Current File : /home/inlingua/public_html/decay_sym/root/var/softaculous/apps/exim/3/exim4.conf.template |
#####################################################
### main/01_exim4-config_listmacrosdefs
#####################################################
hostlist loopback = <; @[]; 127.0.0.0/8 ; 0.0.0.0 ; localhost ; ::1 ; 0000:0000:0000:0000:0000:ffff:7f00:0000/8
hostlist blocked_incoming_email_country_ips = ${if exists{/etc/blocked_incoming_email_country_ips} {net-iplsearch;/etc/blocked_incoming_email_country_ips} {} }
hostlist spammeripblocks = net-iplsearch;/etc/spammeripblocks
hostlist skipsmtpcheck_hosts = net-iplsearch;/etc/skipsmtpcheckhosts
hostlist trustedmailhosts = lsearch;/etc/trustedmailhosts
domainlist local_domains = lsearch;/etc/localdomains
domainlist user_domains = ${if exists{/etc/userdomains} {lsearch;/etc/userdomains} fail}
domainlist blocked_domains = wildlsearch;/etc/blocked_incoming_email_domains
domainlist manualmx_domains = ${if exists {/etc/manualmx} {lsearch;/etc/manualmx} {} }
localpartlist path_safe_localparts = \N^\.*[^./][^/]*$\N
smtp_accept_queue_per_connection = 30
remote_max_parallel = 10
smtp_receive_timeout = 165s
ignore_bounce_errors_after = 1d
rfc1413_query_timeout = 0s
timeout_frozen_after = 5d
auto_thaw = 7d
callout_domain_negative_expire = 1h
callout_negative_expire = 1h
acl_not_smtp = acl_not_smtp
acl_smtp_connect = acl_smtp_connect
acl_smtp_data = acl_smtp_data
acl_smtp_helo = acl_smtp_helo
acl_smtp_mail = acl_smtp_mail
acl_smtp_quit = acl_smtp_quit
acl_smtp_notquit = acl_smtp_notquit
acl_smtp_rcpt = acl_smtp_rcpt
USER_ON_BLACKLIST=User account is not allowed to send/recieve emails. User is suspended.
message_body_newlines = true
check_rfc2047_length = false
keep_environment = X-SOURCE : X-SOURCE-ARGS : X-SOURCE-DIR
add_environment = PATH=/usr/local/sbin::/usr/local/bin::/sbin::/bin::/usr/sbin::/usr/bin::/sbin::/bin
chunking_advertise_hosts = 198.51.100.1
deliver_queue_load_max = 12
queue_only_load = 24
daemon_smtp_ports = 25 : 465 : 587
tls_on_connect_ports = 465
#openssl_options = +no_sslv2 +no_sslv3 +no_tlsv1 +no_tlsv1_1
#tls_require_ciphers = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"
timezone = UTC
spamd_address = 127.0.0.1 783 retry=30s tmo=3m
tls_certificate = /etc/exim/webuzo.crt
tls_privatekey = /etc/exim/webuzo.key
system_filter = /etc/exim/exim_system_filter
######################################################################
# Runtime configuration file for Exim 4 (Debian Packaging) #
######################################################################
disable_ipv6 = true
######################################################################
# /etc/exim4/exim4.conf.template is only used with the non-split
# configuration scheme.
# /etc/exim4/conf.d/main/01_exim4-config_listmacrosdefs is only used
# with the split configuration scheme.
# If you find this comment anywhere else, somebody copied it there.
# Documentation about the Debian exim4 configuration scheme can be
# found in /usr/share/doc/exim4-base/README.Debian.gz.
######################################################################
######################################################################
# MAIN CONFIGURATION SETTINGS #
######################################################################
perl_startup = do '/etc/exim/exim.pl'
# Just for reference and scripts.
# On Debian systems, the main binary is installed as exim4 to avoid
# conflicts with the exim 3 packages.
exim_path = /usr/sbin/exim4
### main/03_exim4-config_tlsoptions
#################################
# TLS/SSL configuration for exim as an SMTP server.
# See /usr/share/doc/exim4-base/README.Debian.gz for explanations.
MAIN_TLS_ENABLE = true
tls_advertise_hosts = *
#####################################################################
# ACL CONFIGURATION #
# Specifies access control lists for incoming SMTP mail #
######################################################################
begin acl
#####################################################
### end acl/00_exim4-config_header
#####################################################
#####################################################
### acl/20_exim4-config_local_deny_exceptions
#####################################################
### acl/20_exim4-config_local_deny_exceptions
#################################
# This is used to determine whitelisted senders and hosts.
# It checks for CONFDIR/host_local_deny_exceptions and
# CONFDIR/sender_local_deny_exceptions.
#
# It is meant to be used from some other acl entry.
#
# See exim4-config_files(5) for details.
#
# If the files do not exist, the white list never matches, which is
# the desired behaviour.
#
# The old file names CONFDIR/local_host_whitelist and
# CONFDIR/local_sender_whitelist will continue to be honored for a
# transition period. Their use is deprecated.
acl_not_smtp:
accept
acl_not_smtp_mime:
accept
acl_not_smtp_start:
accept
acl_smtp_auth:
accept
acl_smtp_connect:
drop
message = Your country is not allowed to connect to this server.
log_message = Country is banned
hosts = +blocked_incoming_email_country_ips
drop
message = Your host is not allowed to connect to this server.
log_message = Host is banned
hosts = +spammeripblocks
accept
acl_smtp_data:
accept
authenticated = *
hosts = *
warn condition = ${if !def:h_Message-ID: {1}}
set acl_m_greylistreasons = Message lacks Message-Id: header. Consult RFC2822.\n$acl_m_greylistreasons
warn
# Remove spam headers from outside sources
condition = ${perl{spamd_is_available}}
!hosts = +skipsmtpcheck_hosts
remove_header = x-spam-subject : x-spam-status : x-spam-score : x-spam-bar : x-spam-report : x-spam-flag : x-ham-report
warn
condition = ${perl{spamd_is_available}}
condition = ${if eq {${acl_m0}}{1}{1}{0}}
spam = ${acl_m1}/defer_ok
!hosts = : +trustedmailhosts
log_message = "SpamAssassin as ${acl_m1} detected message as spam ($spam_score)"
add_header = X-Spam-Subject: ***SPAM*** $rh_subject
add_header = X-Spam-Status: Yes, score=$spam_score
add_header = X-Spam-Score: $spam_score_int
add_header = X-Spam-Bar: $spam_bar
add_header = X-Spam-Report: ${sg{$spam_report}{\N\n \n\N}{\n}}
add_header = X-Spam-Flag: YES
add_header = X-Spam-Flag: NO
set acl_m2 = 1
warn
condition = ${perl{spamd_is_available}}
condition = ${if eq {$spam_score_int}{}{0}{${if <= {${spam_score_int}}{8000}{${if >= {${spam_score_int}}{50}{${perl{store_spam}{$sender_host_address}{$spam_score}}}{0}}}{0}}}}
warn
condition = ${perl{spamd_is_available}}
condition = ${if eq {${acl_m0}}{1}{${if eq {${acl_m2}}{1}{0}{1}}}{0}}
add_header = X-Spam-Status: No, score=$spam_score
add_header = X-Spam-Score: $spam_score_int
add_header = X-Spam-Bar: $spam_bar
add_header = X-Ham-Report: ${sg{$spam_report}{\N\n \n\N}{\n}}
add_header = X-Spam-Flag: NO
log_message = "SpamAssassin as ${acl_m1} detected message as NOT spam ($spam_score)"
accept
acl_smtp_etrn:
accept
acl_smtp_helo:
accept
acl_local_deny_exceptions:
accept
hosts = ${if exists{CONFDIR/host_local_deny_exceptions}\
{CONFDIR/host_local_deny_exceptions}\
{}}
accept
senders = ${if exists{CONFDIR/sender_local_deny_exceptions}\
{CONFDIR/sender_local_deny_exceptions}\
{}}
accept
hosts = ${if exists{CONFDIR/local_host_whitelist}\
{CONFDIR/local_host_whitelist}\
{}}
accept
senders = ${if exists{CONFDIR/local_sender_whitelist}\
{CONFDIR/local_sender_whitelist}\
{}}
#####################################################
### end acl/20_exim4-config_local_deny_exceptions
#####################################################
#####################################################
### acl/30_exim4-config_check_mail
#####################################################
### acl/30_exim4-config_check_mail
#################################
#####################################################
### end acl/30_exim4-config_check_mail
#####################################################
#####################################################
### acl/30_exim4-config_check_rcpt
#####################################################
### acl/30_exim4-config_check_rcpt
#################################
# This access control list is used for every RCPT command in an incoming
# SMTP message. The tests are run in order until the address is either
# accepted or denied.
#
acl_smtp_mail:
accept
authenticated = *
deny condition = ${if eq{$sender_helo_name}{} {1}}
message = Nice boys say HELO first
warn condition = ${if eq{$sender_host_name}{} {1}}
set acl_m_greylistreasons = Host $sender_host_address lacks reverse DNS\n$acl_m_greylistreasons
drop
condition = ${if eq{${lc:$sender_helo_name}}{${lc:$primary_hostname}}{${if def:interface_address {${if match_ip{$interface_address}{+loopback}{0}{1}}}{0}}}{0}}
message = "REJECTED - Bad HELO - Host impersonating [$sender_helo_name]"
drop
condition = ${if eq{[$interface_address]}{$sender_helo_name}}
message = "REJECTED - Interface: $interface_address is _my_ address"
# END INSERT requirehelonoforge
# BEGIN INSERT requirehelosyntax
drop
condition = ${if isip{$sender_helo_name}}
message = Access denied - Invalid HELO name (See RFC2821 4.1.3)
drop
# Required because "[IPv6:<address>]" will have no .s
condition = ${if match{$sender_helo_name}{\N^\[\N}{no}{yes}}
condition = ${if match{$sender_helo_name}{\N\.\N}{no}{yes}}
message = Access denied - Invalid HELO name (See RFC2821 4.1.1.1)
drop
condition = ${if match{$sender_helo_name}{\N\.$\N}}
message = Access denied - Invalid HELO name (See RFC2821 4.1.1.1)
drop
condition = ${if match{$sender_helo_name}{\N\.\.\N}}
message = Access denied - Invalid HELO name (See RFC2821 4.1.1.1)
accept
acl_smtp_mailauth:
accept
acl_smtp_mime:
# File extension filtering.
deny message = Blacklisted file extension detected
condition = ${if match \
{${lc:$mime_filename}} \
{\N(\.exe|\.pif|\.bat|\.scr|\.lnk|\.com)$\N} \
{1}{0}}
accept
acl_smtp_notquit:
accept authenticated = *
accept hosts = : +loopback
warn
#only rate limit port 25
condition = ${if eq {$received_port}{25}{yes}{no}}
condition = ${if match {$smtp_notquit_reason}{command}{yes}{no}}
log_message = "Connection Ratelimit - $sender_fullhost because of notquit: $smtp_notquit_reason ($sender_rate/$sender_rate_period max:$sender_rate_limit)"
ratelimit = 1.2 / 1h / strict / per_conn
accept
acl_smtp_predata:
accept
acl_smtp_quit:
warn
log_message = "Detected session with all messages failed"
condition = ${if >= {${eval:$rcpt_count}}{1}{${if == {${eval:$rcpt_fail_count}}{${eval:$rcpt_count}}{yes}{no}}}{no}}
set acl_m6 = 1
warn
condition = ${if eq {${acl_m6}}{1}{1}{0}}
ratelimit = 0 / 1h / strict / per_conn / slow_fail_block_$sender_host_address
log_message = "Increment slow_fail_block Ratelimit - $sender_fullhost because of all messages failed"
warn
ratelimit = 1 / 1h / noupdate / per_conn / slow_fail_block_$sender_host_address
condition = ${if >= {${eval:$rcpt_count}}{1}{${if < {${eval:$rcpt_fail_count}}{${eval:$rcpt_count}}{yes}{no}}}{no}}
set acl_m5 = 1
log_message = "Detected session with ok message that previous had all failed"
warn
condition = ${if eq {${acl_m5}}{1}{1}{0}}
ratelimit = 0 / 1h / strict / per_conn / slow_fail_accept_$sender_host_address
log_message = "Decrement slow_fail_lock Ratelimit - $sender_fullhost because one message was successful"
accept
accept
#####################################################
### end acl/30_exim4-config_check_mail
#####################################################
#####################################################
### acl/30_exim4-config_check_rcpt
#####################################################
### acl/30_exim4-config_check_rcpt
#################################
# This access control list is used for every RCPT command in an incoming
# SMTP message. The tests are run in order until the address is either
# accepted or denied.
#
acl_smtp_rcpt:
# Accept if the source is local SMTP (i.e. not over TCP/IP). We do this by
# testing for an empty sending host field.
accept
hosts = :
control = dkim_disable_verify
deny
message = YOUR DOMAIN IS BLOCKED.
log_message = Sender domain is banned
sender_domains = !+local_domains : +blocked_domains
# The following section of the ACL is concerned with local parts that contain
# certain non-alphanumeric characters. Dots in unusual places are
# handled by this ACL as well.
#
# Non-alphanumeric characters other than dots are rarely found in genuine
# local parts, but are often tried by people looking to circumvent
# relaying restrictions. Therefore, although they are valid in local
# parts, these rules disallow certain non-alphanumeric characters, as
# a precaution.
#
# Empty components (two dots in a row) are not valid in RFC 2822, but Exim
# allows them because they have been encountered. (Consider local parts
# constructed as "firstinitial.secondinitial.familyname" when applied to
# a name without a second initial.) However, a local part starting
# with a dot or containing /../ can cause trouble if it is used as part of a
# file name (e.g. for a mailing list). This is also true for local parts that
# contain slashes. A pipe symbol can also be troublesome if the local part is
# incorporated unthinkingly into a shell command line.
#
# These ACL components will block recipient addresses that are valid
# from an RFC2822 point of view. We chose to have them blocked by
# default for security reasons.
#
# If you feel that your site should have less strict recipient
# checking, please feel free to change the default values of the macros
# defined in main/01_exim4-config_listmacrosdefs or override them from a
# local configuration file.
#
# Two different rules are used. The first one has a quite strict
# default, and is applied to messages that are addressed to one of the
# local domains handled by this host.
# The default value of CHECK_RCPT_LOCAL_LOCALPARTS is defined in
# main/01_exim4-config_listmacrosdefs:
# CHECK_RCPT_LOCAL_LOCALPARTS = ^[.] : ^.*[@%!/|`#&?]
# This blocks local parts that begin with a dot or contain a quite
# broad range of non-alphanumeric characters.
# The second rule applies to all other domains, and its default is
# considerably less strict.
# The default value of CHECK_RCPT_REMOTE_LOCALPARTS is defined in
# main/01_exim4-config_listmacrosdefs:
# CHECK_RCPT_REMOTE_LOCALPARTS = ^[./|] : ^.*[@%!`#&?] : ^.*/\\.\\./
# It allows local users to send outgoing messages to sites
# that use slashes and vertical bars in their local parts. It blocks
# local parts that begin with a dot, slash, or vertical bar, but allows
# these characters within the local part. However, the sequence /../ is
# barred. The use of some other non-alphanumeric characters is blocked.
# Single quotes might probably be dangerous as well, but they're
# allowed by the default regexps to avoid rejecting mails to Ireland.
# The motivation here is to prevent local users (or local users' malware)
# from mounting certain kinds of attack on remote sites
# Deny unless the sender address can be verified.
#
# This is disabled by default so that DNSless systems don't break. If
# your system can do DNS lookups without delay or cost, you might want
# to enable this feature.
#
# This feature does not work in smarthost and satellite setups as
# with these setups all domains pass verification. See spec.txt chapter
# 39.31 with the added information that a smarthost/satellite setup
# routes all non-local e-mail to the smarthost.
# Verify senders listed in local_sender_callout with a callout.
#
# In smarthost and satellite setups, this causes the callout to be
# done to the smarthost. Verification will thus only be reliable if the
# smarthost does reject illegal addresses in the SMTP dialog.
deny
!acl = acl_local_deny_exceptions
senders = ${if exists{CONFDIR/local_sender_callout}\
{CONFDIR/local_sender_callout}\
{}}
!verify = sender/callout
# Accept if the message comes from one of the hosts for which we are an
# outgoing relay. It is assumed that such hosts are most likely to be MUAs,
# so we set control=submission to make Exim treat the message as a
# submission. It will fix up various errors in the message, for example, the
# lack of a Date: header line. If you are actually relaying out out from
# MTAs, you may want to disable this. If you are handling both relaying from
# MTAs and submissions from MUAs you should probably split them into two
# lists, and handle them differently.
# Recipient verification is omitted here, because in many cases the clients
# are dumb MUAs that don't cope well with SMTP error responses. If you are
# actually relaying out from MTAs, you should probably add recipient
# verification here.
# Note that, by putting this test before any DNS black list checks, you will
# always accept from these hosts, even if they end up on a black list. The
# assumption is that they are your friends, and if they get onto black
# list, it is a mistake.
# Accept if the message arrived over an authenticated connection, from
# any host. Again, these messages are usually from MUAs, so recipient
# verification is omitted, and submission mode is set. And again, we do this
# check before any black list tests.
accept
authenticated = *
control = submission/sender_retain
control = dkim_disable_verify
# Insist that any other recipient address that we accept is either in one of
# our local domains, or is in a domain for which we explicitly allow
# relaying. Any other domain is rejected as being unacceptable for relaying.
# We also require all accepted addresses to be verifiable. This check will
# do local part verification for local domains, but only check the domain
# for remote domains.
require
verify = recipient
# Verify recipients listed in local_rcpt_callout with a callout.
# This is especially handy for forwarding MX hosts (secondary MX or
# mail hubs) of domains that receive a lot of spam to non-existent
# addresses. The only way to check local parts for remote relay
# domains is to use a callout (add /callout), but please read the
# documentation about callouts before doing this.
deny
!acl = acl_local_deny_exceptions
recipients = ${if exists{CONFDIR/local_rcpt_callout}\
{CONFDIR/local_rcpt_callout}\
{}}
!verify = recipient/callout
# CONFDIR/local_sender_blacklist holds a list of envelope senders that
# should have their access denied to the local host. Incoming messages
# with one of these senders are rejected at RCPT time.
#
# The explicit white lists are honored as well as negative items in
# the black list. See exim4-config_files(5) for details.
deny
message = sender envelope address $sender_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
!acl = acl_local_deny_exceptions
senders = ${if exists{CONFDIR/local_sender_blacklist}\
{CONFDIR/local_sender_blacklist}\
{}}
# deny bad sites (IP address)
# CONFDIR/local_host_blacklist holds a list of host names, IP addresses
# and networks (CIDR notation) that should have their access denied to
# The local host. Messages coming in from a listed host will have all
# RCPT statements rejected.
#
# The explicit white lists are honored as well as negative items in
# the black list. See exim4-config_files(5) for details.
deny
message = sender IP address $sender_host_address is locally blacklisted here. If you think this is wrong, get in touch with postmaster
!acl = acl_local_deny_exceptions
hosts = ${if exists{CONFDIR/local_host_blacklist}\
{CONFDIR/local_host_blacklist}\
{}}
#############################################################################
# This check is commented out because it is recognized that not every
# sysadmin will want to do it. If you enable it, the check performs
# Client SMTP Authorization (csa) checks on the sending host. These checks
# do DNS lookups for SRV records. The CSA proposal is currently (May 2005)
# an Internet draft. You can, of course, add additional conditions to this
# ACL statement to restrict the CSA checks to certain hosts only.
#
# require verify = csa
#############################################################################
# Accept if the address is in a domain for which we are an incoming relay,
# but again, only if the recipient can be verified.
# implemented for "suspend incoming/outgoing email" feature for user
deny
condition = ${lookup{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}lsearch{/etc/user_suspended_list}{1}{0}}
message = USER_ON_BLACKLIST
log_message = USER_ON_BLACKLIST
# At this point, the address has passed all the checks that have been
# configured, so we accept it unconditionally.
accept hosts = :localhost : +loopback
control = dkim_disable_verify
deny message = Restricted characters in address
domains = +local_domains
local_parts = ^[.] : ^.*[@%!/|]
deny message = Restricted characters in address
domains = !+local_domains
local_parts = ^[./|] : ^.*[@%!] : ^.*/\\.\\./
accept local_parts = postmaster
domains = +local_domains
require verify = sender
accept authenticated = *
control = submission
control = dkim_disable_verify
# We also require all accepted addresses to be verifiable. This check will
# do local part verification for local domains, but only check the domain
# for remote domains. The only way to check local parts for the remote
# relay domains is to use a callout (add /callout), but please read the
# documentation about callouts before doing this.
require verify = recipient
# implemented for "suspend incoming email" feature
deny
domains = !$primary_hostname : +local_domains
condition = ${if exists {${extract{5}{:}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}}}}}{$value}}/etc/.${sg{$local_part}{\N[/+].*\N}{}}@${domain}.suspended_incoming}}
message = 525 5.7.13 Disabled recipient address
log_message = Mail to ${local_part}@${domain} has been suspended
# implemented for "suspend outgoing email" feature for domains and individual
#deny
# domains = ! +local_domains
# condition = ${perl{check_outgoing_mail_suspended}}
# message = ${perl{get_outgoing_mail_suspended_message}}
# log_message = ${perl{get_outgoing_mail_suspended_message}}
# implemented for "suspend incoming/outgoing email" feature for user
deny
condition = ${lookup{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}lsearch{/etc/user_suspended_list}{1}{0}}
message = USER_ON_BLACKLIST
log_message = USER_ON_BLACKLIST
accept
authenticated = *
condition = ${if eq{${lookup{$sender_address_domain}lsearch{/etc/userdomains}}}{$sender_address_local_part}}
endpass
verify = recipient
accept
authenticated = *
endpass
verify = recipient
drop
condition = ${if eq{$received_port}{587}{1}{0}}
message = SMTP AUTH is required for message submission on port 587
require
verify = recipient
accept
condition = ${extract{suspended}{$address_data}}
warn
log_message = "Detected Dictionary Attack (Let $rcpt_fail_count bad recipients though before engaging)"
condition = ${if > {${eval:$rcpt_fail_count}}{4}{yes}{no}}
set acl_m7 = 1
warn
condition = ${if eq {${acl_m7}}{1}{1}{0}}
ratelimit = 0 / 1h / strict / per_conn
log_message = "Increment Connection Ratelimit - $sender_fullhost because of Dictionary Attack"
drop
condition = ${if eq {${acl_m7}}{1}{1}{0}}
message = "Number of failed recipients exceeded. Come back in a few hours."
warn
domains = +local_domains
condition = ${if <= {$message_size}{1000K}}
condition = ${if !eq{${acl_m0}}{1}}
condition = ${if exists{/etc/global_spamassassin_enable}{1}{${if exists{${extract{5}{::}{${lookup passwd{${if eq{$domain}{$primary_hostname}{${sg{$local_part}{\N[/+].*\N}{}}}{${lookup{$domain}lsearch{/etc/userdomains}}}}}}}}/.spamassassindisable}{0}{1}}}}
set acl_m0 = 1
#
set acl_m1 = ${if eq{$domain}{$primary_hostname}{${sg{$local_part_data}{\N[/+].*\N}{}}}{${lookup{$domain}lsearch{/etc/userdomains}}}}
accept
acl_smtp_starttls:
accept
acl_smtp_vrfy:
accept
acl_smtp_dkim:
accept
begin authenticators
dovecot_plain:
driver = dovecot
public_name = PLAIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1
#server_condition = ${if and {{!match {$auth1}{\N[/]\N}}{eq{${if match {$auth1}{\N[+%:@]\N}{${lookup{${extract{2}{+%:@}{$auth1}}}lsearch{/etc/demodomains}{yes}}}{${lookup{$auth1}lsearch{/etc/demousers}{yes}}}}}{}}}{true}{false}}
#server_advertise_condition = ${if or {{def:tls_cipher}{match_ip{$sender_host_address}{+loopback}}}{1}{0}}
dovecot_login:
driver = dovecot
public_name = LOGIN
server_socket = /var/run/dovecot/auth-client
server_set_id = $auth1
#server_condition = ${if and {{!match {$auth1}{\N[/]\N}}{eq{${if match {$auth1}{\N[+%:@]\N}{${lookup{${extract{2}{+%:@}{$auth1}}}lsearch{/etc/demodomains}{yes}}}{${lookup{$auth1}lsearch{/etc/demousers}{yes}}}}}{}}}{true}{false}}
#server_advertise_condition = ${if or {{def:tls_cipher}{match_ip{$sender_host_address}{+loopback}}}{1}{0}}
cram_md5:
driver = cram_md5
public_name = CRAM-MD5
client_name = ${extract{1}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}
client_secret = ${extract{2}{:}{${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}}}
# this returns the matching line from passwd.client and doubles all ^
PASSWDLINE=${sg{\
${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$value}fail}\
}\
{\\N[\\^]\\N}\
{^^}\
}
plain:
driver = plaintext
public_name = PLAIN
client_send = "<; ^${extract{1}{:}{PASSWDLINE}}\
^${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
login:
driver = plaintext
public_name = LOGIN
# Return empty string if looking up $host in passwd-file yields a
# non-empty string; fail otherwise.
client_send = "<; ${if !eq{PASSWDLINE}{}\
{}fail}\
; ${extract{1}{::}{PASSWDLINE}}\
; ${sg{PASSWDLINE}{\\N([^:]+:)(.*)\\N}{\\$2}}"
######################################################################
# REWRITE CONFIGURATION #
######################################################################
# There are no rewriting specifications in this default configuration file.
begin rewrite
#####################################################
### end rewrite/00_exim4-config_header
#####################################################
#####################################################
### rewrite/31_exim4-config_rewriting
#####################################################
### rewrite/31_exim4-config_rewriting
#################################
#!!#######################################################!!#
#!!# Here follow routers created from the old routers, #!!#
#!!# for handling non-local domains. #!!#
#!!#######################################################!!#
begin routers
######################################################################
# ROUTERS CONFIGURATION #
# Specifies how remote addresses are handled #
######################################################################
# ORDER DOES MATTER #
# A remote address is passed to each in turn until it is accepted. #
######################################################################
# Remote addresses are those with a domain that does not match any item
# in the "local_domains" setting above.
# Check Demo user
democheck:
driver = redirect
require_files = "+/etc/demouids"
condition = ${if >= {$originator_uid}{100}{1}{0}}
condition = "${extract{size}{${stat:/etc/demouids}}}"
condition = "${if eq \
{${lookup \
{$originator_uid} \
lsearch{/etc/demouids} \
{$value} \
}} \
{} \
{false} \
{true} \
}"
allow_fail
data = :fail: demo accounts are not permitted to relay email
# check email count per hour domain or user || Check other stuff also (TODO E.G. SUSPEND DOMAIN, USER AND PERTICULAR EMAIL ACCOUNT)
check_mail_validity:
domains = ! +local_domains
condition = ${if eq {$authenticated_id}{root}{0}{1}}
ignore_target_hosts = +loopback
driver = redirect
allow_fail
#allow_filter
allow_defer
#reply_transport = address_reply
no_verify
user = "Debian-exim"
expn = false
condition = "${perl{check_mail_validity}}"
data = "${perl{check_mail_validity_results}}"
#
# Increments max emails per hour if needed (to do)
#
increment_email_per_hour_count:
domains = ! +local_domains
ignore_target_hosts = +loopback
condition = ${if eq {$authenticated_id}{root}{0}{1}}
driver = redirect
allow_fail
no_verify
one_time
expn = false
condition = "${perl{increment_email_per_hour_count_if}}"
data = ":unknown:"
manualmx:
driver = manualroute
domains = +manualmx_domains
transport = remote_smtp
route_data = ${lookup \
{$domain} \
lsearch{/etc/manualmx} \
}
autoreply_dkim_lookuphost:
driver = dnslookup
domains = ! +local_domains
condition = "${perl{sender_domain_can_dkim_sign}}"
condition = "${if \
or { \
{match{$h_precedence:}{auto}} \
{match{$h_x-precedence:}{auto}} \
} \
{1}{0} \
}"
#ignore verisign to prevent waste of bandwidth
ignore_target_hosts = +loopback
headers_add = "${perl{mailtrapheaders}}"
transport = dkim_remote_smtp
dkim_lookuphost:
driver = dnslookup
domains = ! +local_domains
condition = "${perl{sender_domain_can_dkim_sign}}"
#ignore verisign to prevent waste of bandwidth
ignore_target_hosts = +loopback
headers_add = "${perl{mailtrapheaders}}"
transport = dkim_remote_smtp
lookuphost:
driver = dnslookup
domains = ! +local_domains
#ignore verisign to prevent waste of bandwidth
ignore_target_hosts = +loopback
headers_add = "${perl{mailtrapheaders}}"
transport = remote_smtp
literal:
driver = ipliteral
domains = ! +local_domains
ignore_target_hosts = +loopback : 64.94.110.0/24
headers_add = "${perl{mailtrapheaders}}"
transport = remote_smtp
######################################################################
# DIRECTORS CONFIGURATION #
# Specifies how local addresses are handled #
######################################################################
# ORDER DOES MATTER #
# A local address is passed to each in turn until it is accepted. #
######################################################################
# filter on user level
user_filter:
driver = redirect
allow_filter
allow_fail
forbid_filter_run
forbid_filter_perl
forbid_filter_lookup
forbid_filter_readfile
forbid_filter_readsocket
no_check_local_user
domains = lsearch;/etc/userdomains
require_files = "${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/filter"
condition = "${extract \
{size} \
{${stat:${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/filter}} \
}"
file = ${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/filter
file_transport = address_file
directory_transport = address_directory
reply_transport = address_reply
router_home_directory = ${extract \
{5} \
{::} \
{${lookup passwd \
{${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}} \
{$value} \
}} \
}
user = "${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}"
group = "${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}"
no_verify
# A filter on Domain level
domain_filter:
driver = redirect
allow_filter
allow_fail
forbid_filter_run
forbid_filter_perl
forbid_filter_lookup
forbid_filter_readfile
forbid_filter_readsocket
no_check_local_user
domains = lsearch;/etc/userdomains
require_files = "${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/filter"
condition = "${extract \
{size} \
{${stat:${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/filter}} \
}"
file = ${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/filter
file_transport = address_file
directory_transport = address_directory
reply_transport = address_reply
router_home_directory = ${extract \
{5} \
{::} \
{${lookup passwd \
{${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}} \
{$value} \
}} \
}
user = "${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}"
group = "${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}"
no_verify
# A filter on Email level
email_filter:
driver = redirect
allow_filter
allow_fail
forbid_filter_run
forbid_filter_perl
forbid_filter_lookup
forbid_filter_readfile
forbid_filter_readsocket
no_check_local_user
domains = lsearch;/etc/userdomains
require_files = "${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/${local_part}/filter"
condition = "${extract \
{size} \
{${stat:${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/${local_part}/filter}} \
}"
file = ${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/${local_part}/filter
file_transport = address_file
directory_transport = address_directory
reply_transport = address_reply
router_home_directory = ${extract \
{5} \
{::} \
{${lookup passwd \
{${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}} \
{$value} \
}} \
}
user = "${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}"
group = "${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}"
local_part_suffix = +*
local_part_suffix_optional
retry_use_local_part
no_verify
#autoreply exists
#both passwd and forwarders do not have local_part.
userautoreply:
driver = accept
domains = lsearch;/etc/userdomains
router_home_directory = ${extract \
{5} \
{::} \
{${lookup passwd \
{${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}} \
{$value} \
}} \
}
user = "${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}"
group = "${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}"
#local_parts = ${lookup{$local_part} dsearch,ret=full{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${domain}/autorespond/}}
condition = ${if exists{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/autorespond/${local_part}/${local_part}@${perl{untaint}{$domain}}.msg}{yes}{no}}
condition = ${if match{$h_X-Spam-Status:}{\N^Yes\N}{no}{yes}}
require_files = ${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/autorespond/${local_part}/${local_part}@${perl{untaint}{$domain}}.msg
condition = ${if exists{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/passwd}}
condition = ${lookup{$local_part}lsearch{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/passwd}{yes}{no}}
address_data = \
"subj=${quote:${readfile{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/autorespond/${local_part}/${local_part}@${perl{untaint}{$domain}}.subj}{}}} \
msg=${quote:${readfile{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/autorespond/${local_part}/${local_part}@${perl{untaint}{$domain}}.msg}{}}}"
# do not reply to errors and bounces or lists
senders = " ! ^.*-request@.*:\
! ^owner-.*@.*:\
! ^postmaster@.*:\
! ^listmaster@.*:\
! ^mailer-daemon@.*\
! ^root@.*"
transport = userautoreply
unseen
virtual_aliases:
driver = redirect
allow_defer
allow_fail
domains = lsearch;/etc/userdomains
user = "${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}"
group = "${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}"
address_data = \
"router=$router_name \
redirect=${quote:${lookup \
{$local_part} \
lsearch{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/aliases} \
}}"
data = ${extract{redirect}{$address_data}}
file_transport = address_file
router_home_directory = ${extract \
{5} \
{::} \
{${lookup passwd \
{${lookup \
{$domain_data} \
lsearch{/etc/userdomains} \
{$value} \
}} \
{$value} \
}} \
}
local_part_suffix = +*
local_part_suffix_optional
retry_use_local_part
unseen
virtual_user_overquota:
driver = redirect
domains = ${lookup{$domain}lsearch{/etc/userdomains}{${perl{untaint}{$domain}}}}
require_files = "+$home/etc/$domain"
user = "${lookup{$domain}lsearch{/etc/userdomains}{$value}}"
group = "${lookup{$domain}lsearch{/etc/userdomains}{$value}}"
router_home_directory = ${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}
# NB: On busy servers Dovecot may take several seconds to respond to
# this request. So we set the timeout generously:
condition = "${if match {${readsocket{/var/run/dovecot/quota-status}{request=smtpd_access_policy\nrecipient=${quote:$local_part}@${quote:$domain_data}\nsize=$message_size\n\n}{30s}{\n}{SOCKETFAIL}}}{action=5}{true}{false}}"
data = ":fail:Mailbox is full / Blocks limit exceeded / Inode limit exceeded"
verify_only
allow_fail
#
# Virtual User Spam Boxes
#
virtual_user_spam:
driver = redirect
local_parts = +path_safe_localparts
domains = \
: ${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{${perl{untaint}{$domain}}} \
}
condition = ${if match{$h_x-spam-status:}{\N^Yes\N}{true}{false}}
require_files = \
"+${extract \
{5} \
{::} \
{${lookup passwd \
{${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}} \
{$value} \
}} \
}/.spamassassinenable: \
+${extract \
{5} \
{::} \
{${lookup passwd \
{${lookup \
{$domain_data} \
lsearch{/etc/userdomains} \
{$value} \
}} \
{$value} \
}} \
}/mail/$domain/$local_part"
router_home_directory = ${extract \
{5} \
{::} \
{${lookup passwd \
{${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}} \
{$value} \
}} \
}
headers_remove="x-uidl"
data = "${quote_local_part:$local_part}+spam@${domain}"
redirect_router = virtual_user
virtual_user:
driver = accept
domains = \
: ${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{${perl{untaint}{$domain}}} \
}
local_parts = +path_safe_localparts
require_files = "+${extract \
{5} \
{::} \
{${lookup passwd \
{${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}} \
{$value} \
}} \
}/mail/$domain/$local_part"
router_home_directory = ${extract \
{5} \
{::} \
{${lookup passwd \
{${lookup \
{$domain} \
lsearch{/etc/userdomains} \
{$value} \
}} \
{$value} \
}} \
}
headers_remove="x-uidl"
local_part_suffix = +*
local_part_suffix_optional
user = "${lookup{$domain}lsearch{/etc/userdomains}{$value}}"
group = "${lookup{$domain}lsearch{/etc/userdomains}{$value}}"
transport = dovecot_virtual_delivery
# TODO
valias_domain_file:
driver = redirect
allow_defer
allow_fail
domains = lsearch;/etc/userdomains
user = "${lookup{$domain}lsearch{/etc/userdomains}{$value}}"
group = "${lookup{$domain}lsearch{/etc/userdomains}{$value}}"
condition = ${if exists{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/$domain/domaliases}\
{yes}\
{no}}
condition = ${lookup {$domain} lsearch {${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/$domain/domaliases}{yes}{no} }
address_data = router=$router_name redirect=${quote:${quote_local_part:$local_part}@${lookup{$domain}lsearch{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/$domain/domaliases}}}
data = ${extract{redirect}{$address_data}}
local_aliases:
driver = redirect
require_files = /etc/localaliases
allow_defer
allow_fail
domains = $primary_hostname : localhost
address_data = \
"router=$router_name \
redirect=${quote: \
${lookup \
{$local_part} \
lsearch{/etc/localaliases} \
}}"
data = ${extract{redirect}{$address_data}}
file_transport = address_file
pipe_transport = address_pipe
check_local_user
userforward:
driver = redirect
allow_filter
allow_fail
forbid_filter_run
forbid_filter_perl
forbid_filter_lookup
forbid_filter_readfile
forbid_filter_readsocket
check_ancestor
check_local_user
domains = $primary_hostname
no_expn
require_files = "+$home/.forward"
condition = "${extract{size}{${stat:$home/.forward}}}"
file = $home/.forward
file_transport = address_file
reply_transport = address_reply
directory_transport = address_directory
user = $local_part_data
group = $local_part_data
no_verify
localuser_root:
driver = redirect
allow_fail
domains = $primary_hostname : localhost
check_local_user
condition = ${if eq {$local_part_data}{root}}
data = :fail: root cannot accept local mail deliveries
localuser_overquota:
driver = redirect
domains = $primary_hostname
check_local_user
# NB: On busy servers Dovecot may take several seconds to respond to
# this request. So we set the timeout generously:
condition = "${if match {${readsocket{/var/run/dovecot/quota-status}{request=smtpd_access_policy\nrecipient=${quote:$local_part}\nsize=$message_size\n\n}{30s}{\n}{SOCKETFAIL}}}{action=5}{true}{false}}"
data = ":fail:Mailbox is full / Blocks limit exceeded / Inode limit exceeded"
verify_only
allow_fail
#
# Optimized spambox router
#
localuser_spam:
driver = redirect
domains = $primary_hostname
require_files = "+$home/.spamassassinenable"
condition = ${if match{$h_x-spam-status:}{\N^Yes\N}{true}{false}}
# sets home,user,group
check_local_user
headers_remove="x-uidl"
data = "${quote_local_part:$local_part_data}+spam"
redirect_router = localuser
localuser:
driver = accept
# sets home,user,group
check_local_user
domains = $primary_hostname
headers_remove="x-uidl"
local_part_suffix = +*
local_part_suffix_optional
user = $local_part_data
group = $local_part_data
transport = dovecot_delivery
#To catch all the failed mail
catchall:
driver = redirect
domains = lsearch;/etc/userdomains
address_data = \
"router=$router_name \
redirect=${quote:${lookup \
{*} \
lsearch{${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/etc/${perl{untaint}{$domain}}/aliases} \
}}"
data = ${extract{redirect}{$address_data}}
allow_fail
dnslookup:
driver = dnslookup
domains = ! +local_domains
transport = remote_smtp
ignore_target_hosts = 0.0.0.0 : 127.0.0.0/8
no_more
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################
# This transport is used for delivering messages over SMTP connections.
begin transports
remote_smtp:
driver = smtp
dkim_domain = ${lc:${domain:$h_from:}}
debug_print = "T: remote_smtp for $local_part@$domain"
dkim_selector = x
dkim_private_key = /var/webuzo-data/mail/dkim/private/${perl{untaint}{${dkim_domain}}}
dkim_canon = relaxed
remote_smtp_old:
driver = smtp
#interface = <; ${if > {${extract{size}{${stat:/etc/mailips}}}}{0}{${lookup{${lc:${perl{get_message_sender_domain}}}}lsearch{/etc/mailips}{$value}{${lookup{${if match_domain{$original_domain}{+relay_domains}{${lc:$original_domain}}{}}}lsearch{/etc/mailips}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailips}{$value}{}}}}}}}}
#helo_data = ${if > {${extract{size}{${stat:/etc/mailhelo}}}}{0}{${lookup{${lc:${perl{get_message_sender_domain}}}}lsearch{/etc/mailhelo}{$value}{${lookup{${if match_domain{$original_domain}{+relay_domains}{${lc:$original_domain}}{}}}lsearch{/etc/mailhelo}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}}}}}{$primary_hostname}}
#hosts_try_chunking = 198.51.100.1
helo_data = ${lookup dnsdb{ptr=$sending_ip_address}{$value}{$primary_hostname}}
dkim_domain = ${lc:${domain:$h_from:}}
dkim_remote_smtp:
driver = smtp
interface = <; ${if > {${extract{size}{${stat:/etc/mailips}}}}{0}{${lookup{${lc:${perl{get_message_sender_domain}}}}lsearch{/etc/mailips}{$value}{${lookup{${if match_domain{$original_domain}{+relay_domains}{${lc:$original_domain}}{}}}lsearch{/etc/mailips}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailips}{$value}{}}}}}}}}
#helo_data = ${if > {${extract{size}{${stat:/etc/mailhelo}}}}{0}{${lookup{${lc:${perl{get_message_sender_domain}}}}lsearch{/etc/mailhelo}{$value}{${lookup{${if match_domain{$original_domain}{+relay_domains}{${lc:$original_domain}}{}}}lsearch{/etc/mailhelo}{$value}{${lookup{${perl{get_sender_from_uid}}}lsearch*{/etc/mailhelo}{$value}{$primary_hostname}}}}}}}{$primary_hostname}}
dkim_domain = ${lc:${domain:$h_from:}}
dkim_selector = x
dkim_private_key = "/var/webuzo-data/mail/dkim/private/${perl{untaint}{${dkim_domain}}}"
dkim_canon = relaxed
helo_data = ${lookup dnsdb{ptr=$sending_ip_address}{$value}{$primary_hostname}}
#hosts_try_chunking = 198.51.100.1
address_directory:
driver = pipe
command = /usr/libexec/dovecot/dovecot-lda -f $sender_address -d ${perl{convert_address_directory_to_dovecot_lda_destination_username}} -m ${perl{convert_address_directory_to_dovecot_lda_mailbox}}
message_prefix =
message_suffix =
log_output
delivery_date_add
envelope_to_add
return_path_add
temp_errors = 64 : 69 : 70: 71 : 72 : 73 : 74 : 75 : 78
address_pipe:
debug_print = "T: address_pipe for $local_part@$domain"
driver = pipe
return_output
virtual_address_pipe:
driver = pipe
return_output
address_file:
debug_print = "T: address_file for $local_part@$domain"
driver = pipe
command = /usr/lib/dovecot/dovecot-lda -e -f $sender_address -d ${perl{convert_address_directory_to_dovecot_lda_destination_username}} -m ${perl{convert_address_directory_to_dovecot_lda_mailbox}}
message_prefix =
message_suffix =
log_output
delivery_date_add
envelope_to_add
return_path_add
temp_errors = 64 : 69 : 70: 71 : 72 : 73 : 74 : 75 : 78
dovecot_delivery:
driver = lmtp
socket = /var/run/dovecot/lmtp
batch_max = 200
batch_id = "$r_webuzo_u ${if def:r_bcc_addr {$r_bcc_addr}}"
rcpt_include_affixes
delivery_date_add
envelope_to_add
return_path_add
vmail_delivery:
driver = lmtp
user = "${lookup{$domain_data}lsearch{/etc/userdomains}{$value}}"
group = "${lookup{$domain_data}lsearch{/etc/userdomains}{$value}}"
socket = /var/run/dovecot/lmtp
batch_max = 200
batch_id = "$r_webuzo_u ${if def:r_bcc_addr {$r_bcc_addr}}"
rcpt_include_affixes
delivery_date_add
envelope_to_add
return_path_add
dovecot_virtual_delivery:
driver = appendfile
delivery_date_add
#directory_mode = 770
envelope_to_add
#router_home_directory = ${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}
directory = $home/mail/${lookup{$domain}dsearch{$home/mail/}}/${lookup{$local_part}dsearch{$home/mail/${lookup{$domain}dsearch{$home/mail/}}/}}
#file = ${extract{5}{::}{${lookup passwd{${lookup{$domain}lsearch{/etc/userdomains}{$value}}}{$value}}}}/mail/$domain/$local_part
maildir_format
create_directory = true
group = ${lookup{$domain}lsearch{/etc/userdomains}{$value}}
mode = 0660
return_path_add
user = ${lookup{$domain}lsearch{/etc/userdomains}{$value}}
quota = ${if exists{$home/etc/${perl{untaint}{$domain}}/quota}{${lookup{${local_part}}lsearch{$home/etc/${perl{untaint}{$domain}}/quota}{$value}{0}}}{0}}
address_reply:
debug_print = "T: autoreply for $local_part@$domain"
driver = autoreply
#COMMENT#59:
userautoreply:
driver = autoreply
text = ${extract{msg}{$address_data}}
from = "${local_part}@${domain}"
no_return_message
subject = ${extract{subj}{$address_data}}
to = "${sender_address}"
reply_to = "${local_part}@${domain}"
headers = Content-Type: text/plain; charset=utf-8;\nContent-Transfer-Encoding: 8bit
#####################################################
### end transport/10_exim4-config_transport-macros
#####################################################
#####################################################
### transport/30_exim4-config_address_file
#####################################################
# This transport is used for handling deliveries directly to files that are
# generated by aliasing or forwarding.
#
#####################################################
### end transport/30_exim4-config_address_file
#####################################################
#####################################################
### transport/30_exim4-config_address_pipe
#####################################################
# This transport is used for handling pipe deliveries generated by
# .forward files. If the commands fails and produces any output on standard
# output or standard error streams, the output is returned to the sender
# of the message as a delivery error.
#####################################################
### end transport/30_exim4-config_address_pipe
#####################################################
#####################################################
### transport/30_exim4-config_address_reply
#####################################################
# This transport is used for handling autoreplies generated by the filtering
# option of the userforward router.
#
#####################################################
### end transport/30_exim4-config_address_reply
#####################################################
#####################################################
### transport/30_exim4-config_mail_spool
#####################################################
### transport/30_exim4-config_mail_spool
# This transport is used for local delivery to user mailboxes in traditional
# BSD mailbox format.
#
mail_spool:
debug_print = "T: appendfile for $local_part@$domain"
driver = appendfile
file = /var/mail/$local_part
delivery_date_add
envelope_to_add
return_path_add
group = mail
mode = 0660
mode_fail_narrower = false
#####################################################
### end transport/30_exim4-config_mail_spool
#####################################################
#####################################################
### transport/30_exim4-config_maildir_home
#####################################################
### transport/30_exim4-config_maildir_home
#################################
# Use this instead of mail_spool if you want to to deliver to Maildir in
# home-directory - change the definition of LOCAL_DELIVERY
#
maildir_home:
debug_print = "T: maildir_home for $local_part@$domain"
driver = appendfile
directory = $home/mail/${domain}/${local_part}
create_directory
delivery_date_add
envelope_to_add
return_path_add
maildir_format
directory_mode = 0700
mode = 0600
mode_fail_narrower = false
# This transport always chdirs to $home before trying to deliver. If
# $home is not accessible, this chdir fails and prevents delivery.
# If you are in a setup where home directories might not be
# accessible, uncomment the current_directory line below.
# current_directory = /
#####################################################
### end transport/30_exim4-config_maildir_home
#####################################################
#####################################################
### transport/30_exim4-config_maildrop_pipe
#####################################################
maildrop_pipe:
debug_print = "T: maildrop_pipe for $local_part@$domain"
driver = pipe
path = "/bin:/usr/bin:/usr/local/bin"
command = "/usr/bin/maildrop"
return_path_add
delivery_date_add
envelope_to_add
#####################################################
### end transport/30_exim4-config_maildrop_pipe
#####################################################
#####################################################
### transport/30_exim4-config_procmail_pipe
#####################################################
procmail_pipe:
debug_print = "T: procmail_pipe for $local_part@$domain"
driver = pipe
path = "/bin:/usr/bin:/usr/local/bin"
command = "/usr/bin/procmail"
return_path_add
delivery_date_add
envelope_to_add
#####################################################
### end transport/30_exim4-config_procmail_pipe
#####################################################
#####################################################
### transport/30_exim4-config_remote_smtp
#####################################################
### transport/30_exim4-config_remote_smtp
#################################
# This transport is used for delivering messages over SMTP connections.
#####################################################
### end transport/30_exim4-config_remote_smtp
#####################################################
#####################################################
### transport/30_exim4-config_remote_smtp_smarthost
#####################################################
### transport/30_exim4-config_remote_smtp_smarthost
#################################
# This transport is used for delivering messages over SMTP connections
# to a smarthost. The local host tries to authenticate.
# This transport is used for smarthost and satellite configurations.
remote_smtp_smarthost:
debug_print = "T: remote_smtp_smarthost for $local_part@$domain"
driver = smtp
hosts_try_auth = <; ${if exists{CONFDIR/passwd.client} \
{\
${lookup{$host}nwildlsearch{CONFDIR/passwd.client}{$host_address}}\
}\
{} \
}
######################################################################
# RETRY CONFIGURATION #
######################################################################
# Domain Error Retries
# ------ ----- -------
begin retry
* * F,2h,15m; G,16h,1h,1.5; F,4d,6h
# End of Exim 4 configuration