}{1}{0}}
    message = SMTP AUTH is required for message submission on port 587

  require
    verify = recipient

  accept
    condition = ${extract{suspended}{$address_data}}

  warn
    log_message = "Detected Dictionary Attack (Let $rcpt_fail_count bad recipients though before engaging)"
    condition = ${if > {${eval:$rcpt_fail_count}}{4}{yes}{no}}
    set acl_m7 = 1

  warn
    condition = ${if eq {${acl_m7}}{1}{1}{0}}
    ratelimit = 0 / 1h / strict / per_conn
    log_message = "Increment Connection Ratelimit - $sender_fullhost because of Dictionary Attack"

  drop
    condition = ${if eq {${acl_m7}}{1}{1}{0}}
    message = "Number of failed recipients exceeded.  Come back in a few hours."

  warn
         domains    = +local_domains
         condition  = ${if <= {$message_size}{1000K}}
         condition  = ${if !eq{${acl_m0}}{1}}
         condition  = ${if exists{/etc/global_spamassassin_enable}{1}{${if exists{${extract{5}{::}{${lookup passwd{${if eq{$domain}{$primary_hostname}{${sg{$local_part}{\N[/+].*\N}{}}}{${lookup{$domain}lsearch{/etc/userdomains}}}}}}}}/.spamassassindisable}{0}{1}}}}
         set acl_m0 = 1

         #
         set acl_m1 = ${if eq{$domain}{$primary_hostname}{${sg{$local_part_data}{\N[/+].*\N}{}}}{${lookup{$domain}lsearch{/etc/userdomains}}}}
	
	accept

acl_smtp_starttls:
	accept
	

acl_smtp_vrfy:
	accept
acl_smtp_dkim:
	accept

begin authenticators


dovecot_plain:
    driver = dovecot
    public_name = PLAIN
    server_socket = /var/run/dovecot/auth-client
    server_set_id = $auth1
    #server_condition = ${if and {{!match {$auth1}{\N[/]\N}}{eq{${if match {$auth1}{\N[+%:@]\N}{${lookup{${extract{2}{+%:@}{$auth1}}}lsearch{/etc/demodomains}{yes}}}{${lookup{$auth1}lsearch{/etc/demousers}{yes}}}}}{}}}{true}{false}}
    #server_advertise_condition = ${if or {{def:tls_cipher}{match_ip{$sender_host_address}{+loopback}}}{1}{0}}



dovecot_login:
  driver = dovecot
  public_name = LOGIN
  server_socket = /var/run/dovecot/auth-client
  server_set_id = $auth1
  #server_condition = ${if and {{!match {$auth1}{\N[/]\N}}{eq{${if match {$auth1}{\N[+%:@]\N}{${lookup{${extract{2}{+%:@}{$auth1}}}lsearch{/etc/demodomains}{yes}}}{${lookup{$auth1}lsearch{/etc/demousers}{yes}}}}}{}}}{true}{false}}
  #server_advertise_condition = ${if or {{def:tls_cipher}{match_ip{$sender_host_address}{+loopback}}}{1}{0}}
 
 

cram_md5:
  driver = cram_md5
  public_name = CRAM-MD5
  client_name = ${extract{1}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}
  client_secret = ${extract{2}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}

# this returns the matching line from passwd.client and doubles all ^
PASSWDLINE=${sg{\
                ${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}\
	        }\
	        {\\N[\\^]\\N}\
	        {^^}\
	    }

plain:
  driver = plaintext
  public_name = PLAIN
  client_send = "<; ^${extract{1}{:}{PASSWDLINE}}\
		    ^${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"

login:
  driver = plaintext
  public_name = LOGIN
  # Return empty string if looking up $host in passwd-file yields a
  # non-empty string; fail otherwise.
  client_send = "<; ${if !eq{PASSWDLINE}{}\
                      {}fail}\
                 ; ${extract{1}{::}{PASSWDLINE}}\
		 ; ${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"

######################################################################
#                      REWRITE CONFIGURATION                         #
######################################################################

# There are no rewriting specifications in this default configuration file.

begin rewrite


#####################################################
### end rewrite/00_exim4-config_header
#####################################################
#####################################################
### rewrite/31_exim4-config_rewriting
#####################################################

### rewrite/31_exim4-config_rewriting
#################################


#!!#######################################################!!#
#!!# Here follow routers created from the old routers,   #!!#
#!!# for handling non-local domains.                     #!!#
#!!#######################################################!!#

begin routers




######################################################################
#                      ROUTERS CONFIGURATION                         #
#            Specifies how remote addresses are handled              #
######################################################################
#                          ORDER DOES MATTER                         #
#  A remote address is passed to each in turn until it is accepted.  #
######################################################################

# Remote addresses are those with a domain that does not match any item
# in the "local_domains" setting above.


# Check Demo user
democheck:
    driver = redirect
    require_files = "+/etc/demouids"
    condition = ${if >= {$originator_uid}{100}{1}{0}}
    condition = "${extract{size}{${stat:/etc/demouids}}}"
    condition = "${if eq \
        {${lookup \
            {$originator_uid} \
            lsearch{/etc/demouids} \
            {$value} \
        }} \
        {} \
        {false} \
        {true} \
    }"
    allow_fail
    data = :fail: demo accounts are not permitted to relay email

# check email count per hour domain or user || Check other stuff also (TODO E.G. SUSPEND DOMAIN, USER AND PERTICULAR EMAIL ACCOUNT)	
check_mail_validity:
    domains = ! +local_domains
    condition =  ${if eq {$authenticated_id}{root}{0}{1}}
    ignore_target_hosts = +loopback
    driver = redirect
    allow_fail
    #allow_filter
    allow_defer
    #reply_transport = address_reply
    no_verify
    user = "Debian-exim" 
    expn = false
    condition = "${perl{check_mail_validity}}"
    data = "${perl{check_mail_validity_results}}"
	
#
# Increments max emails per hour if needed (to do)
#
increment_email_per_hour_count:
    domains = ! +local_domains
    ignore_target_hosts = +loopback
    condition =  ${if eq {$authenticated_id}{root}{0}{1}}
    driver = redirect
    allow_fail
    no_verify
    one_time
    expn = false
    condition = "${perl{increment_email_per_hour_count_if}}"
    data = ":unknown:"
	
manualmx:
    driver = manualroute
    domains = +manualmx_domains
    transport = remote_smtp
    route_data = ${lookup \
        {$domain} \
        lsearch{/etc/manualmx} \
    }
	
autoreply_dkim_lookuphost:
    driver = dnslookup
    domains = ! +local_domains
    condition = "${perl{sender_domain_can_dkim_sign}}"
    condition = "${if \
        or { \
            {match{$h_precedence:}{auto}} \
            {match{$h_x-precedence:}{auto}} \
        } \
        {1}{0} \
    }"
    #ignore verisign to prevent waste of bandwidth
    ignore_target_hosts = +loopback
    headers_add = "${perl{mailtrapheaders}}"
    transport = dkim_remote_smtp
	
dkim_lookuphost:
    driver = dnslookup
    domains = ! +local_domains
    condition = "${perl{sender_domain_can_dkim_sign}}"
    #ignore verisign to prevent waste of bandwidth
    ignore_target_hosts = +loopback
    headers_add = "${perl{mailtrapheaders}}"
    transport = dkim_remote_smtp
	
lookuphost:
    driver = dnslookup
    domains = ! +local_domains
    #ignore verisign to prevent waste of bandwidth
    ignore_target_hosts = +loopback
    headers_add = "${perl{mailtrapheaders}}"
    transport = remote_smtp

literal:
    driver = ipliteral
    domains = ! +local_domains
    ignore_target_hosts = +loopback : 64.94.110.0/24
    headers_add = "${perl{mailtrapheaders}}"
    transport = remote_smtp


######################################################################
#                      DIRECTORS CONFIGURATION                       #
#             Specifies how local addresses are handled              #
######################################################################
#                          ORDER DOES MATTER                         #
#   A local address is passed to each in turn until it is accepted.  #
######################################################################

# filter on user level
user_filter:
    driver = redirect
    allow_filter
    allow_fail
    forbid_filter_run
    forbid_filter_perl
    forbid_filter_lookup
    forbid_filter_readfile
    forbid_filter_readsocket
    no_check_local_user
    domains = lsearch;/etc/userdomains
    require_files = "${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/filter"
    condition = "${extract \
        {size} \
        {${stat:${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/filter}} \
    }"
    file = ${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/filter
    file_transport = address_file
    directory_transport = address_directory
    reply_transport = address_reply
    router_home_directory = ${extract \
        {5} \
        {::} \
        {${lookup passwd \
            {${lookup \
                {$domain} \
                lsearch{/etc/userdomains} \
                {$value} \
            }} \
            {$value} \
        }} \
    }
    user = "${lookup \
        {$domain} \
        lsearch{/etc/userdomains} \
        {$value} \
    }"
	group = "${lookup \
        {$domain} \
        lsearch{/etc/userdomains} \
        {$value} \
    }"
    no_verify

# A filter on Domain level
domain_filter:
    driver = redirect
    allow_filter
    allow_fail
    forbid_filter_run
    forbid_filter_perl
    forbid_filter_lookup
    forbid_filter_readfile
    forbid_filter_readsocket
    no_check_local_user
    domains = lsearch;/etc/userdomains
    require_files = "${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/filter"
    condition = "${extract \
        {size} \
        {${stat:${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/filter}} \
    }"
    file = ${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/filter
    file_transport = address_file
    directory_transport = address_directory
    reply_transport = address_reply
    router_home_directory = ${extract \
        {5} \
        {::} \
        {${lookup passwd \
            {${lookup \
                {$domain} \
                lsearch{/etc/userdomains} \
                {$value} \
            }} \
            {$value} \
        }} \
    }
    user = "${lookup \
        {$domain} \
        lsearch{/etc/userdomains} \
        {$value} \
    }"
	group = "${lookup \
        {$domain} \
        lsearch{/etc/userdomains} \
        {$value} \
    }"
    no_verify
	
# A filter on Email level
email_filter:
    driver = redirect
    allow_filter
    allow_fail
    forbid_filter_run
    forbid_filter_perl
    forbid_filter_lookup
    forbid_filter_readfile
    forbid_filter_readsocket
    no_check_local_user
    domains = lsearch;/etc/userdomains
    require_files = "${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/${local_part}/filter"
    condition = "${extract \
        {size} \
        {${stat:${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/${local_part}/filter}} \
    }"
    file = ${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/${local_part}/filter
    file_transport = address_file
    directory_transport = address_directory
    reply_transport = address_reply
    router_home_directory = ${extract \
        {5} \
        {::} \
        {${lookup passwd \
            {${lookup \
                {$domain} \
                lsearch{/etc/userdomains} \
                {$value} \
            }} \
            {$value} \
        }} \
    }
    user = "${lookup \
        {$domain} \
        lsearch{/etc/userdomains} \
        {$value} \
    }"
	group = "${lookup \
        {$domain} \
        lsearch{/etc/userdomains} \
        {$value} \
    }"
	local_part_suffix = +*
    local_part_suffix_optional
    retry_use_local_part
    no_verify

#autoreply exists
#both passwd and forwarders do not have local_part.
userautoreply:
  driver = accept
  domains = lsearch;/etc/userdomains
	router_home_directory = ${extract \
        {5} \
        {::} \
        {${lookup passwd \
            {${lookup \
                {$domain} \
                lsearch{/etc/userdomains} \
                {$value} \
            }} \
            {$value} \
        }} \
    }
	user = "${lookup \
        {$domain} \
        lsearch{/etc/userdomains} \
        {$value} \
    }"
	group = "${lookup \
        {$domain} \
        lsearch{/etc/userdomains} \
        {$value} \
    }"
  #local_parts = ${lookup{$local_part} dsearch,ret=full{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${domain}/autorespond/}}
  condition = ${if exists{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/autorespond/${local_part}/${local_part}@${perl{untaint}{$domain}}.msg}{yes}{no}}
  condition = ${if match{$h_X-Spam-Status:}{\N^Yes\N}{no}{yes}}
  require_files = ${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/autorespond/${local_part}/${local_part}@${perl{untaint}{$domain}}.msg
  condition = ${if exists{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/passwd}}
  condition = ${lookup{$local_part}lsearch{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/passwd}{yes}{no}}
  
  address_data = \
        "subj=${quote:${readfile{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/autorespond/${local_part}/${local_part}@${perl{untaint}{$domain}}.subj}{}}} \
        msg=${quote:${readfile{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/autorespond/${local_part}/${local_part}@${perl{untaint}{$domain}}.msg}{}}}"
	
  # do not reply to errors and bounces or lists
  senders = " ! ^.*-request@.*:\
              ! ^owner-.*@.*:\
              ! ^postmaster@.*:\
              ! ^listmaster@.*:\
              ! ^mailer-daemon@.*\
              ! ^root@.*"
  transport = userautoreply
  unseen
  
virtual_aliases:
    driver = redirect
    allow_defer
    allow_fail
    domains = lsearch;/etc/userdomains
    user = "${lookup \
        {$domain} \
        lsearch{/etc/userdomains} \
        {$value} \
    }"
	group = "${lookup \
        {$domain} \
        lsearch{/etc/userdomains} \
        {$value} \
    }"
    address_data = \
        "router=$router_name \
        redirect=${quote:${lookup \
            {$local_part} \
            lsearch{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/aliases} \
    }}"
    data = ${extract{redirect}{$address_data}}
    file_transport = address_file
    router_home_directory = ${extract \
        {5} \
        {::} \
        {${lookup passwd \
            {${lookup \
                {$domain_data} \
                lsearch{/etc/userdomains} \
                {$value} \
            }} \
            {$value} \
        }} \
    }
    local_part_suffix = +*
    local_part_suffix_optional
    retry_use_local_part
    unseen
	

virtual_user_overquota:
  driver = redirect
  domains = ${lookup{$domain}lsearch{/etc/userdomains}{${perl{untaint}{$domain}}}}
  require_files = "+$home/etc/$domain"
  user = "${lookup{$domain}lsearch{/etc/userdomains}{$value}}"
  group = "${lookup{$domain}lsearch{/etc/userdomains}{$value}}"
  router_home_directory = ${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}

  # NB: On busy servers Dovecot may take several seconds to respond to
  # this request. So we set the timeout generously:
  condition = "${if match {${readsocket{/var/run/dovecot/quota-status}{request=smtpd_access_policy\nrecipient=${quote:$local_part}@${quote:$domain_data}\nsize=$message_size\n\n}{30s}{\n}{SOCKETFAIL}}}{action=5}{true}{false}}"

  data = ":fail:Mailbox is full / Blocks limit exceeded / Inode limit exceeded"
  verify_only
  allow_fail


#
# Virtual User Spam Boxes
#

virtual_user_spam:
    driver = redirect
    local_parts = +path_safe_localparts
    domains = \
        : ${lookup \
            {$domain} \
            lsearch{/etc/userdomains} \
            {${perl{untaint}{$domain}}} \
        }
    condition = ${if match{$h_x-spam-status:}{\N^Yes\N}{true}{false}}
    require_files = \
        "+${extract \
            {5} \
            {::} \
            {${lookup passwd \
                {${lookup \
                    {$domain} \
                    lsearch{/etc/userdomains} \
                    {$value} \
                }} \
                {$value} \
            }} \
        }/.spamassassinenable: \
            +${extract \
                {5} \
                {::} \
                {${lookup passwd \
                    {${lookup \
                        {$domain_data} \
                        lsearch{/etc/userdomains} \
                        {$value} \
                    }} \
                    {$value} \
                }} \
            }/mail/$domain/$local_part"
    router_home_directory = ${extract \
        {5} \
        {::} \
        {${lookup passwd \
            {${lookup \
                {$domain} \
                lsearch{/etc/userdomains} \
                {$value} \
            }} \
            {$value} \
        }} \
    }
    headers_remove="x-uidl"
    data = "${quote_local_part:$local_part}+spam@${domain}"
    redirect_router = virtual_user
	


virtual_user:
    driver = accept
    domains = \
        : ${lookup \
            {$domain} \
            lsearch{/etc/userdomains} \
            {${perl{untaint}{$domain}}} \
        }
    local_parts = +path_safe_localparts
    require_files = "+${extract \
        {5} \
        {::} \
        {${lookup passwd \
            {${lookup \
                {$domain} \
                lsearch{/etc/userdomains} \
                {$value} \
            }} \
            {$value} \
        }} \
    }/mail/$domain/$local_part"
    router_home_directory = ${extract \
        {5} \
        {::} \
        {${lookup passwd \
            {${lookup \
                {$domain} \
                lsearch{/etc/userdomains} \
                {$value} \
            }} \
            {$value} \
        }} \
    }
    headers_remove="x-uidl"
    local_part_suffix = +*
    local_part_suffix_optional
    user = "${lookup{$domain}lsearch{/etc/userdomains}{$value}}"
	group = "${lookup{$domain}lsearch{/etc/userdomains}{$value}}"
    transport = dovecot_virtual_delivery

# TODO
valias_domain_file:
  driver = redirect
  allow_defer
  allow_fail
  domains = lsearch;/etc/userdomains
  user = "${lookup{$domain}lsearch{/etc/userdomains}{$value}}"
  group = "${lookup{$domain}lsearch{/etc/userdomains}{$value}}"
  condition = ${if exists{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/$domain/domaliases}\
                 {yes}\
                 {no}}
  condition = ${lookup {$domain} lsearch {${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/$domain/domaliases}{yes}{no} }
  address_data = router=$router_name redirect=${quote:${quote_local_part:$local_part}@${lookup{$domain}lsearch{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/$domain/domaliases}}}
  data = ${extract{redirect}{$address_data}}
  

local_aliases:
    driver = redirect
	require_files = /etc/localaliases
    allow_defer
    allow_fail
    domains = $primary_hostname : localhost
    address_data = \
        "router=$router_name \
        redirect=${quote: \
            ${lookup \
                {$local_part} \
                lsearch{/etc/localaliases} \
            }}"
    data = ${extract{redirect}{$address_data}}
    file_transport = address_file
    pipe_transport = address_pipe
    check_local_user

userforward:
    driver = redirect
    allow_filter
    allow_fail
    forbid_filter_run
    forbid_filter_perl
    forbid_filter_lookup
    forbid_filter_readfile
    forbid_filter_readsocket
    check_ancestor
    check_local_user
    domains = $primary_hostname
    no_expn
    require_files = "+$home/.forward"
    condition = "${extract{size}{${stat:$home/.forward}}}"
    file = $home/.forward
    file_transport = address_file
    reply_transport = address_reply
    directory_transport = address_directory
    user = $local_part_data
    group = $local_part_data
    no_verify


localuser_root:
    driver = redirect
    allow_fail
    domains = $primary_hostname : localhost
    check_local_user
    condition = ${if eq {$local_part_data}{root}}
    data = :fail: root cannot accept local mail deliveries
	

localuser_overquota:
  driver = redirect
  domains = $primary_hostname
  check_local_user
  # NB: On busy servers Dovecot may take several seconds to respond to
  # this request. So we set the timeout generously:
  condition =  "${if match {${readsocket{/var/run/dovecot/quota-status}{request=smtpd_access_policy\nrecipient=${quote:$local_part}\nsize=$message_size\n\n}{30s}{\n}{SOCKETFAIL}}}{action=5}{true}{false}}"

  data = ":fail:Mailbox is full / Blocks limit exceeded / Inode limit exceeded"
  verify_only
  allow_fail

#
# Optimized spambox router
#

localuser_spam:
    driver = redirect
    domains = $primary_hostname
    require_files = "+$home/.spamassassinenable"
    condition = ${if match{$h_x-spam-status:}{\N^Yes\N}{true}{false}}
# sets home,user,group
    check_local_user
    headers_remove="x-uidl"
    data = "${quote_local_part:$local_part_data}+spam"
    redirect_router = localuser
	
localuser:
    driver = accept
# sets home,user,group
    check_local_user
    domains = $primary_hostname
    headers_remove="x-uidl"
    local_part_suffix = +*
    local_part_suffix_optional
    user = $local_part_data
    group = $local_part_data
    transport = dovecot_delivery
	
#To catch all the failed mail
catchall:
    driver = redirect
    domains = lsearch;/etc/userdomains
	address_data = \
        "router=$router_name \
        redirect=${quote:${lookup \
            {*} \
            lsearch{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/aliases} \
    }}"
    data = ${extract{redirect}{$address_data}}
	allow_fail
	

dnslookup:
  driver = dnslookup
  domains = ! +local_domains
  transport = remote_smtp
  ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
  no_more
  
	
######################################################################
#                      TRANSPORTS CONFIGURATION                      #
######################################################################
#                       ORDER DOES NOT MATTER                        #
#     Only one appropriate transport is called for each delivery.    #
######################################################################



# This transport is used for delivering messages over SMTP connections.

begin transports

remote_smtp:
	driver = smtp 
	dkim_domain = ${lc:${domain:$h_from:}}
	debug_print = "T: remote_smtp for $local_part@$domain"
	dkim_selector = x 
	dkim_private_key = /var/webuzo-data/mail/dkim/private/${perl{untaint}{${dkim_domain}}}
	dkim_canon = relaxed
	
remote_smtp_old:
  driver = smtp
  #interface = <; ${if > {${extract{size}{${stat:/etc/mailips}}}}{0}{${lookup{${lc:${perl{get_message_sender_domain}}}}lsearch{/etc/mailips}{$value}{${lookup{${if match_domain{$original_domain}{+relay_domains}{${lc:$original_domain}}{}}}lsearch{/etc/mailips}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailips}{$value}{}}}}}}}}
  #helo_data = ${if > {${extract{size}{${stat:/etc/mailhelo}}}}{0}{${lookup{${lc:${perl{get_message_sender_domain}}}}lsearch{/etc/mailhelo}{$value}{${lookup{${if match_domain{$original_domain}{+relay_domains}{${lc:$original_domain}}{}}}lsearch{/etc/mailhelo}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}}}}}{$primary_hostname}}
  #hosts_try_chunking = 198.51.100.1
  helo_data = ${lookup dnsdb{ptr=$sending_ip_address}{$value}{$primary_hostname}}
  dkim_domain = ${lc:${domain:$h_from:}} 
  

dkim_remote_smtp:
  driver = smtp
  interface = <; ${if > {${extract{size}{${stat:/etc/mailips}}}}{0}{${lookup{${lc:${perl{get_message_sender_domain}}}}lsearch{/etc/mailips}{$value}{${lookup{${if match_domain{$original_domain}{+relay_domains}{${lc:$original_domain}}{}}}lsearch{/etc/mailips}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailips}{$value}{}}}}}}}}
  #helo_data = ${if > {${extract{size}{${stat:/etc/mailhelo}}}}{0}{${lookup{${lc:${perl{get_message_sender_domain}}}}lsearch{/etc/mailhelo}{$value}{${lookup{${if match_domain{$original_domain}{+relay_domains}{${lc:$original_domain}}{}}}lsearch{/etc/mailhelo}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}}}}}{$primary_hostname}}
  dkim_domain = ${lc:${domain:$h_from:}} 
  dkim_selector = x
  dkim_private_key = "/var/webuzo-data/mail/dkim/private/${perl{untaint}{${dkim_domain}}}"
  dkim_canon = relaxed
  helo_data = ${lookup dnsdb{ptr=$sending_ip_address}{$value}{$primary_hostname}}
  #hosts_try_chunking = 198.51.100.1

address_directory:
  driver = pipe
  command = /usr/libexec/dovecot/dovecot-lda -f $sender_address -d ${perl{convert_address_directory_to_dovecot_lda_destination_username}} -m ${perl{convert_address_directory_to_dovecot_lda_mailbox}}
  message_prefix =
  message_suffix =
  log_output
  delivery_date_add
  envelope_to_add
  return_path_add
  temp_errors = 64 : 69 : 70: 71 : 72 : 73 : 74 : 75 : 78
  
address_pipe:
	debug_print = "T: address_pipe for $local_part@$domain"
    driver = pipe
    return_output
	

virtual_address_pipe:
    driver = pipe
    return_output
	
address_file:
	debug_print = "T: address_file for $local_part@$domain"
    driver = pipe
    command = /usr/lib/dovecot/dovecot-lda -e -f $sender_address -d ${perl{convert_address_directory_to_dovecot_lda_destination_username}} -m ${perl{convert_address_directory_to_dovecot_lda_mailbox}}
    message_prefix =
    message_suffix =
    log_output
    delivery_date_add
    envelope_to_add
    return_path_add
    temp_errors = 64 : 69 : 70: 71 : 72 : 73 : 74 : 75 : 78
	
dovecot_delivery:
    driver = lmtp
    socket = /var/run/dovecot/lmtp
    batch_max = 200
    batch_id = "$r_webuzo_u ${if def:r_bcc_addr {$r_bcc_addr}}"
    rcpt_include_affixes
    delivery_date_add
    envelope_to_add
    return_path_add

vmail_delivery:
    driver = lmtp
	user = "${lookup{$domain_data}lsearch{/etc/userdomains}{$value}}"
	group = "${lookup{$domain_data}lsearch{/etc/userdomains}{$value}}"
    socket = /var/run/dovecot/lmtp
    batch_max = 200
    batch_id = "$r_webuzo_u ${if def:r_bcc_addr {$r_bcc_addr}}"
    rcpt_include_affixes
    delivery_date_add
    envelope_to_add
    return_path_add
	
dovecot_virtual_delivery:
  driver = appendfile
  delivery_date_add
  #directory_mode = 770
  envelope_to_add
  #router_home_directory = ${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}
  directory = $home/mail/${lookup{$domain}dsearch{$home/mail/}}/${lookup{$local_part}dsearch{$home/mail/${lookup{$domain}dsearch{$home/mail/}}/}}
  #file = ${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/mail/$domain/$local_part
  maildir_format
  create_directory = true
  group = ${lookup{$domain}lsearch{/etc/userdomains}{$value}}
  mode = 0660
  return_path_add
  user = ${lookup{$domain}lsearch{/etc/userdomains}{$value}}
  quota = ${if exists{$home/etc/${perl{untaint}{$domain}}/quota}{${lookup{${local_part}}lsearch{$home/etc/${perl{untaint}{$domain}}/quota}{$value}{0}}}{0}}
	
address_reply:
	debug_print = "T: autoreply for $local_part@$domain"
    driver = autoreply
	
#COMMENT#59:
userautoreply:
  driver = autoreply
  text = ${extract{msg}{$address_data}}
  from = "${local_part}@${domain}"
  no_return_message
  subject = ${extract{subj}{$address_data}}
  to = "${sender_address}"
  reply_to = "${local_part}@${domain}"
  headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
  
#####################################################
### end transport/10_exim4-config_transport-macros
#####################################################
#####################################################
### transport/30_exim4-config_address_file
#####################################################

# This transport is used for handling deliveries directly to files that are
# generated by aliasing or forwarding.
#

#####################################################
### end transport/30_exim4-config_address_file
#####################################################
#####################################################
### transport/30_exim4-config_address_pipe
#####################################################

# This transport is used for handling pipe deliveries generated by
# .forward files. If the commands fails and produces any output on standard
# output or standard error streams, the output is returned to the sender
# of the message as a delivery error.

#####################################################
### end transport/30_exim4-config_address_pipe
#####################################################
#####################################################
### transport/30_exim4-config_address_reply
#####################################################

# This transport is used for handling autoreplies generated by the filtering
# option of the userforward router.
#

#####################################################
### end transport/30_exim4-config_address_reply
#####################################################
#####################################################
### transport/30_exim4-config_mail_spool
#####################################################

### transport/30_exim4-config_mail_spool

# This transport is used for local delivery to user mailboxes in traditional
# BSD mailbox format.
#
mail_spool:
  debug_print = "T: appendfile for $local_part@$domain"
  driver = appendfile
  file = /var/mail/$local_part
  delivery_date_add
  envelope_to_add
  return_path_add
  group = mail
  mode = 0660
  mode_fail_narrower = false

#####################################################
### end transport/30_exim4-config_mail_spool
#####################################################
#####################################################
### transport/30_exim4-config_maildir_home
#####################################################

### transport/30_exim4-config_maildir_home
#################################

# Use this instead of mail_spool if you want to to deliver to Maildir in
# home-directory - change the definition of LOCAL_DELIVERY
#
maildir_home:
  debug_print = "T: maildir_home for $local_part@$domain"
  driver = appendfile
  directory = $home/mail/${domain}/${local_part}
  create_directory
  delivery_date_add
  envelope_to_add
  return_path_add
  maildir_format
  directory_mode = 0700
  mode = 0600
  mode_fail_narrower = false
  
  # This transport always chdirs to $home before trying to deliver. If
  # $home is not accessible, this chdir fails and prevents delivery.
  # If you are in a setup where home directories might not be
  # accessible, uncomment the current_directory line below.
  # current_directory = /
#####################################################
### end transport/30_exim4-config_maildir_home
#####################################################
#####################################################
### transport/30_exim4-config_maildrop_pipe
#####################################################

maildrop_pipe:
  debug_print = "T: maildrop_pipe for $local_part@$domain"
  driver = pipe
  path = "/bin:/usr/bin:/usr/local/bin"
  command = "/usr/bin/maildrop"
  return_path_add
  delivery_date_add
  envelope_to_add

#####################################################
### end transport/30_exim4-config_maildrop_pipe
#####################################################
#####################################################
### transport/30_exim4-config_procmail_pipe
#####################################################

procmail_pipe:
  debug_print = "T: procmail_pipe for $local_part@$domain"
  driver = pipe
  path = "/bin:/usr/bin:/usr/local/bin"
  command = "/usr/bin/procmail"
  return_path_add
  delivery_date_add
  envelope_to_add

#####################################################
### end transport/30_exim4-config_procmail_pipe
#####################################################
#####################################################
### transport/30_exim4-config_remote_smtp
#####################################################

### transport/30_exim4-config_remote_smtp
#################################
# This transport is used for delivering messages over SMTP connections.

#####################################################
### end transport/30_exim4-config_remote_smtp
#####################################################
#####################################################
### transport/30_exim4-config_remote_smtp_smarthost
#####################################################

### transport/30_exim4-config_remote_smtp_smarthost
#################################

# This transport is used for delivering messages over SMTP connections
# to a smarthost. The local host tries to authenticate.
# This transport is used for smarthost and satellite configurations.

remote_smtp_smarthost:
  debug_print = "T: remote_smtp_smarthost for $local_part@$domain"
  driver = smtp
  hosts_try_auth = <; ${if exists{CONFDIR/passwd.client} \
        {\
        ${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$host_address}}\
        }\
        {} \
      }
	
	
######################################################################
#                      RETRY CONFIGURATION                           #
######################################################################

# Domain               Error       Retries
# ------               -----       -------


begin retry

*                      *           F,2h,15m; G,16h,1h,1.5; F,4d,6h

# End of Exim 4 configuration